Changeset 8764d0d in mod_gnutls


Ignore:
Timestamp:
Sep 25, 2011, 11:41:30 PM (9 years ago)
Author:
Dash Shendy <neuromancer@…>
Branches:
debian/master, debian/stretch-backports, jessie-backports, master, msva, proxy-ticket, upstream
Children:
d7d39bb
Parents:
d2ee1a1
Message:

ServerAlias? Directive Fix

File:
1 edited

Legend:

Unmodified
Added
Removed

  • src/gnutls_hooks.c

    rd2ee1a1 r8764d0d  
    517517    mgs_srvconf_rec *tsc;
    518518    vhost_cb_rec *x = baton;
    519 
     519    apr_array_header_t *names;
     520    int i;
     521   
    520522    _gnutls_log(debug_log_fp, "%s: %d\n", __func__, __LINE__);
    521523    tsc = (mgs_srvconf_rec *) ap_get_module_config(s->module_config,
     
    525527        return 0;
    526528    }
    527 
    528     /* The CN can contain a * -- this will match those too. */
    529     if (ap_strcasecmp_match(x->sni_name, tsc->cert_cn) == 0) {
    530         /* found a match */
    531 #if MOD_GNUTLS_DEBUG
    532         ap_log_error(APLOG_MARK, APLOG_DEBUG, 0,
    533                 x->ctxt->c->base_server,
    534                 "GnuTLS: Virtual Host CB: "
    535                 "'%s' == '%s'", tsc->cert_cn, x->sni_name);
    536 #endif
    537         /* Because we actually change the server used here, we need to reset
    538          * things like ClientVerify.
    539          */
    540         x->sc = tsc;
    541         /* Shit. Crap. Dammit. We *really* should rehandshake here, as our
    542          * certificate structure *should* change when the server changes.
    543          * acccckkkkkk.
    544          */
    545         return 1;
    546     } else {
    547 #if MOD_GNUTLS_DEBUG
    548         ap_log_error(APLOG_MARK, APLOG_DEBUG, 0,
    549                 x->ctxt->c->base_server,
    550                 "GnuTLS: Virtual Host CB: "
    551                 "'%s' != '%s'", tsc->cert_cn, x->sni_name);
    552 #endif
    553 
    554     }
     529   
     530    /* Check ServerName First! */
     531    if(!apr_strnatcasecmp(x->sni_name, s->server_hostname)) {
     532            x->sc = tsc;return 1;
     533    } else if(s->names) {
     534    /* ServerAlias Directives */
     535            char **name = (char **)names->elts;           
     536            for (i = 0; i < names->nelts; ++i) {
     537                    if (!name[i]) { continue; }
     538                    if (!apr_strnatcasecmp(x->sni_name, name[i])) {
     539                        x->sc = tsc;return 1; }
     540            }       
     541    } else if(s->wild_names) {
     542    /* Wild ServerAlias Directives */
     543            char **name = (char **)wild_names->elts;
     544            for (i = 0; i < wild_names->nelts; ++i) {
     545                    if (!name[i]) { continue; }
     546                    if (!ap_strcasecmp_match(x->sni_name, name[i])) {
     547                        x->sc = tsc;return 1; }
     548            }           
     549    }
     550   
    555551    return 0;
    556552}
Note: See TracChangeset for help on using the changeset viewer.