for clients requesting a hostname on a reused connection whose SNI (from the
TLS handshake) does not match.
PR 5802.
This allows HTTP/2 clients to fall back to a new connection as per:
https://tools.ietf.org/html/rfc7540#section-9.1.2
Proposed by: Stefan Eissing <stefan eissing.org>
Reviewed by: ylavic
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@
1685069 13f79535-47bb-0310-9956-
ffa450edef68
#define HTTP_RANGE_NOT_SATISFIABLE 416
#define HTTP_EXPECTATION_FAILED 417
#define HTTP_IM_A_TEAPOT 418
+#define HTTP_MISDIRECTED_REQUEST 421
#define HTTP_UNPROCESSABLE_ENTITY 422
#define HTTP_LOCKED 423
#define HTTP_FAILED_DEPENDENCY 424
"418 I'm A Teapot",
NULL, /* 419 */
NULL, /* 420 */
- NULL, /* 421 */
+ "421 Misdirected Request",
"422 Unprocessable Entity",
"423 Locked",
"424 Failed Dependency",
case HTTP_IM_A_TEAPOT:
return("<p>The resulting entity body MAY be short and\n"
"stout.</p>\n");
+ case HTTP_MISDIRECTED_REQUEST:
+ return("<p>The client needs a new connection for this\n"
+ "request as the requested host name does not match\n"
+ "the Server Name Indication (SNI) in use for this\n"
+ "connection.</p>\n");
default: /* HTTP_INTERNAL_SERVER_ERROR */
/*
* This comparison to expose error-notes could be modified to
ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server, APLOGNO(02032)
"Hostname %s provided via SNI and hostname %s provided"
" via HTTP are different", servername, host);
+ if (r->connection->keepalives > 0) {
+ return HTTP_MISDIRECTED_REQUEST;
+ }
return HTTP_BAD_REQUEST;
}
}
projects / apache / commitdiff