mod_ssl: Set an error note for requests rejected due to
SSLStrictSNIVHostCheck
Submitted by: trawick
Reviewed by: minfrin, rjung
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1610327 13f79535-47bb-0310-9956-
ffa450edef68
Changes with Apache 2.4.10
+ *) mod_ssl: Set an error note for requests rejected due to
+ SSLStrictSNIVHostCheck. [Jeff Trawick]
+
*) mod_ssl: Fix issue with redirects to error documents when handling
SNI errors. [Jeff Trawick]
ylavic: does not depend on r1572092 or r1572655 and al above,
these proposals can be backported in any order.
- * mod_ssl: Set an error note for requests rejected due to
- SSLStrictSNIVHostCheck
- trunk patch: http://svn.apache.org/r1609936
- 2.4.x patch: Trunk patch works modulo CHANGES.
- +1: trawick, minfrin, rjung
-
* core: Include any error notes set by modules in the canned error
response for 403 errors.
trunk patch: http://svn.apache.org/r1609938
ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server, APLOGNO(02033)
"No hostname was provided via SNI for a name based"
" virtual host");
+ apr_table_setn(r->notes, "error-notes",
+ "Reason: The client software did not provide a "
+ "hostname using Server Name Indication (SNI), "
+ "which is required to access this server.<br />\n");
return HTTP_FORBIDDEN;
}
}
projects / apache / commitdiff