From: Jeff Trawick <trawick@apache.org>
Date: Sat, 12 Jul 2014 17:49:50 +0000 (+0000)
Subject: merge r1608284 from trunk:
X-Git-Tag: 2.4.10~49
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=d24c4413e120ac4774f016988470dba3d689818c;p=apache

merge r1608284 from trunk:

The SNI callback already logs a debug message when the vhost
is found or no vhost matches.  Log one when no name is provided
by the client.

Submitted by: trawick
Reviewed by: covener, minfrin


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610010 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/STATUS b/STATUS
index 4d23edeeb6..f6293477e5 100644
--- a/STATUS
+++ b/STATUS
@@ -111,13 +111,6 @@ PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
      *) mod_dav: Fix improper encoding in PROPFIND responses.  PR 56480.
      +1: breser, ylavic, covener
 
-   * mod_ssl: The SNI callback already logs a debug message when the vhost
-     is found or no vhost matches.  Log one when no name is provided
-     by the client.
-     trunk patch: http://svn.apache.org/viewvc?view=revision&revision=1608284
-     2.4.x patch: Trunk patch works after "svn resolved docs/log-message-tags"
-     +1: trawick, covener, minfrin
-
 
 PATCHES PROPOSED TO BACKPORT FROM TRUNK:
   [ New proposals should be added at the end of the list ]
diff --git a/modules/ssl/ssl_engine_kernel.c b/modules/ssl/ssl_engine_kernel.c
index 9c18ca7061..1b83520f16 100644
--- a/modules/ssl/ssl_engine_kernel.c
+++ b/modules/ssl/ssl_engine_kernel.c
@@ -1922,10 +1922,10 @@ int ssl_callback_ServerNameIndication(SSL *ssl, int *al, modssl_ctx_t *mctx)
 {
     const char *servername =
                 SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name);
+    conn_rec *c = (conn_rec *)SSL_get_app_data(ssl);
 
-    if (servername) {
-        conn_rec *c = (conn_rec *)SSL_get_app_data(ssl);
-        if (c) {
+    if (c) {
+        if (servername) {
             if (ap_vhost_iterate_given_conn(c, ssl_find_vhost,
                                             (void *)servername)) {
                 ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, c, APLOGNO(02043)
@@ -1955,6 +1955,11 @@ int ssl_callback_ServerNameIndication(SSL *ssl, int *al, modssl_ctx_t *mctx)
                  */
             }
         }
+        else {
+            ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, c, APLOGNO(02645)
+                          "Server name not provided via TLS extension "
+                          "(using default/first virtual host)");
+        }
     }
 
     return SSL_TLSEXT_ERR_NOACK;