Article delegate-en/4684 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
[Reference:<_A4683@delegate-en.ML_>]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: Bad Request with SNI
02 Dec 2009 08:18:35 GMT feedback@delegate.org (Yutaka Sato)
The DeleGate Project


Bernhard,

In message <004801ca7326$e2bc6770$a8353650$@rauh@genia-sec.de> on 12/02/09(17:10:17)
you "Bernhard Rauh" <pjejabdyi-hugik5xgznxr.ml@ml.delegate.org> wrote:
 |below the logfile from the test with the parameter TLSCONF=-vd.
 |At the client-browser the message "Bad Request - Your browser sent a request
 |that this server could not understand." will be shown.

 |12/02 09:24:33.21 [2661] 1+1: ## SSLway -- TLSxSNI: send 192.168.1.222
...
 |12/02 09:24:33.48 [2661] 1+1: HTTP error request: GET / HTTP/1.0^M
 |12/02 09:24:33.48 [2661] 1+1: HTTP error status: 400 Bad Request

Did you applied the patch?
And what you will get if without the SSLTUNNEL=... option?

 |*** dist/src/delegate9.9.6/filters/sslway.c	Tue Nov 17 16:28:00 2009
 |--- ./filters/sslway.c	Wed Dec  2 02:57:08 2009
 |***************
 |*** 1945,1951 ****
 |--- 1945,1956 ----
 |  }
 |  static void set_vhost(SSL *conSSL){
 |  	const char *vhost;
 |+ 	/*
 |  	if( vhost = getenv("SERVER_NAME") ){
 |+ 	*/
 |+ 	if( (vhost = getenv("SERVER_HOST")) /* destination host */
 |+ 	 || (vhost = getenv("SERVER_NAME")) /* incoming I.F. */
 |+ 	){
 |  		TRACE("-- TLSxSNI: send %s",vhost);
 |  		SSL_set_tlsext_host_name(conSSL,vhost);
 |  	}

Cheers,
Yutaka
--
  9 9   Yutaka Sato <y.sato@delegate.org> http://delegate.org/y.sato/
 ( ~ )  National Institute of Advanced Industrial Science and Technology
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller

  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V