]> git.ipfire.org Git - thirdparty/apache/httpd.git/commitdiff
projects / thirdparty / apache / httpd.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 824174a)
* modules/ssl/ssl_engine_kernel.c (ssl_check_vhost_sni_policy):
authorJoe Orton <jorton@apache.org>
Mon, 10 Nov 2025 15:30:46 +0000 (15:30 +0000)
committerJoe Orton <jorton@apache.org>
Mon, 10 Nov 2025 15:30:46 +0000 (15:30 +0000)
  Fix handling of STRICT mode.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1929631 13f79535-47bb-0310-9956-ffa450edef68

modules/ssl/ssl_engine_kernel.c patch | blob | blame | history

diff --git a/modules/ssl/ssl_engine_kernel.c b/modules/ssl/ssl_engine_kernel.c
index 1c11f7f759e57b2360ad15738028a2a0b421309a..8075f47e0349f3e08d9185e5dc78b03ec1a48f3b 100644 (file)
--- a/modules/ssl/ssl_engine_kernel.c
+++ b/modules/ssl/ssl_engine_kernel.c
@@ -119,8 +119,8 @@ static int ssl_check_vhost_sni_policy(SSLSrvConfigRec *sc1,
         return 1;
     
     /* Policy: strict => fail for any vhost transition. */
-    if (policy == MODSSL_SNIVH_STRICT && sc1 != sc2)
-        return 0;
+    if (policy == MODSSL_SNIVH_STRICT)
+        return sc1 == sc2;
 
     /* For authonly/secure policy, compare the hash. */
     AP_DEBUG_ASSERT(sc1->sni_policy_hash);
Mirror of https://github.com/apache/httpd.git