From: Stefan Eissing <icing@apache.org>
Date: Tue, 2 May 2023 09:21:07 +0000 (+0000)
Subject: Backport of r1909558 from trunk:
X-Git-Tag: 2.4.58-rc1-candidate~146
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0495a95f511c0bc7f34dc1b706d6d8276865743b;p=thirdparty%2Fapache%2Fhttpd.git

Backport of r1909558 from trunk:

  *) mod_tls: updating to rustls-ffi version 0.9.2 or higher.
     Checking in configure for proper version installed. Code
     fixes for changed clienthello member name.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1909561 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/changes-entries/tls-rustls-update.txt b/changes-entries/tls-rustls-update.txt
new file mode 100644
index 00000000000..9008d9e0e11
--- /dev/null
+++ b/changes-entries/tls-rustls-update.txt
@@ -0,0 +1,4 @@
+  *) mod_tls: updating to rustls-ffi version 0.9.2 or higher.
+     Checking in configure for proper version installed. Code
+     fixes for changed clienthello member name.
+     [Stefan Eissing]
\ No newline at end of file
diff --git a/modules/tls/config2.m4 b/modules/tls/config2.m4
index af97178866b..8a32490cb60 100644
--- a/modules/tls/config2.m4
+++ b/modules/tls/config2.m4
@@ -109,9 +109,10 @@ AC_DEFUN([APACHE_CHECK_RUSTLS],[
       fi
     fi
 
-    AC_MSG_CHECKING([for rustls version >= 0.8.2])
+    AC_MSG_CHECKING([for rustls version >= 0.9.2])
     AC_TRY_COMPILE([#include <rustls.h>],[
 rustls_version();
+rustls_acceptor_new();
 ],
       [AC_MSG_RESULT(OK)
        ac_cv_rustls=yes],
diff --git a/modules/tls/tls_core.c b/modules/tls/tls_core.c
index 38c88730091..25479392f1a 100644
--- a/modules/tls/tls_core.c
+++ b/modules/tls/tls_core.c
@@ -507,8 +507,8 @@ static const rustls_certified_key *extract_client_hello_values(
     ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, c, "extract client hello values");
     if (!cc) goto cleanup;
     cc->client_hello_seen = 1;
-    if (hello->sni_name.len > 0) {
-        cc->sni_hostname = apr_pstrndup(c->pool, hello->sni_name.data, hello->sni_name.len);
+    if (hello->server_name.len > 0) {
+        cc->sni_hostname = apr_pstrndup(c->pool, hello->server_name.data, hello->server_name.len);
         ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, c, "sni detected: %s", cc->sni_hostname);
     }
     else {