Mercurial > hg > nginx-quic
annotate src/core/ngx_murmurhash.c @ 5094:e0a3714a36f8
SNI: reset to default server if requested host was not found.
Not only this is consistent with a case without SNI, but this also
prevents abusing configurations that assume that the $host variable
is limited to one of the configured names for a server.
An example of potentially unsafe configuration:
server {
listen 443 ssl default_server;
...
}
server {
listen 443;
server_name example.com;
location / {
proxy_pass http://$host;
}
}
Note: it is possible to negotiate "example.com" by SNI, and to request
arbitrary host name that does not exist in the configuration above.
author | Valentin Bartenev <vbart@nginx.com> |
---|---|
date | Wed, 27 Feb 2013 17:38:54 +0000 |
parents | 203eb026ec07 |
children | f38647c651a8 |
rev | line source |
---|---|
3891 | 1 |
2 /* | |
3 * Copyright (C) Austin Appleby | |
4 */ | |
5 | |
6 | |
7 #include <ngx_config.h> | |
8 #include <ngx_core.h> | |
9 | |
10 | |
11 uint32_t | |
12 ngx_murmur_hash2(u_char *data, size_t len) | |
13 { | |
14 uint32_t h, k; | |
15 | |
16 h = 0 ^ len; | |
17 | |
18 while (len >= 4) { | |
19 k = data[0]; | |
20 k |= data[1] << 8; | |
21 k |= data[2] << 16; | |
22 k |= data[3] << 24; | |
23 | |
24 k *= 0x5bd1e995; | |
25 k ^= k >> 24; | |
26 k *= 0x5bd1e995; | |
27 | |
28 h *= 0x5bd1e995; | |
29 h ^= k; | |
30 | |
31 data += 4; | |
32 len -= 4; | |
33 } | |
34 | |
35 switch (len) { | |
36 case 3: | |
37 h ^= data[2] << 16; | |
38 case 2: | |
39 h ^= data[1] << 8; | |
40 case 1: | |
41 h ^= data[0]; | |
42 h *= 0x5bd1e995; | |
43 } | |
44 | |
45 h ^= h >> 13; | |
46 h *= 0x5bd1e995; | |
47 h ^= h >> 15; | |
48 | |
49 return h; | |
50 } |