Mercurial > hg > nginx-quic
view auto/lib/perl/make @ 5094:e0a3714a36f8
SNI: reset to default server if requested host was not found.
Not only this is consistent with a case without SNI, but this also
prevents abusing configurations that assume that the $host variable
is limited to one of the configured names for a server.
An example of potentially unsafe configuration:
server {
listen 443 ssl default_server;
...
}
server {
listen 443;
server_name example.com;
location / {
proxy_pass http://$host;
}
}
Note: it is possible to negotiate "example.com" by SNI, and to request
arbitrary host name that does not exist in the configuration above.
| author | Valentin Bartenev <vbart@nginx.com> |
|---|---|
| date | Wed, 27 Feb 2013 17:38:54 +0000 |
| parents | 3099747ddbb5 |
| children | 6dd4875eb526 |
line wrap: on
line source
# Copyright (C) Igor Sysoev # Copyright (C) Nginx, Inc. cat << END >> $NGX_MAKEFILE $NGX_OBJS/src/http/modules/perl/blib/arch/auto/nginx/nginx.so: \ \$(CORE_DEPS) \$(HTTP_DEPS) \ src/http/modules/perl/nginx.pm \ src/http/modules/perl/nginx.xs \ src/http/modules/perl/ngx_http_perl_module.h \ $NGX_OBJS/src/http/modules/perl/Makefile cp src/http/modules/perl/nginx.* $NGX_OBJS/src/http/modules/perl/ cd $NGX_OBJS/src/http/modules/perl && \$(MAKE) rm -rf $NGX_OBJS/install_perl $NGX_OBJS/src/http/modules/perl/Makefile: \ src/http/modules/perl/Makefile.PL \ src/http/modules/perl/nginx.pm cp -p src/http/modules/perl/nginx.* $NGX_OBJS/src/http/modules/perl/ cp -p src/http/modules/perl/typemap $NGX_OBJS/src/http/modules/perl/ cp -p src/http/modules/perl/Makefile.PL $NGX_OBJS/src/http/modules/perl/ cd $NGX_OBJS/src/http/modules/perl \ && NGX_PM_CFLAGS="\$(NGX_PM_CFLAGS) -g $NGX_CC_OPT" \ NGX_INCS="$CORE_INCS $NGX_OBJS $HTTP_INCS" \ $NGX_PERL Makefile.PL \ LIB=$NGX_PERL_MODULES \ INSTALLSITEMAN3DIR=$NGX_PERL_MODULES_MAN END