[Webkit-unassigned] [Bug 155378] Webkit sends malformed SNI host names
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sun Mar 13 20:52:35 PDT 2016
https://bugs.webkit.org/show_bug.cgi?id=155378
--- Comment #7 from Yst Dawson <bugs.webkit.org.+ at y.st> ---
To be honest, I thought that the host name mismatch was caused by the fact that the SNI host name doesn't correspond to any HTTP Host header, and therefor, did not "match" the sent HTTP Host header. However, a little digging showed me that (potentially because the SNI host name is malformed), the server is trying to match the SNI host name against something else. Perhaps a default virtual host or something? Apache would throw a 500 error for the trailing dot in any case.
However, the server no longer throws the error if you use <https://alice.sni.velox.ch./> as the URI instead. When using that URI, you can see this message:
Great! Your client [Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/538.1 (KHTML, like Gecko) Arora/0.11.0 Safari/538.1] sent the following TLS server name indication extension (RFC 6066) in its ClientHello (negotiated protocol: TLSv1.2, cipher suite: ECDHE-RSA-AES256-GCM-SHA384):
carol.sni.velox.ch.
As you can see, Webkit is sending an SNI host name that contains a trailing dot, which is disallowed by RFC 6066. When fixing this though, it is important to be sure that the HTTP Host still has the trailing dot if the URI does. The two won't be identical, but they also won't cause the server to throw an error.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20160314/9c9f67e7/attachment.html>
More information about the webkit-unassigned
mailing list