Bug #675
closedDoesn't follow document-root when SSL enabled in condition
Description
simmel@fairu:~/src/lighttpd svn info
Path: .
URL: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-merge-1.4.x
Repository UUID: 152afb58-edef-0310-8abb-c4023f1b3aa9
Revision: 1127
Node Kind: directory
Schedule: normal
Last Changed Author: jan
Last Changed Rev: 1127
Last Changed Date: 2006-06-03 00:40:43 +0200 (Sat, 03 Jun 2006)
Properties Last Updated: 2006-04-26 09:02:07 +0200 (Wed, 26 Apr 2006)
server.document-root = "/home/simmel/html/"
$HTTPhost "gw.soy.se" {
$SERVERsocket ":443" {
ssl.engine = "enable"
ssl.pemfile = "/home/simmel/html/gw.pem"
server.document-root = "/home/simmel/html/sja/"
}
}
It won't change document-root to /home/simmel/html/sja/.
Updated by gstrauss about 9 years ago
- Description updated (diff)
- Status changed from New to Invalid
The socket connection on port 443 occurs earlier than when the host is known, so the socket condition should not depend on the host. TLS must be enabled in the config so that it can be negotiated prior to receiving the HTTP request, even via TLS SNI (server name indication) extension.
server.document-root = "/home/simmel/html/"
$SERVER[socket] ":443" {
ssl.engine = "enable"
ssl.pemfile = "/home/simmel/html/gw.pem"
$HTTP[host] "gw.soy.se" {
server.document-root = "/home/simmel/html/sja/"
}
}
(I hope the above example document-roots are contrived. Have a secure document root nested inside an insecure document root is not safe)
Also available in: Atom