Hi ,
Heikki Kallasjoki wrote:
On Mon, Sep 27, 2010 at 02:22:00PM +0200, Jan Just Keijser wrote:
ah right, now I see... hmmm 'Host: ...' headers should not be required
by a web server and with apache's Virtual Hosts you can override this using
I would have to disagree with whether Host: headers should be required,
given that the HTTP/1.1 specification explicitly says [RFC2616]:
"All Internet-based HTTP/1.1 servers MUST respond with a 400 (Bad
Request) status code to any HTTP/1.1 request message which lacks a Host
header field."
The client also "MUST" send a Host: header in every request, it is not
an optional field. Changing only the version number on the CONNECT line
OpenVPN sends does not make it a real HTTP/1.1 request.
(From what I can tell, and based on a very quick test, the string
"_default_" in an Apache <VirtualHost> config also only matches unlisted
IP addresses, and does not change how it processes HTTP requests that
claim to be version 1.1 but aren't.)
now I see where the confusion is coming from : by default openvpn is
using HTTP/1.0 requests; RFC1945 (http 1.0 standard) does NOT specify
that the Host: header should be present. This was added in HTTP/1.1
RFC2616 ; so I guess that whenever you specify HTTP/1.1 requests using
--http-proxy-option VERSION 1.1
then OpenVPN should also send a 'Host: ' header - seems like a trivial
fix to me. I still have no clue why the original patch was not accepted,
but then again, the mechanism for entering patches has changed
(improved!) a lot as of late.
HTH,
JJK
