Bug 63581 - Named VirtualHost - multiple listings of same NVH entry for an IP:port from differing DNS data.
Summary: Named VirtualHost - multiple listings of same NVH entry for an IP:port from d...
Status: NEW
Alias: None
Product: Apache httpd-2
Classification: Unclassified
Component: Core (show other bugs)
Version: 2.4.39
Hardware: PC All
: P2 minor (vote)
Target Milestone: ---
Assignee: Apache HTTPD Bugs Mailing List
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2019-07-22 22:08 UTC by D. Stussy
Modified: 2019-07-22 22:08 UTC (History)
0 users



Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description D. Stussy 2019-07-22 22:08:34 UTC
Suppose that the configuration file has this:

"<VirtualHost host1.example.com:80 host2.example.com:80 ...>
    ServerName Example-Domains
    ServerAlias A B C"

...and the DNS maps each hostname to separate IPv6 addresses, but all to the SAME IPv4 address.

Such results in this output from "httpd -S" for the IPv4 address:

"192.0.2.1:80       is a NameVirtualHost
         port 80 namevhost Example-Domains (/etc/httpd/httpd.conf:785)
                 alias A
                 alias B
                 alias C
         port 80 namevhost Example-Domains (/etc/httpd/httpd.conf:785)
                 alias A
                 alias B
                 alias C
..."

i.e. the name virtual host entry is duplicated for EACH entry that maps to that particular IP address.  I have in my configuration 5 entries that map to the same IPv4, and I get 5 identical entries in my virtual host listing for that IP.  Only ONE is necessary.

This bug does not affect the CORRECTNESS of the operation of the named virtual host feature.  However, the extra entries will affect processing timing as it will cause additional comparisons (which always fail - as only the first identical entry will ever match) when the virtual host requested is not among those named (including aliases).

Fix:  Before adding an entry into the named-virtual-host chain for an address, compare the source file:line data pair and skip if already present.  However, I am not well enough versed in the Apache server source code to know where these data are stored.

Note:  Although the manual description for the directive states:  "Each Virtual Host must correspond to a different IP address, different port number, or a different host name for the server, ...," I have found that such is not enforced and the configuration happily maps multiple entries to the same IP:port combination(s), with multiple entries despite sourcing from the same configuration file:line combination as noted above.

On account of this, one may suggest that I simply define the virtual host by its IP address.  However, that would require DNS knowledge which one should NOT assume - as the web server and DNS data could be managed by different people in a large enough organization.  I reject this and state that the program should still do the correct thing (add the virtual host ONCE) when faced with mappings that point to the same IP:port combination.