id	summary	reporter	owner	description	type	status	priority	milestone	component	version	resolution	keywords	cc	uname	nginx_version
363	SPDY configuration inheritance issue	Rune Sørensen		"There appears to be a configuration inheritance issue when configuring the new `spdy` option on `listen` directives. Enabling spdy on one server's listen directive will enable spdy on other servers as well, without the `spdy` option on those server's listen directives.

We've reproduced the issue with a very simple configuration. In the below sample, `bar.com` will start using spdy even though it's actually only configured on the server with the `foo.com` server name.

Let me know if you need any more information or if we can help test a patch. It might also be misconfigured, but it seems like this is a violation of the usual nginx configuration inheritance model.

This was tested on Ubuntu 12.10 with OpenSSL 1.0.1c on an AWS instance with a single IP address.

Minimal nginx.conf to reproduce the issue:

user www-data;
worker_processes  1;

events {
  worker_connections  512;
}

pid        /var/run/nginx.pid;

http {

    server {
        listen 443 ssl;
        server_name bar.com;
        ssl_certificate /var/www/certificates/foo.crt;
        ssl_certificate_key /var/www/certificates/foo.key;

        location / {
            root /var/www/foo/;
        }
    }

    server {
        listen 443 ssl spdy;
        server_name foo.com;
        ssl_certificate /var/www/certificates/bar.crt;
        ssl_certificate_key /var/www/certificates/bar.key;

        location / {
            root /var/www/bar/;
        }
    }
}

"	defect	closed	minor		nginx-module	1.3.x	invalid	spdy		Linux ip-10-150-131-78 3.5.0-23-generic #35-Ubuntu SMP Thu Jan 24 13:15:40 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux	"nginx version: nginx/1.4.1
built by gcc 4.7.2 (Ubuntu/Linaro 4.7.2-2ubuntu1) 
TLS SNI support enabled
configure arguments: --with-http_spdy_module --with-http_ssl_module"