Opened 9 years ago
Closed 9 years ago
#817 closed defect (invalid)
Wrong or undocumented srever resolving
| Reported by: | Owned by: | ||
|---|---|---|---|
| Priority: | minor | Milestone: | |
| Component: | nginx-core | Version: | 1.9.x |
| Keywords: | Cc: | ||
| uname -a: | Linux marunin1-2 3.2.0-0.bpo.4-amd64 #1 SMP Debian 3.2.68-1+deb7u2~bpo60+1 x86_64 GNU/Linux | ||
| nginx -V: |
nginx version: nginx/1.7.11
TLS SNI support enabled configure arguments: --prefix=/usr --user=www-data --group=www-data --conf-path=/etc/nginx/nginx.conf --pid-path=/var/run/nginx.pid --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --http-client-body-temp-path=/var/cache/nginx/client-body --http-proxy-temp-path=/var/cache/nginx/proxy --http-fastcgi-temp-path=/var/cache/nginx/fastcgi --with-http_perl_module --with-http_ssl_module --with-http_sub_module --with-http_stub_status_module --with-http_realip_module --with-http_gunzip_module --with-zlib-asm=pentiumpro --add-module=./ngx_http_auth_pam_module --add-module=./nginx-sla --add-module=./ngx_devel_kit --add-module=./ngx_set_misc_module --with-debug |
||
Description
I you mix listen <ip_name>:80 and listen 80
Than servers with listen 80 ignored and default (first) server {...} section always win
Example:
conf file
server {
listen 10.253.55.21:80;
server_name name1;
location / {
return 401;
}
}
server {
listen 80;
server_name name2;
location / {
return 402;
}
}
$ wget -O- -S --header 'Host: name2' 'http://10.253.55.22/name2'
--2015-10-20 00:40:02-- http://10.253.55.22/name2
Connecting to 10.253.55.22:80... connected.
HTTP request sent, awaiting response...
HTTP/1.1 401 Unauthorized
Server: nginx/1.7.11
Date: Tue, 20 Oct 2015 00:40:02 GMT
Content-Type: text/html
Content-Length: 195
Connection: keep-alive
Authorization failed.
401 returned, server name1
But server name2 (and code 402) expected
Attachments (2)
Change History (4)
by , 9 years ago
| Attachment: | nginx_bug.conf added |
|---|
comment:1 by , 9 years ago
The same problem exists for very old
nginx version: nginx/0.7.67
TLS SNI support enabled
configure arguments: --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-log-path=/var/log/nginx/access.log --http-proxy-temp-path=/var/lib/nginx/proxy --lock-path=/var/lock/nginx.lock --pid-path=/var/run/nginx.pid --with-debug --with-http_dav_module --with-http_flv_module --with-http_geoip_module --with-http_gzip_static_module --with-http_realip_module --with-http_stub_status_module --with-http_ssl_module --with-http_sub_module --with-ipv6 --with-mail --with-mail_ssl_module --add-module=/home/mpalmer/src/debian/lts/nginx/nginx-0.7.67/modules/nginx-upstream-fair
comment:2 by , 9 years ago
| Resolution: | → invalid |
|---|---|
| Status: | new → closed |
When you have a listening socket configured for a particular IP address, all connections to this IP address will be handled only by virtual servers configured with this listening socket. No servers listening on wildcard address will be considered. This is how sockets work. If you want requests to 10.253.55.21:80 to be handled both in name1 and name2 servers, you have to configure both sockets in the name2 server:
server {
listen 10.253.55.21:80;
server_name name1;
...
}
server {
listen 80;
listen 10.253.55.21:80;
server_name name2;
....
}
Some additional information about configuring virtual servers can be found in the documentation, see here:
http://nginx.org/en/docs/http/request_processing.html#mixed_name_ip_based_servers
Bug config