Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 473028

Summary: The "Online Package Database" link from www.gentoo.org links to misconfigurated https site of packages.gentoo.org
Product: Websites Reporter: J.O. Aho <bugs-gentoo>
Component: OtherAssignee: Gentoo Infrastructure <infra-bugs>
Status: RESOLVED FIXED    
Severity: blocker    
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description J.O. Aho 2013-06-11 20:30:01 UTC 
Today the link to http://packages.gentoo.org had been changed to https://packages.gentoo.org which do not work as the test to use SNI has failed.

--- copy paste ---
A user is now greeted with the following message:

Empty Page!

If you expected a real website instead something must be wrong. :-(

If you also got an SSL hostname mismatch, your browser doesn't properly support SNI (e.g. IE8 on Windows XP).
-- eof ---

Tested with (all supports SNI):
opera-12.02.1578
seamonkey-2.17.1
firefox-21.0
chromium-25.0.1364.97
konqueror-4.10.3
so this isn't a client issue and have tested on other servers using SNI.

Easy fix is to change the "Online Package Database" link to point back on the http://packages.gentoo.org
Comment 1 J.O. Aho 2013-06-13 05:52:05 UTC 
Proof of that the browser supports SNI by visiting https://gentoo.sni.velox.ch:

TLS SNI Test Site: *.sni.velox.ch

Great! Your client [Mozilla/5.0 (X11; Linux x86_64; rv:20.0) Gecko/20100101 Firefox/20.0 SeaMonkey/2.17.1] sent the following TLS server name indication extension (RFC 6066) in its ClientHello (negotiated protocol: TLSv1, cipher suite: ECDHE-RSA-AES256-SHA):

  gentoo.sni.velox.ch

In your request, this header was included:

  Host: gentoo.sni.velox.ch
Comment 2 Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2013-06-14 04:53:37 UTC 
The site config was broken, fixed