Bug 1410130

Summary: Underscore in virtualhost servername or serveralias
Product: [Fedora] Fedora Reporter: anothergituser
Component: httpdAssignee: Luboš Uhliarik <luhliari>
Status: CLOSED NOTABUG QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 24CC: jkaluza, jorton, luhliari, pahan
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-02-10 15:29:37 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description anothergituser 2017-01-04 14:36:39 UTC 
Description of problem:
Using underscores in servername will result in a 400 Bad Request

Version-Release number of selected component (if applicable):
2.4.25-1.fc24

Steps to Reproduce:

1. add a virtual host with servername and serveralias like test_this.local

2. add to /etc/hosts 
127.0.0.1   test_this.local 

3.
Restart httpd and check http://test_this.local

Actual results:
Will result in 400 Bad Request

Expected results:
A 200 response.

Additional info:

After installing fedora 24 and finding this problem the solution was
dnf downgrade httpd --allowerasing

Which downgraded httpd to version 2.4.18-2.fc24 that accepts underscores.

PS: I'm using a ProxyPassMatch directive in my virtualhost in order to use php54-fpm from remi's repo, but still, the error i report was solved by downgrading httpd to the mentioned version. 

Also 2.4.25-1.fc24 will also work if no underscore is found in the name, like test.local
Comment 1 Joe Orton 2017-02-10 15:29:37 UTC 
Underscores are not permitted in hostnames and are now rejected.  RFC 3986 sec 3.2.2 - https://tools.ietf.org/html/rfc3986#section-3.2.2 --

   A registered name intended for lookup in the DNS uses the syntax
   defined in Section 3.5 of [RFC1034] and Section 2.1 of [RFC1123].
   Such a name consists of a sequence of domain labels separated by ".",
   each domain label starting and ending with an alphanumeric character
   and possibly also containing "-" characters.

Using "HttpProtocolOptions unsafe" should allow the old behaviour.

https://httpd.apache.org/docs/2.4/mod/core.html#httpprotocoloptions