[nginx] Stream ssl_preread: added SSLv2 Client Hello support.
Sergey Kandaurov
pluknet at nginx.com
Thu Jul 19 10:02:08 UTC 2018
details: http://hg.nginx.org/nginx/rev/6649d4433266
branches:
changeset: 7322:6649d4433266
user: Sergey Kandaurov <pluknet at nginx.com>
date: Wed Jul 18 18:51:25 2018 +0300
description:
Stream ssl_preread: added SSLv2 Client Hello support.
In particular, it was not possible to obtain SSLv2 protocol version.
diffstat:
src/stream/ngx_stream_ssl_preread_module.c | 16 ++++++++++++++--
1 files changed, 14 insertions(+), 2 deletions(-)
diffs (33 lines):
diff -r 45e513c3540d -r 6649d4433266 src/stream/ngx_stream_ssl_preread_module.c
--- a/src/stream/ngx_stream_ssl_preread_module.c Tue Jul 17 15:30:43 2018 +0300
+++ b/src/stream/ngx_stream_ssl_preread_module.c Wed Jul 18 18:51:25 2018 +0300
@@ -149,6 +149,14 @@ ngx_stream_ssl_preread_handler(ngx_strea
while (last - p >= 5) {
+ if ((p[0] & 0x80) && p[2] == 1 && (p[3] == 0 || p[3] == 3)) {
+ ngx_log_debug0(NGX_LOG_DEBUG_STREAM, ctx->log, 0,
+ "ssl preread: version 2 ClientHello");
+ ctx->version[0] = p[3];
+ ctx->version[1] = p[4];
+ return NGX_OK;
+ }
+
if (p[0] != 0x16) {
ngx_log_debug0(NGX_LOG_DEBUG_STREAM, ctx->log, 0,
"ssl preread: not a handshake");
@@ -507,8 +515,12 @@ ngx_stream_ssl_preread_protocol_variable
ngx_str_null(&version);
switch (ctx->version[0]) {
- case 2:
- ngx_str_set(&version, "SSLv2");
+ case 0:
+ switch (ctx->version[1]) {
+ case 2:
+ ngx_str_set(&version, "SSLv2");
+ break;
+ }
break;
case 3:
switch (ctx->version[1]) {
More information about the nginx-devel
mailing list