details: http://hg.nginx.org/nginx/rev/6649d4433266 branches: changeset: 7322:6649d4433266 user: Sergey Kandaurov <pluk...@nginx.com> date: Wed Jul 18 18:51:25 2018 +0300 description: Stream ssl_preread: added SSLv2 Client Hello support.
In particular, it was not possible to obtain SSLv2 protocol version. diffstat: src/stream/ngx_stream_ssl_preread_module.c | 16 ++++++++++++++-- 1 files changed, 14 insertions(+), 2 deletions(-) diffs (33 lines): diff -r 45e513c3540d -r 6649d4433266 src/stream/ngx_stream_ssl_preread_module.c --- a/src/stream/ngx_stream_ssl_preread_module.c Tue Jul 17 15:30:43 2018 +0300 +++ b/src/stream/ngx_stream_ssl_preread_module.c Wed Jul 18 18:51:25 2018 +0300 @@ -149,6 +149,14 @@ ngx_stream_ssl_preread_handler(ngx_strea while (last - p >= 5) { + if ((p[0] & 0x80) && p[2] == 1 && (p[3] == 0 || p[3] == 3)) { + ngx_log_debug0(NGX_LOG_DEBUG_STREAM, ctx->log, 0, + "ssl preread: version 2 ClientHello"); + ctx->version[0] = p[3]; + ctx->version[1] = p[4]; + return NGX_OK; + } + if (p[0] != 0x16) { ngx_log_debug0(NGX_LOG_DEBUG_STREAM, ctx->log, 0, "ssl preread: not a handshake"); @@ -507,8 +515,12 @@ ngx_stream_ssl_preread_protocol_variable ngx_str_null(&version); switch (ctx->version[0]) { - case 2: - ngx_str_set(&version, "SSLv2"); + case 0: + switch (ctx->version[1]) { + case 2: + ngx_str_set(&version, "SSLv2"); + break; + } break; case 3: switch (ctx->version[1]) { _______________________________________________ nginx-devel mailing list nginx-devel@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx-devel