| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
| |
We own this memory from the session pool.
|
| |
|
|
|
|
|
|
|
| |
Server name is taken either from ngx_stream_ssl_module or
ngx_stream_ssl_preread_module.
The change adds "default_server" parameter to the "listen" directive,
as well as the following directives: "server_names_hash_max_size",
"server_names_hash_bucket_size", "server_name" and "ssl_reject_handshake".
|
| |
|
|
| |
In particular, it was not possible to obtain SSLv2 protocol version.
|
| |
|
|
|
|
|
|
|
| |
The variable keeps the latest SSL protocol version supported by the client.
The variable has the same format as $ssl_protocol.
The version is read from the client_version field of ClientHello. If the
supported_versions extension is present in the ClientHello, then the version
is set to TLSv1.3.
|
| | |
|
| |
|
|
|
| |
The variable keeps a comma-separated list of protocol names from ALPN TLS
extension defined by RFC 7301.
|
| |
|
|
| |
No functional changes.
|
| |
|
|
|
|
|
| |
SSL version 3.0 can be specified by the client at the record level for
compatibility reasons. Previously, ssl_preread module rejected such
connections, presuming they don't have SNI. Now SSL 3.0 is allowed at
the record level.
|
| |
|
|
| |
Made sure to set the variable length only after successful SNI parsing.
|
| |
|
|
| |
The ngx_log_debug() macro is internal and should not be used.
|
|
|
The ssl_preread module extracts information from the SSL Client Hello message
without terminating SSL. Currently, only $ssl_preread_server_name variable
is supported, which contains server name from the SNI extension.
|
