mirror/nginx
1
0
Fork 0
mirror of https://github.com/nginx/nginx.git synced 2025-01-19 01:42:58 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

Stream ssl_preread: relaxed SSL version check.

Browse Source 
SSL version 3.0 can be specified by the client at the record level for
compatibility reasons.  Previously, ssl_preread module rejected such
connections, presuming they don't have SNI.  Now SSL 3.0 is allowed at
the record level.
This commit is contained in:
Roman Arutyunyan 2016-12-19 14:02:39 +03:00
parent 853c208fc9
commit 393636d79c
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/stream/ngx_stream_ssl_preread_module.c
View File

@ -142,7 +142,7 @@ ngx_stream_ssl_preread_handler(ngx_stream_session_t *s)
return NGX_DECLINED;
}
if (p[1] != 3 || p[2] == 0) {
if (p[1] != 3) {
ngx_log_debug0(NGX_LOG_DEBUG_STREAM, ctx->log, 0,
"ssl preread: unsupported SSL version");
return NGX_DECLINED;