Is there a way to retrieve the SSL handshake "Client Hello" data?

marco · 2016-11-23T00:28:55+00:00

Thanks for the suggestion, I solved my issues by using Linux to execute nginx, obtain the package.path and package.cpath from lua and put them in nginx.conf...

Is there a way to retrieve the SSL handshake "Client Hello" data?

marco

During the SSL handshake "Client Hello" phase handled by "ssl_certificate_by_lua" the client sends the following data:

random
session_id
cipher_suites
compression_methods
extensions

Is it possible to access this information?

rpaprocki

Figured I'd toss this here since there's no other chatter on this thread. Yesterday a few patches were push upstream that added some relevant variables:

http://mailman.nginx.org/pipermail/nginx-devel/2016-December/009226.html
http://mailman.nginx.org/pipermail/nginx-devel/2016-December/009227.html

http://mailman.nginx.org/pipermail/nginx-devel/2016-December/009228.html

Doesn't quite cover everything here, but it's relevant-ish ;)

On Tuesday, November 22, 2016 at 8:28:55 AM UTC-8, Marco Palladino wrote:

During the SSL handshake "Client Hello" phase handled by "ssl_certificate_by_lua" the client sends the following data:
random
session_id
cipher_suites
compression_methods
extensions
Is it possible to access this information?