[openssl-dev] SSL_R_HTTP_REQUEST no longer supported in 1.1.0

[Rainer Jung]

The constant SSL_R_HTTP_REQUEST is still defined, but I can't find code 
that sets it and practical experiments indicate it is no longer set.


In Apache land we use it to detect "HTTP spoken on HTTPS port". OpenSSL 
1.0.2 has code in ssl23_get_client_hello() that checks read bytes 
against "HEAD", "GET", "POST" etc. to detect this situation.


Was this feature removed intentionally or will it come back until the 
final 1.1.0 release?


Regards,

Rainer
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] SSL_R_HTTP_REQUEST no longer supported in 1.1.0

[Matt Caswell]

On 08/02/16 20:49, Rainer Jung wrote:
> The constant SSL_R_HTTP_REQUEST is still defined, but I can't find code
> that sets it and practical experiments indicate it is no longer set.
> 
> In Apache land we use it to detect "HTTP spoken on HTTPS port". OpenSSL
> 1.0.2 has code in ssl23_get_client_hello() that checks read bytes
> against "HEAD", "GET", "POST" etc. to detect this situation.
> 
> Was this feature removed intentionally

Well, kinda sorta. The whole version negotiation approach has been
completely rewritten. This made all of the ssl23* files redundant and so
they were deleted.

> or will it come back until the
> final 1.1.0 release?

Realistically I am unlikely to have time before feature freeze to add
this myself. I'd be happy to look at patches though.

Matt
-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev