get_client_hello_ext( ) with custom TLS Extension

Skip to first unread message

Jose Damian Manco Rocha

Feb 28, 2024, 9:57:28 AMFeb 28
to openresty-en
I am trying to extract a TLS Extension with a custom Extension type 17516. I am using openresty/lua-resty-core get_client_hello_ext() method, but i am not getting any data.

This is my nginx.conf:
error_log  /usr/local/openresty/nginx/logs/error.log  info;

events {
    worker_connections  2048;

http {
    server {
        listen 443 ssl;
        server_name localhost;
        ssl_certificate /usr/local/openresty/nginx/conf/certificate.crt;
        ssl_certificate_key /usr/local/openresty/nginx/conf/private.key;
        ssl_client_hello_by_lua_block {
            local ssl_clt = require "ngx.ssl.clienthello"
            local ext = ssl_clt.get_client_hello_ext(0x446c)
            local encoded_ext = ngx.encode_base64(ext)
            ngx.log(ngx.INFO, "Extension: ", encoded_ext)

        location / {
            # Proxy_pass configuration if needed
            proxy_pass http://backendServer:8080;

This is how i am sending the TLS Extension:
Extension: Unknown type 17516 (len=28)
    Type: Unknown (17516)
    Length: 28
    Data: 546869732069732074686520456e63727970746564204d534953444e

I tried also by calling the get_client_hello_ext(17516) with the Extension type in decimal, but still not getting the values.

Could you please indicate me how do i have to execute the method in order to get the Extension Data?

Reply all
Reply to author
0 new messages