[openssl-dev] SSL_R_HTTP_REQUEST no longer supported in 1.1.0
Rainer Jung
rainer.jung at kippdata.de
Mon Feb 8 20:49:21 UTC 2016
The constant SSL_R_HTTP_REQUEST is still defined, but I can't find code
that sets it and practical experiments indicate it is no longer set.
In Apache land we use it to detect "HTTP spoken on HTTPS port". OpenSSL
1.0.2 has code in ssl23_get_client_hello() that checks read bytes
against "HEAD", "GET", "POST" etc. to detect this situation.
Was this feature removed intentionally or will it come back until the
final 1.1.0 release?
Regards,
Rainer
More information about the openssl-dev
mailing list