From af11cae5114d8237c8f17be3a89482bc70cf42b8 Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Sun, 22 Mar 2020 17:35:26 +0100 Subject: mod_admin_telnet: Handle unavailable cipher info (fixes #1510) The LuaSec :info() method gathers info using the OpenSSL function SSL_get_current_cipher(). Documentation for this function states that it may return NULL if no session has been established (yet). If so, the LuaSec functions wrapping this return nil, triggering a nil-indexing error in mod_admin_telnet. --- plugins/mod_admin_telnet.lua | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) (limited to 'plugins/mod_admin_telnet.lua') diff --git a/plugins/mod_admin_telnet.lua b/plugins/mod_admin_telnet.lua index 59eca28b..b0e349da 100644 --- a/plugins/mod_admin_telnet.lua +++ b/plugins/mod_admin_telnet.lua @@ -528,11 +528,14 @@ local function tls_info(session, line) common_info(session, line); if session.secure then local sock = session.conn and session.conn.socket and session.conn:socket(); - if sock and sock.info then - local info = sock:info(); - line[#line+1] = ("(%s with %s)"):format(info.protocol, info.cipher); - else - line[#line+1] = "(cipher info unavailable)"; + if sock then + local info = sock.info and sock:info(); + if info then + line[#line+1] = ("(%s with %s)"):format(info.protocol, info.cipher); + else + -- TLS session might not be ready yet + line[#line+1] = "(cipher info unavailable)"; + end end else line[#line+1] = "(insecure)"; -- cgit v1.2.3