get_client_hello_ext() | lua-resty-core/lib/ngx/ssl | Issue with custom TLS Extension Type 17516

[josedamianm]

I am trying to extract a TLS Extension with a custom Extension type 17516. I am using openresty/lua-resty-core get_client_hello_ext() method, but i am not getting any data.

This is my nginx.conf:
error_log /usr/local/openresty/nginx/logs/error.log info;

events {
worker_connections 2048;
}

http {
server {
listen 443 ssl;
server_name localhost;
ssl_certificate /usr/local/openresty/nginx/conf/certificate.crt;
ssl_certificate_key /usr/local/openresty/nginx/conf/private.key;

    ssl_client_hello_by_lua_block {
        local ssl_clt = require "ngx.ssl.clienthello"
        local ext = ssl_clt.get_client_hello_ext(0x446c)
        local encoded_ext = ngx.encode_base64(ext)
        ngx.log(ngx.INFO, "Extension: ", encoded_ext)
    }

    location / {
        # Proxy_pass configuration if needed
        proxy_pass http://backendserver:8080/;
    }
}

}

This is how i am sending the TLS Extension:
Extension: Unknown type 17516 (len=28)
Type: Unknown (17516)
Length: 28
Data: 546869732069732074686520456e63727970746564204d534953444e

I tried also by calling the get_client_hello_ext(17516) with the Extension type in decimal, but i am still not getting the values.

It seems that the get_client_hello_ext method is not working for no standard Ext_Type like 17516.

[uavila]

Hello @josedamianm
did you make it work? I am trying to do the same.