mod_admin_telnet: Handle unavailable cipher info (fixes #1510)
The LuaSec :info() method gathers info using the OpenSSL function
SSL_get_current_cipher(). Documentation for this function states that it
may return NULL if no session has been established (yet). If so, the
LuaSec functions wrapping this return nil, triggering a nil-indexing
error in mod_admin_telnet.
--- a/plugins/mod_admin_telnet.lua Thu Mar 12 20:32:07 2020 +0000
+++ b/plugins/mod_admin_telnet.lua Sun Mar 22 17:35:26 2020 +0100
@@ -528,11 +528,14 @@
common_info(session, line);
if session.secure then
local sock = session.conn and session.conn.socket and session.conn:socket();
- if sock and sock.info then
- local info = sock:info();
- line[#line+1] = ("(%s with %s)"):format(info.protocol, info.cipher);
- else
- line[#line+1] = "(cipher info unavailable)";
+ if sock then
+ local info = sock.info and sock:info();
+ if info then
+ line[#line+1] = ("(%s with %s)"):format(info.protocol, info.cipher);
+ else
+ -- TLS session might not be ready yet
+ line[#line+1] = "(cipher info unavailable)";
+ end
end
else
line[#line+1] = "(insecure)";