tengine
tengine copied to clipboard
Published
20 hours ago •
alibaba
alibaba
server_tag off 在http2协议模式下不生效
Ⅰ. Issue Description
我这边有个需求是需要隐藏掉Server: Tengine/2.3.3,根据文档做如下配置后测试:
server {
listen 443 ssl http2;
server_name localhost;
ssl_certificate www.shangri-la.com.cert;
ssl_certificate_key www.shangri-la.com.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
server_tag off;
server_tokens off;
server_info off;
location / {
root html;
index index.html index.htm;
}
}
}
Ⅱ. Describe what happened
http1.1/http1.0模式下生效,服务器没有返回Server header.
solosky curl https://192.168.56.101/ -k -I --http1.1
HTTP/1.1 200 OK
Date: Mon, 15 Nov 2021 05:39:23 GMT
Content-Type: text/html
Content-Length: 555
Last-Modified: Mon, 15 Nov 2021 05:14:28 GMT
Connection: keep-alive
ETag: "6191ecb4-22b"
Accept-Ranges: bytes
➜ solosky curl https://192.168.56.101/ -k -I --http1.0
HTTP/1.1 200 OK
Date: Mon, 15 Nov 2021 05:40:41 GMT
Content-Type: text/html
Content-Length: 555
Last-Modified: Mon, 15 Nov 2021 05:14:28 GMT
Connection: close
ETag: "6191ecb4-22b"
Accept-Ranges: bytes
http 2.0 模式下不生效,服务器返回了Server header.
➜ solosky curl https://192.168.56.101/ -k -I --http2
HTTP/2 200
server: Tengine
date: Mon, 15 Nov 2021 05:39:27 GMT
content-type: text/html
content-length: 555
last-modified: Mon, 15 Nov 2021 05:14:28 GMT
etag: "6191ecb4-22b"
accept-ranges: bytes
Ⅲ. Describe what you expected to happen
http 2.0 模式期望不返回Server Header。
Ⅳ. How to reproduce it (as minimally and precisely as possible)
Ⅴ. Anything else we need to know?
- If applicable, add nginx debug log doc.
Ⅵ. Environment:
- Tengine version (use
sbin/nginx -V):
[root@vm1 nginx]# sbin/nginx -V
Tengine version: Tengine/2.3.3
nginx version: nginx/1.18.0
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-44) (GCC)
built with OpenSSL 1.0.2k-fips 26 Jan 2017
TLS SNI support enabled
configure arguments: --with-http_v2_module
- OS (e.g. from /etc/os-release): CentOS Linux release 7.9.2009 (Core)
- Kernel (e.g.
uname -a): - Others:
