nginx.git/src/event, branch release-1.11.8 nginx SSL: support AES256 encryption of tickets. 2016-12-23T14:28:20+00:00 Maxim Dounin mdounin@mdounin.ru 2016-12-23T14:28:20+00:00 c2d3d82ccbea18f0504fbaceeee6efb62da8d1d8 This implies ticket key size of 80 bytes instead of previously used 48, as both HMAC and AES keys are 32 bytes now. When an old 48-byte ticket key is provided, we fall back to using backward-compatible AES128 encryption. OpenSSL switched to using AES256 in 1.1.0, and we are providing equivalent security. While here, order of HMAC and AES keys was reverted to make the implementation compatible with keys used by OpenSSL with SSL_CTX_set_tlsext_ticket_keys(). Prodded by Christian Klinger. 
This implies ticket key size of 80 bytes instead of previously used 48,
as both HMAC and AES keys are 32 bytes now.  When an old 48-byte ticket key
is provided, we fall back to using backward-compatible AES128 encryption.

OpenSSL switched to using AES256 in 1.1.0, and we are providing equivalent
security.  While here, order of HMAC and AES keys was reverted to make
the implementation compatible with keys used by OpenSSL with
SSL_CTX_set_tlsext_ticket_keys().

Prodded by Christian Klinger.
SSL: backed out changeset e7cb5deb951d, reimplemented properly. 2016-12-15T16:00:23+00:00 Maxim Dounin mdounin@mdounin.ru 2016-12-15T16:00:23+00:00 3294292b667ffa9ad55c7bd2e59943bd6eca4a4d Changeset e7cb5deb951d breaks build on CentOS 5 with "dereferencing type-punned pointer will break strict-aliasing rules" warning. It is backed out. Instead, to keep builds with BoringSSL happy, type of the "value" variable changed to "char *", and an explicit cast added before calling ngx_parse_http_time(). 
Changeset e7cb5deb951d breaks build on CentOS 5 with "dereferencing
type-punned pointer will break strict-aliasing rules" warning.  It is
backed out.

Instead, to keep builds with BoringSSL happy, type of the "value"
variable changed to "char *", and an explicit cast added before calling
ngx_parse_http_time().
SSL: fix call to BIO_get_mem_data(). 2016-12-13T22:19:30+00:00 Piotr Sikora piotrsikora@google.com 2016-12-13T22:19:30+00:00 592dbcc3151e49f6ee0602812adcaa6ffa885317 Fixes build with BoringSSL. Signed-off-by: Piotr Sikora <piotrsikora@google.com> 
Fixes build with BoringSSL.

Signed-off-by: Piotr Sikora <piotrsikora@google.com>
SSL: $ssl_curves (ticket #1088). 2016-12-05T19:23:23+00:00 Maxim Dounin mdounin@mdounin.ru 2016-12-05T19:23:23+00:00 551091951a479e2f512062c51bdcc6157a211164 The variable contains a list of curves as supported by the client. Known curves are listed by their names, unknown ones are shown in hex, e.g., "0x001d:prime256v1:secp521r1:secp384r1". Note that OpenSSL uses session data for SSL_get1_curves(), and it doesn't store full list of curves supported by the client when serializing a session. As a result $ssl_curves is only available for new sessions (and will be empty for reused ones). The variable is only meaningful when using OpenSSL 1.0.2 and above. With older versions the variable is empty. 
The variable contains a list of curves as supported by the client.
Known curves are listed by their names, unknown ones are shown
in hex, e.g., "0x001d:prime256v1:secp521r1:secp384r1".

Note that OpenSSL uses session data for SSL_get1_curves(), and
it doesn't store full list of curves supported by the client when
serializing a session.  As a result $ssl_curves is only available
for new sessions (and will be empty for reused ones).

The variable is only meaningful when using OpenSSL 1.0.2 and above.
With older versions the variable is empty.
SSL: $ssl_ciphers (ticket #870). 2016-12-05T19:23:23+00:00 Maxim Dounin mdounin@mdounin.ru 2016-12-05T19:23:23+00:00 2daf78867bb60bee5e5ca517f20339211391635b The variable contains list of ciphers as supported by the client. Known ciphers are listed by their names, unknown ones are shown in hex, e.g., ""AES128-SHA:AES256-SHA:0x00ff". The variable is fully supported only when using OpenSSL 1.0.2 and above. With older version there is an attempt to provide some information using SSL_get_shared_ciphers(). It only lists known ciphers though. Moreover, as OpenSSL uses session data for SSL_get_shared_ciphers(), and it doesn't store relevant data when serializing a session. As a result $ssl_ciphers is only available for new sessions (and not available for reused ones) when using OpenSSL older than 1.0.2. 
The variable contains list of ciphers as supported by the client.
Known ciphers are listed by their names, unknown ones are shown
in hex, e.g., ""AES128-SHA:AES256-SHA:0x00ff".

The variable is fully supported only when using OpenSSL 1.0.2 and above.
With older version there is an attempt to provide some information
using SSL_get_shared_ciphers().  It only lists known ciphers though.
Moreover, as OpenSSL uses session data for SSL_get_shared_ciphers(),
and it doesn't store relevant data when serializing a session.  As
a result $ssl_ciphers is only available for new sessions (and not
available for reused ones) when using OpenSSL older than 1.0.2.
SSL: $ssl_client_v_start, $ssl_client_v_end, $ssl_client_v_remain. 2016-12-05T19:23:23+00:00 Maxim Dounin mdounin@mdounin.ru 2016-12-05T19:23:23+00:00 53092ad782c4647c212ff3b23870f7927da9e293 






SSL: $ssl_client_verify extended with a failure reason.
2016-12-05T19:23:22+00:00

Maxim Dounin
mdounin@mdounin.ru

2016-12-05T19:23:22+00:00

919f53632940cfa9b9f24fdffeaf1f3d5b4fc700

Now in case of a verification failure $ssl_client_verify contains
"FAILED:<reason>", similar to Apache's SSL_CLIENT_VERIFY, e.g.,
"FAILED:certificate has expired".

Detailed description of possible errors can be found in the verify(1)
manual page as provided by OpenSSL.





Now in case of a verification failure $ssl_client_verify contains
"FAILED:<reason>", similar to Apache's SSL_CLIENT_VERIFY, e.g.,
"FAILED:certificate has expired".

Detailed description of possible errors can be found in the verify(1)
manual page as provided by OpenSSL.







OCSP stapling: improved error logging context.
2016-12-05T19:23:22+00:00

Maxim Dounin
mdounin@mdounin.ru

2016-12-05T19:23:22+00:00

27bcceb24bb562e080d1f894e8310ac74187173e

It now logs the IP address of the responder used (if it's already known),
as well as the certificate name.





It now logs the IP address of the responder used (if it's already known),
as well as the certificate name.







OCSP stapling: added certificate name to warnings.
2016-12-05T19:23:22+00:00

Maxim Dounin
mdounin@mdounin.ru

2016-12-05T19:23:22+00:00

af07f8d093508c86ae6b2268ab4d4fea8f1dfd2d












OCSP stapling: added http response status logging.
2016-12-05T19:23:22+00:00

Maxim Dounin
mdounin@mdounin.ru

2016-12-05T19:23:22+00:00

0a1290b739f5b14cafa7a51e5ac92fd145059f45