nginx.git/src, branch release-1.23.2 nginx Mp4: disabled duplicate atoms. 2022-10-19T07:53:17+00:00 Roman Arutyunyan arut@nginx.com 2022-10-19T07:53:17+00:00 0d23105373e6d8a720b9826079c077b9b4be919d Most atoms should not appear more than once in a container. Previously, this was not enforced by the module, which could result in worker process crash, memory corruption and disclosure. 
Most atoms should not appear more than once in a container.  Previously,
this was not enforced by the module, which could result in worker process
crash, memory corruption and disclosure.
SSL: improved validation of ssl_session_cache and ssl_ocsp_cache. 2022-10-17T12:24:53+00:00 Sergey Kandaurov pluknet@nginx.com 2022-10-17T12:24:53+00:00 35fce42269bf1c84eadef6660021cefa08a960d7 Now it properly detects invalid shared zone configuration with omitted size. Previously it used to read outside of the buffer boundary. Found with AddressSanitizer. 
Now it properly detects invalid shared zone configuration with omitted size.
Previously it used to read outside of the buffer boundary.

Found with AddressSanitizer.
SSL: removed cast not needed after 5ffd76a9ccf3. 2022-10-13T12:18:56+00:00 Sergey Kandaurov pluknet@nginx.com 2022-10-13T12:18:56+00:00 5b23fe690f0ddd0fe4af1ed01d7a4df95aa54d10 






SSL: workaround for session timeout handling with TLSv1.3.
2022-10-12T17:14:57+00:00

Maxim Dounin
mdounin@mdounin.ru

2022-10-12T17:14:57+00:00

4d61d59ae9ecc8f1a5f0f505bf0310035b0d9ce9

OpenSSL with TLSv1.3 updates the session creation time on session
resumption and keeps the session timeout unmodified, making it possible
to maintain the session forever, bypassing client certificate expiration
and revocation.  To make sure session timeouts are actually used, we
now update the session creation time and reduce the session timeout
accordingly.

BoringSSL with TLSv1.3 ignores configured session timeouts and uses a
hardcoded timeout instead, 7 days.  So we update session timeout to
the configured value as soon as a session is created.





OpenSSL with TLSv1.3 updates the session creation time on session
resumption and keeps the session timeout unmodified, making it possible
to maintain the session forever, bypassing client certificate expiration
and revocation.  To make sure session timeouts are actually used, we
now update the session creation time and reduce the session timeout
accordingly.

BoringSSL with TLSv1.3 ignores configured session timeouts and uses a
hardcoded timeout instead, 7 days.  So we update session timeout to
the configured value as soon as a session is created.







SSL: optimized rotation of session ticket keys.
2022-10-12T17:14:55+00:00

Maxim Dounin
mdounin@mdounin.ru

2022-10-12T17:14:55+00:00

02314f0c3c70bad88ae3554eb66439a261898f24

Instead of syncing keys with shared memory on each ticket operation,
the code now does this only when the worker is going to change expiration
of the current key, or going to switch to a new key: that is, usually
at most once per second.

To do so without races, the code maintains 3 keys: current, previous,
and next.  If a worker will switch to the next key earlier, other workers
will still be able to decrypt new tickets, since they will be encrypted
with the next key.





Instead of syncing keys with shared memory on each ticket operation,
the code now does this only when the worker is going to change expiration
of the current key, or going to switch to a new key: that is, usually
at most once per second.

To do so without races, the code maintains 3 keys: current, previous,
and next.  If a worker will switch to the next key earlier, other workers
will still be able to decrypt new tickets, since they will be encrypted
with the next key.







SSL: automatic rotation of session ticket keys.
2022-10-12T17:14:53+00:00

Maxim Dounin
mdounin@mdounin.ru

2022-10-12T17:14:53+00:00

1d572e359a210dcb27e5e073c016c1768c435263

As long as ssl_session_cache in shared memory is configured, session ticket
keys are now automatically generated in shared memory, and rotated
periodically.  This can be beneficial from forward secrecy point of view,
and also avoids increased CPU usage after configuration reloads.

This also helps BoringSSL to properly resume sessions in configurations
with multiple worker processes and no ssl_session_ticket_key directives,
as BoringSSL tries to automatically rotate session ticket keys and does
this independently in different worker processes, thus breaking session
resumption between worker processes.





As long as ssl_session_cache in shared memory is configured, session ticket
keys are now automatically generated in shared memory, and rotated
periodically.  This can be beneficial from forward secrecy point of view,
and also avoids increased CPU usage after configuration reloads.

This also helps BoringSSL to properly resume sessions in configurations
with multiple worker processes and no ssl_session_ticket_key directives,
as BoringSSL tries to automatically rotate session ticket keys and does
this independently in different worker processes, thus breaking session
resumption between worker processes.







SSL: shorter debug messages about session tickets.
2022-10-12T17:14:51+00:00

Maxim Dounin
mdounin@mdounin.ru

2022-10-12T17:14:51+00:00

3b127da11169c63c04d2ea41a79023b030010a1e












SSL: renamed session ticket key functions and data index.
2022-10-12T17:14:49+00:00

Maxim Dounin
mdounin@mdounin.ru

2022-10-12T17:14:49+00:00

2a8e56b1e2addb0fdf9fbd0d33b2c1371409176b

Previously used names are way too long, renamed to simplify writing code.





Previously used names are way too long, renamed to simplify writing code.







SSL: renamed session ticket key type.
2022-10-12T17:14:47+00:00

Maxim Dounin
mdounin@mdounin.ru

2022-10-12T17:14:47+00:00

6e5120a01d09478342af1bf37efeaaede7833f86

The ngx_ssl_session_ticket_key_t is way too long, renamed to
ngx_ssl_ticket_key_t to simplify writing code.





The ngx_ssl_session_ticket_key_t is way too long, renamed to
ngx_ssl_ticket_key_t to simplify writing code.







SSL: style.
2022-10-12T17:14:45+00:00

Maxim Dounin
mdounin@mdounin.ru

2022-10-12T17:14:45+00:00

a5b768c5365d1b3b286c9690ef33ae3f54e08321

Runtime OCSP functions separated from configuration ones.





Runtime OCSP functions separated from configuration ones.