Commit Graph

213 Commits

Author SHA1 Message Date
Maxim Dounin
af897b7f03 SSL: adjust buffer used by OpenSSL during handshake (ticket #413). 2013-09-27 19:39:33 +04:00
Piotr Sikora
0a5124502d SSL: fixed possible memory and file descriptor leak on HUP signal.
The problem appeared in 386a06a22c40 (1.3.7).

Signed-off-by: Piotr Sikora <piotr@cloudflare.com>
2013-09-18 16:51:30 -07:00
Piotr Sikora
29ea1273fe SSL: guard use of SSL_OP_MSIE_SSLV2_RSA_PADDING.
This option had no effect since 0.9.7h / 0.9.8b and it was removed
in recent OpenSSL.

Signed-off-by: Piotr Sikora <piotr@cloudflare.com>
2013-09-16 14:24:38 -07:00
Maxim Dounin
3d1e616d0b SSL: clear error queue after SSL_CTX_load_verify_locations().
The SSL_CTX_load_verify_locations() may leave errors in the error queue
while returning success (e.g. if there are duplicate certificates in the file
specified), resulting in "ignoring stale global SSL error" alerts later
at runtime.
2013-09-04 21:17:02 +04:00
Maxim Dounin
e3cab76758 Backed out f1a91825730a and 7094bd12c1ff.
While ngx_get_full_name() might have a bit more descriptive arguments,
the ngx_conf_full_name() is generally easier to use when parsing
configuration and limits exposure of cycle->prefix / cycle->conf_prefix
details.
2013-08-20 21:11:19 +04:00
Valentin Bartenev
d29d21bade Replaced ngx_conf_full_name() with ngx_get_full_name().
The ngx_get_full_name() function takes more readable arguments list.
2013-08-06 19:58:40 +04:00
Piotr Sikora
407c831116 Style: replace SSL *ssl with ngx_ssl_conn_t *ssl_conn.
No functional changes.

Signed-off-by: Piotr Sikora <piotr@cloudflare.com>
2013-05-21 18:45:07 -07:00
Piotr Sikora
c3d20f52d0 Style: remove unnecessary references to HTTP from non-HTTP modules.
No functional changes.

Signed-off-by: Piotr Sikora <piotr@cloudflare.com>
2013-05-21 18:43:43 -07:00
Maxim Dounin
890ee444ca SSL: retry "sess_id" and "id" allocations.
In case of fully populated SSL session cache with no memory left for
new allocations, ngx_ssl_new_session() will try to expire the oldest
non-expired session and retry, but only in case when slab allocation
fails for "cached_sess", not when slab allocation fails for either
"sess_id" or "id", which can happen for number of reasons and results
in new session not being cached.

Patch fixes this by adding retry logic to "sess_id" & "id" allocations.

Patch by Piotr Sikora.
2013-02-23 11:54:25 +00:00
Maxim Dounin
2887c06fde SSL: fixed ngx_ssl_handshake() with level-triggered event methods.
Missing calls to ngx_handle_write_event() and ngx_handle_read_event()
resulted in a CPU hog during SSL handshake if an level-triggered event
method (e.g. select) was used.
2013-02-01 14:37:43 +00:00
Valentin Bartenev
733e6d2ac6 SSL: take into account data in the buffer while limiting output.
In some rare cases this can result in a more smooth sending rate.
2013-01-28 15:41:12 +00:00
Valentin Bartenev
0f0fac70a1 SSL: avoid calling SSL_write() with zero data size.
According to documentation, calling SSL_write() with num=0 bytes to be sent
results in undefined behavior.

We don't currently call ngx_ssl_send_chain() with empty chain and buffer.
This check handles the case of a chain with total data size that is
a multiple of NGX_SSL_BUFSIZE, and with the special buffer at the end.

In practice such cases resulted in premature connection close and critical
error "SSL_write() failed (SSL:)" in the error log.
2013-01-28 15:40:25 +00:00
Valentin Bartenev
f98b1d2561 SSL: calculation of buffer size moved closer to its usage.
No functional changes.
2013-01-28 15:38:36 +00:00
Valentin Bartenev
0f62e193dc SSL: preservation of flush flag for buffered data.
Previously, if SSL buffer was not sent we lost information that the data
must be flushed.
2013-01-28 15:37:11 +00:00
Valentin Bartenev
c857dade60 SSL: resetting of flush flag after the data was written.
There is no need to flush next chunk of data if it does not contain a buffer
with the flush or last_buf flags set.
2013-01-28 15:35:12 +00:00
Valentin Bartenev
693ba0179e SSL: removed conditions that always hold true. 2013-01-28 15:34:09 +00:00
Maxim Dounin
041449a3d3 SSL: speedup loading of configs with many ssl servers.
The patch saves one EC_KEY_generate_key() call per server{} block by
informing OpenSSL about SSL_OP_SINGLE_ECDH_USE we are going to use before
the SSL_CTX_set_tmp_ecdh() call.

For a configuration file with 10k simple server{} blocks with SSL enabled
this change reduces startup time from 18s to 5s on a slow test box here.
2013-01-09 14:11:48 +00:00
Maxim Dounin
1a07a7f2de OCSP stapling: log error data in ngx_ssl_error().
It's hard to debug OCSP_basic_verify() failures without the actual error
string it records in the error data field.
2012-10-01 12:50:36 +00:00
Maxim Dounin
74ad4494a6 OCSP stapling: loading OCSP responses.
This includes the ssl_stapling_responder directive (defaults to OCSP
responder set in certificate's AIA extension).

OCSP response for a given certificate is requested once we get at least
one connection with certificate_status extension in ClientHello, and
certificate status won't be sent in the connection in question.  This due
to limitations in the OpenSSL API (certificate status callback is blocking).

Note: SSL_CTX_use_certificate_chain_file() was reimplemented as it doesn't
allow to access the certificate loaded via SSL_CTX.
2012-10-01 12:47:55 +00:00
Maxim Dounin
3648ba7db8 OCSP stapling: ssl_trusted_certificate directive.
The directive allows to specify additional trusted Certificate Authority
certificates to be used during certificate verification.  In contrast to
ssl_client_certificate DNs of these cerificates aren't sent to a client
during handshake.

Trusted certificates are loaded regardless of the fact whether client
certificates verification is enabled as the same certificates will be
used for OCSP stapling, during construction of an OCSP request and for
verification of an OCSP response.

The same applies to a CRL (which is now always loaded).
2012-10-01 12:39:36 +00:00
Maxim Dounin
52b59ebc74 SSL: added version checks for ssl compression workaround.
The SSL_COMP_get_compression_methods() is only available as an API
function in OpenSSL 0.9.8+, require it explicitly to unbreak build
with OpenSSL 0.9.7.
2012-09-27 18:01:06 +00:00
Maxim Dounin
f4f72f9fb5 SSL: fixed compression workaround to remove all methods.
Previous code used sk_SSL_COMP_delete(ssl_comp_methods, i) while iterating
stack from 0 to n, resulting in removal of only even compression methods.

In real life this change is a nop, as there is only one compression method
which is enabled by default in OpenSSL.
2012-09-27 17:59:59 +00:00
Igor Sysoev
992a4d11da Disabled gzip compression in OpenSSL prior to 1.0.0 version.
This saves about 522K per connection.
2012-06-20 12:55:28 +00:00
Valentin Bartenev
2195eb554b Removed mistaken setting of NGX_SSL_BUFFERED flag in ngx_ssl_send_chain()
if SSL buffer is not used.
2012-05-30 12:43:27 +00:00
Valentin Bartenev
0215fcc9b8 Update c->sent in ngx_ssl_send_chain() even if SSL buffer is not used. 2012-05-14 16:30:33 +00:00
Ruslan Ermilov
47a04aaa27 Fixed spelling in multiline C comments. 2012-04-03 07:37:31 +00:00
Maxim Dounin
ee187436af Whitespace fixes. 2012-03-05 18:09:06 +00:00
Ruslan Ermilov
b74f8ffce4 Fixed spelling in single-line comments. 2012-02-28 11:31:05 +00:00
Maxim Dounin
7ca6c1ff78 Fix of rbtree lookup on hash collisions.
Previous code incorrectly assumed that nodes with identical keys are linked
together.  This might not be true after tree rebalance.

Patch by Lanshun Zhou.
2012-02-27 22:15:39 +00:00
Maxim Dounin
90a7a8f5d9 Removed ENGINE_load_builtin_engines() call.
It's already called by OPENSSL_config().  Calling it again causes some
openssl engines (notably GOST) to corrupt memory, as they don't expect
to be created more than once.
2012-01-30 07:38:27 +00:00
Maxim Konovalov
f8d59e33f3 Copyright updated. 2012-01-18 15:07:43 +00:00
Maxim Dounin
4efcbce328 Added support for TLSv1.1, TLSv1.2 in ssl_protocols directive.
Support for TLSv1.1 and TLSv1.2 protocols was introduced in OpenSSL 1.0.1
(-beta1 was recently released).  This change makes it possible to disable
these protocols and/or enable them without other protocols.
2012-01-11 11:15:00 +00:00
Igor Sysoev
a2ffa56106 Silently ignoring a stale global SSL error left after disabled renegotiation. 2011-10-31 14:30:03 +00:00
Igor Sysoev
59695881ce Decrease of log level of some SSL handshake errors. 2011-10-25 15:04:09 +00:00
Igor Sysoev
94b5460c70 Releasing memory of idle SSL connection. This saves about 34K per SSL
connection. The SSL_MODE_RELEASE_BUFFERS option is available since
OpenSSL 1.0.0d.
2011-10-07 12:15:20 +00:00
Igor Sysoev
95084f7e1c Disabling SSL compression. This saves about 300K per SSL connection.
The SSL_OP_NO_COMPRESSION option is available since OpenSSL 1.0.0.
2011-10-07 10:59:02 +00:00
Maxim Dounin
a9e3c65d22 Proper SSL shutdown handling.
If connection has unsent alerts, SSL_shutdown() tries to send them even
if SSL_set_shutdown(SSL_RECEIVED_SHUTDOWN|SSL_SENT_SHUTDOWN) was used.
This can be prevented by SSL_set_quiet_shutdown().  SSL_set_shutdown()
is required nevertheless to preserve session.
2011-09-01 13:49:36 +00:00
Igor Sysoev
dfd81a23b2 A new fix for the case when ssl_session_cache defined, but ssl is not
enabled in any server. The previous r1033 does not help when unused zone
becomes used after reconfiguration, so it is backed out.

The initial thought was to make SSL modules independed from SSL implementation
and to keep OpenSSL code dependance as much as in separate files.
2011-08-04 11:12:30 +00:00
Igor Sysoev
b0b6bcedfc fix SSL connection issues on platforms with 32-bit off_t
patch by Maxim Dounin
2011-07-22 12:53:04 +00:00
Igor Sysoev
a7ed0951e3 fix build by gcc46 with -Wunused-value option
patch by Maxim Dounin
2011-07-22 10:43:50 +00:00
Igor Sysoev
f39642a907 ECDHE support
patch by Adrian Kotelba
2011-07-20 15:42:40 +00:00
Igor Sysoev
e61ba26744 MSIE export versions are rare now, so RSA 512 key is generated on demand
and is shared among all hosts instead of pregenerating for every HTTPS host
on configuraiton phase. This decreases start time for configuration with
large number of HTTPS hosts.
2011-07-20 12:59:24 +00:00
Igor Sysoev
3d86ad3f95 fix building on Fedora 14
patch by Kirill A. Korinskiy
2011-01-20 12:33:17 +00:00
Igor Sysoev
3e3ee60b99 remove SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG becuase of CVE-2010-4180 2010-12-06 11:17:03 +00:00
Igor Sysoev
6b45b065fe decrease SSL handshake error level to info 2010-07-29 09:30:15 +00:00
Igor Sysoev
05b1a8f1e3 ngx_str_set() and ngx_str_null() 2010-05-14 09:56:37 +00:00
Igor Sysoev
502252d43a MSVC8 compatibility with OpenSSL 1.0.0 2010-04-01 15:18:29 +00:00
Igor Sysoev
e71f39932f add OpenSSL_add_all_algorithms(), this fixes the error
"ASN1_item_verify:unknown message digest algorithm" occurred if
client certificate is signed using sha256WithRSAEncryption
2010-03-03 16:23:14 +00:00
Igor Sysoev
416fc7aac7 Set SSL session context for "ssl_session_cache none".
This fixes a bug when client certficate is used and nginx closes connection
with the message: "SSL_GET_PREV_SESSION:session id context uninitialized".
2010-03-02 08:41:47 +00:00
Igor Sysoev
146324618d decrease SSL handshake error level to info 2010-02-19 20:54:58 +00:00
Igor Sysoev
8019121120 decrease SSL handshake error level to info 2009-11-23 14:09:57 +00:00
Igor Sysoev
70bd187c4c disable SSL renegotiation (CVE-2009-3555) 2009-11-11 10:59:07 +00:00
Igor Sysoev
cc65b0879b fix segfault in SSL if limit_rate is used 2009-11-03 15:38:33 +00:00
Igor Sysoev
c81582ea67 fix r3155 2009-09-24 20:09:12 +00:00
Igor Sysoev
ef2662caab fix debug log message 2009-09-24 14:47:10 +00:00
Igor Sysoev
cdaf442a2f $ssl_session_id 2009-09-24 14:45:28 +00:00
Igor Sysoev
365d663cc2 fix memory corruption in $ssl_client_cert 2009-07-27 11:51:12 +00:00
Igor Sysoev
f5ca9df2ab delete ancient define 2009-07-23 12:59:11 +00:00
Igor Sysoev
80c3e8e03b delete OpenSSL pre-0.9.7 compatibility: the sources were not actually
compatible with OpenSSL 0.9.6 since ssl_session_cache introduction
2009-07-23 12:54:20 +00:00
Igor Sysoev
9db0245cda ssl_crl 2009-07-23 12:21:26 +00:00
Igor Sysoev
5b4b7c58cc *) $ssl_client_verify
*) "ssl_verify_client ask" was changed to "ssl_verify_client optional"
2009-07-22 17:41:42 +00:00
Igor Sysoev
260c4321d7 return NULL instead of NGX_CONF_ERROR on a create conf failure 2009-06-02 16:09:44 +00:00
Igor Sysoev
e1c9746e37 use ngx_vslprintf(), ngx_slprintf() 2009-04-27 13:06:20 +00:00
Igor Sysoev
f7a08d5f9a support attaching to an existent Win32 shared memory 2009-04-18 19:27:28 +00:00
Igor Sysoev
c7f876bd4c move zone name from ngx_shm_zone_t to ngx_shm_t to use Win32 shared memory 2009-04-16 19:25:09 +00:00
Igor Sysoev
ee0da9ad53 fix building by MSVC8 2009-04-15 19:28:10 +00:00
Igor Sysoev
a2c8d9a0a8 improve ngx_slab_alloc() error logging 2009-03-27 17:00:42 +00:00
Igor Sysoev
1f4220ee86 small optimization: " == NGX_ERROR" > " != NGX_OK" 2009-02-24 10:42:23 +00:00
Igor Sysoev
be63760fc5 load SSL engine before certificates,
otherwise RSA keys will use built-in RSA methods
2009-02-16 13:37:58 +00:00
Igor Sysoev
c9aae14a7e use "!= NGX_OK" instead of "== NGX_ERROR" 2008-12-09 17:27:48 +00:00
Igor Sysoev
1bf7dc1884 low some SSL handshake errors level 2008-11-18 16:05:00 +00:00
Igor Sysoev
a862c46ffa always use buffer, if connection is buffered,
this fixes OpenSSL "bad write retry" error, when
*) nginx passed a single buf greater than our buffer (say 32K) to OpenSSL,
*) OpenSSL returns SSL_ERROR_WANT_WRITE,
*) after some time nginx has to send a new data,
*) so there are at least two bufs nginx does pass them directly to OpenSSL,
*) but copies the first buf part to buffer, and sends the buffer to OpenSSL.
*) because the data length is lesser than it was in previous SSL_write():
   16K < 32K, OpenSSL returns SSL_R_BAD_WRITE_RETRY.
2008-10-23 05:58:10 +00:00
Igor Sysoev
a408b2ba2d backout both r2162 and r2128 and implement a new fix 2008-08-12 12:04:49 +00:00
Igor Sysoev
2ff9a4b334 SSL connection readiness is required for level-triggered events only,
broken in r2128
2008-08-11 15:25:40 +00:00
Igor Sysoev
ec0b579f75 update connection readiness after SSL handshake,
this fixes mail proxy SSL connection hanging if level-triggered event is used
2008-07-30 06:12:30 +00:00
Igor Sysoev
49ed6f3eec *) ssl_verify_client ask
*) test ssl_client_certificate for ssl_verify_client
*) $ssl_client_cert adds TAB before each line except first one
*) $ssl_client_raw_cert contains certificate as is
2008-07-29 14:29:02 +00:00
Igor Sysoev
da02ddc6fd fix "proxy_pass https://..." broken in r1427 2008-06-20 14:42:54 +00:00
Igor Sysoev
7f6b2ffc60 *) back out r2040
*) refactor ngx_palloc()
*) introduce ngx_pnalloc()
*) additional pool blocks have smaller header
2008-06-17 15:00:30 +00:00
Igor Sysoev
81f9c9dc72 $ssl_client_cert 2008-06-16 05:54:18 +00:00
Igor Sysoev
df83e6f81a DH parameters, ssl_dhparam 2008-06-16 05:51:32 +00:00
Igor Sysoev
d6548faf64 ssl_session_cache none 2008-05-26 07:14:13 +00:00
Igor Sysoev
396abff226 get certificate info only for debug build 2008-04-28 08:52:32 +00:00
Igor Sysoev
58d3821cf0 fix memory leak when ssl_verify_client is on 2008-04-28 08:50:39 +00:00
Igor Sysoev
439e288a1b fix memory leak when ssl_verify_client is on 2008-04-23 18:57:25 +00:00
Igor Sysoev
8da1fa935f low some SSL handshake errors level 2008-03-18 10:35:00 +00:00
Igor Sysoev
472233d0a3 invalidate SSL session if there is no valid client certificate 2008-03-10 14:47:07 +00:00
Igor Sysoev
704e1c1324 low SSL handshake close notify alert error level 2008-02-04 20:46:58 +00:00
Igor Sysoev
b1d4a6cc80 low SSL handshake errors level 2008-02-01 14:05:18 +00:00
Igor Sysoev
c20d3769bc backout r1757, we really need SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER 2008-01-31 15:10:45 +00:00
Igor Sysoev
02d8e8e377 add NGX_ENETDOWN, NGX_ENETUNREACH, and NGX_EHOSTDOWN 2008-01-25 14:57:35 +00:00
Igor Sysoev
c783c35b5f pull all errors 2008-01-25 14:56:37 +00:00
Igor Sysoev
efe0016a11 fix bogus crit log message "SSL_shutdown() failed" introduced in r1755 2008-01-22 16:04:35 +00:00
Igor Sysoev
8b99e3f1ea pull all errors 2008-01-10 08:45:00 +00:00
Igor Sysoev
e965c47113 grammar fix 2008-01-10 08:36:14 +00:00
Igor Sysoev
f25abef8dc fix segfault introduced in r1780 2007-12-27 18:35:52 +00:00
Igor Sysoev
cd2aa8e172 create ssl buffer on demand and free it before keep-alive 2007-12-26 21:07:30 +00:00
Igor Sysoev
6ff850baf8 ssl_session_cache off 2007-12-26 20:27:22 +00:00
Igor Sysoev
01a129d823 use ngx_queue.h 2007-12-20 21:01:00 +00:00
Igor Sysoev
181abe549f embed session_rbtree and sentinel inside ngx_ssl_session_cache_t 2007-12-20 20:35:23 +00:00
Igor Sysoev
0a0024bdb5 omit useless test 2007-12-20 20:30:45 +00:00