Commit Graph

610 Commits

Author SHA1 Message Date
Maxim Dounin
3ebbb7d521 OCSP stapling: OCSP_basic_verify() OCSP_TRUSTOTHER flag now used.
This is expected to simplify configuration in a common case when OCSP
response is signed by a certificate already present in ssl_certificate
chain.  This case won't need any extra trusted certificates.
2012-10-01 12:51:27 +00:00
Maxim Dounin
1a07a7f2de OCSP stapling: log error data in ngx_ssl_error().
It's hard to debug OCSP_basic_verify() failures without the actual error
string it records in the error data field.
2012-10-01 12:50:36 +00:00
Maxim Dounin
872563a64d OCSP stapling: check Content-Type.
This will result in better error message in case of incorrect response
from OCSP responder:

... OCSP responder sent invalid "Content-Type" header: "text/plain"
    while requesting certificate status, responder: ...

vs.

... d2i_OCSP_RESPONSE() failed (SSL:
    error:0D07209B:asn1 encoding routines:ASN1_get_object:too long
    error:0D068066:asn1 encoding routines:ASN1_CHECK_TLEN:bad object header
    error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error)
    while requesting certificate status, responder: ...
2012-10-01 12:48:54 +00:00
Maxim Dounin
74ad4494a6 OCSP stapling: loading OCSP responses.
This includes the ssl_stapling_responder directive (defaults to OCSP
responder set in certificate's AIA extension).

OCSP response for a given certificate is requested once we get at least
one connection with certificate_status extension in ClientHello, and
certificate status won't be sent in the connection in question.  This due
to limitations in the OpenSSL API (certificate status callback is blocking).

Note: SSL_CTX_use_certificate_chain_file() was reimplemented as it doesn't
allow to access the certificate loaded via SSL_CTX.
2012-10-01 12:47:55 +00:00
Maxim Dounin
f7ec295fb4 OCSP stapling: the ngx_event_openssl_stapling.c file.
Missed in previous commit.
2012-10-01 12:42:43 +00:00
Maxim Dounin
85c920a0cd OCSP stapling: ssl_stapling_file support.
Very basic version without any OCSP responder query code, assuming valid
DER-encoded OCSP response is present in a ssl_stapling_file configured.

Such file might be produced with openssl like this:

openssl ocsp -issuer root.crt -cert domain.crt -respout domain.staple \
             -url http://ocsp.example.com
2012-10-01 12:41:08 +00:00
Maxim Dounin
3648ba7db8 OCSP stapling: ssl_trusted_certificate directive.
The directive allows to specify additional trusted Certificate Authority
certificates to be used during certificate verification.  In contrast to
ssl_client_certificate DNs of these cerificates aren't sent to a client
during handshake.

Trusted certificates are loaded regardless of the fact whether client
certificates verification is enabled as the same certificates will be
used for OCSP stapling, during construction of an OCSP request and for
verification of an OCSP response.

The same applies to a CRL (which is now always loaded).
2012-10-01 12:39:36 +00:00
Maxim Dounin
52b59ebc74 SSL: added version checks for ssl compression workaround.
The SSL_COMP_get_compression_methods() is only available as an API
function in OpenSSL 0.9.8+, require it explicitly to unbreak build
with OpenSSL 0.9.7.
2012-09-27 18:01:06 +00:00
Maxim Dounin
f4f72f9fb5 SSL: fixed compression workaround to remove all methods.
Previous code used sk_SSL_COMP_delete(ssl_comp_methods, i) while iterating
stack from 0 to n, resulting in removal of only even compression methods.

In real life this change is a nop, as there is only one compression method
which is enabled by default in OpenSSL.
2012-09-27 17:59:59 +00:00
Andrey Belov
2af80d5fab Explicitly ignore returned value from close() in ngx_event_core_init_conf().
We don't have strong reason to inform about any errors
reported by close() call here, and there are no other things
to do with its return value.

Prodded by Coverity.
2012-08-07 13:57:04 +00:00
Ruslan Ermilov
cfe194ef59 When "debug_connection" is configured with a domain name, only the first
resolved address was used.  Now all addresses will be used.
2012-07-24 17:40:06 +00:00
Ruslan Ermilov
1efcca36cc Fixed compilation with -Wmissing-prototypes. 2012-07-24 15:09:54 +00:00
Igor Sysoev
992a4d11da Disabled gzip compression in OpenSSL prior to 1.0.0 version.
This saves about 522K per connection.
2012-06-20 12:55:28 +00:00
Valentin Bartenev
2195eb554b Removed mistaken setting of NGX_SSL_BUFFERED flag in ngx_ssl_send_chain()
if SSL buffer is not used.
2012-05-30 12:43:27 +00:00
Valentin Bartenev
0215fcc9b8 Update c->sent in ngx_ssl_send_chain() even if SSL buffer is not used. 2012-05-14 16:30:33 +00:00
Maxim Dounin
0e3b423dc6 Accept moderation in case of EMFILE/ENFILE.
In case of EMFILE/ENFILE returned from accept() we disable accept events,
and (in case of no accept mutex used) arm timer to re-enable them later.
With accept mutex we just drop it, and rely on normal accept mutex handling
to re-enable accept events once it's acquired again.

As we now handle errors in question, logging level was changed to "crit"
(instead of "alert" used for unknown errors).

Note: the code might call ngx_enable_accept_events() multiple times if
there are many listen sockets.  The ngx_enable_accept_events() function was
modified to check if connection is already active (via c->read->active) and
skip it then, thus making multiple calls safe.
2012-05-11 13:33:06 +00:00
Ruslan Ermilov
700364f62d debug_connection: added the IPv6 and UNIX-domain socket support. 2012-04-29 22:02:18 +00:00
Maxim Dounin
a73ce28e0a Fixed master exit if there is no events section (ticket #150).
Instead of checking if there is events{} section present in configuration
in init_module handler we now do the same in init_conf handler.  This
allows master process to detect incorrect configuration early and
reject it.
2012-04-18 14:47:10 +00:00
Ruslan Ermilov
43d2b1c045 Fixed grammar in error messages. 2012-04-12 19:35:41 +00:00
Maxim Dounin
baa239c487 Fixed signed integer overflows in timer code (ticket #145).
Integer overflow is undefined behaviour in C and this indeed caused
problems on Solaris/SPARC (at least in some cases).  Fix is to
subtract unsigned integers instead, and then cast result to a signed
one, which is implementation-defined behaviour and used to work.

Strictly speaking, we should compare (unsigned) result with the maximum
value of the corresponding signed integer type instead, this will be
defined behaviour.  This will require much more changes though, and
considered to be overkill for now.
2012-04-06 23:46:09 +00:00
Ruslan Ermilov
47a04aaa27 Fixed spelling in multiline C comments. 2012-04-03 07:37:31 +00:00
Maxim Dounin
ee187436af Whitespace fixes. 2012-03-05 18:09:06 +00:00
Ruslan Ermilov
b74f8ffce4 Fixed spelling in single-line comments. 2012-02-28 11:31:05 +00:00
Maxim Dounin
7ca6c1ff78 Fix of rbtree lookup on hash collisions.
Previous code incorrectly assumed that nodes with identical keys are linked
together.  This might not be true after tree rebalance.

Patch by Lanshun Zhou.
2012-02-27 22:15:39 +00:00
Maxim Dounin
b5d0d7a232 Event pipe: fixed buffer loss in p->length case.
With previous code raw buffer might be lost if p->input_filter() was called
on a buffer without any data and used ngx_event_pipe_add_free_buf() to
return it to the free list.  This eventually might cause "all buffers busy"
problem, resulting in segmentation fault due to null pointer dereference in
ngx_event_pipe_write_chain_to_temp_file().

In ngx_event_pipe_add_free_buf() the buffer was added to the list start
due to pos == last, and then "p->free_raw_bufs = cl->next" in
ngx_event_pipe_read_upstream() dropped both chain links to the buffer
from the p->free_raw_bufs list.

Fix is to move "p->free_raw_bufs = cl->next" before calling the
p->input_filter().
2012-02-22 11:28:53 +00:00
Maxim Dounin
4a23bc5705 Fixed error handling in ngx_event_connect_peer().
Previously if ngx_add_event() failed a connection was freed two times (once
in the ngx_event_connect_peer(), and again by a caller) as pc->connection was
left set.  Fix is to always use ngx_close_connection() to close connection
properly and set pc->connection to NULL on errors.

Patch by Piotr Sikora.
2012-01-30 11:12:52 +00:00
Maxim Dounin
90a7a8f5d9 Removed ENGINE_load_builtin_engines() call.
It's already called by OPENSSL_config().  Calling it again causes some
openssl engines (notably GOST) to corrupt memory, as they don't expect
to be created more than once.
2012-01-30 07:38:27 +00:00
Maxim Konovalov
f8d59e33f3 Copyright updated. 2012-01-18 15:07:43 +00:00
Maxim Dounin
4efcbce328 Added support for TLSv1.1, TLSv1.2 in ssl_protocols directive.
Support for TLSv1.1 and TLSv1.2 protocols was introduced in OpenSSL 1.0.1
(-beta1 was recently released).  This change makes it possible to disable
these protocols and/or enable them without other protocols.
2012-01-11 11:15:00 +00:00
Maxim Dounin
c09d65b179 Fixed AIO on Linux, broken in r4306.
Events from eventfd do not have c->write set, and the stale event
check added in r4306 causes null pointer dereference.
2011-11-29 17:27:13 +00:00
Maxim Dounin
91ecc8f43c Added shmtx interface to forcibly unlock mutexes.
It is currently used from master process on abnormal worker termination to
unlock accept mutex (unlocking of accept mutex was broken in 1.0.2).  It is
expected to be used in the future to unlock other mutexes as well.

Shared mutex code was rewritten to make this possible in a safe way, i.e.
with a check if lock was actually held by the exited process.  We again use
pid to lock mutex, and use separate atomic variable for a count of processes
waiting in sem_wait().
2011-11-23 13:55:38 +00:00
Maxim Dounin
7f59728d5b Protection from stale write events in epoll.
Stale write event may happen if epoll_wait() reported both read and write
events, and processing of the read event closed descriptor.

Patch by Yichun Zhang (agentzh).
2011-11-22 17:02:21 +00:00
Igor Sysoev
a2ffa56106 Silently ignoring a stale global SSL error left after disabled renegotiation. 2011-10-31 14:30:03 +00:00
Maxim Dounin
0d59500343 Event pipe: reduced number of file buffers used.
If possible we now just extend already present file buffer in p->out chain
instead of keeping ngx_buf_t for each buffer we've flushed to disk.  This
saves about 120 bytes of memory per buffer flushed to disk, and resolves
high CPU usage observed in edge cases (due to coalescing these buffers on
send).
2011-10-31 09:54:55 +00:00
Maxim Dounin
59205ce109 Event pipe: fixes for complex protocols.
1. In ngx_event_pipe_write_chain_to_temp_file() make sure to fully write
   all shadow buffers up to last_shadow.  With this change recycled buffers
   cannot appear in p->out anymore.  This also fixes segmentation faults
   observed due to ngx_event_pipe_write_chain_to_temp() not freeing any
   raw buffers while still returning NGX_OK.

2. In ngx_event_pipe_write_to_downstream() we now properly check for busy
   size as a size of buffers, not a size of data in these buffers.  This
   fixes situations where all available buffers became busy (including
   segmentation faults due to this).

3. The ngx_event_pipe_free_shadow_raw_buf() function is dropped.  It's
   incorrect and not needed.
2011-10-31 09:53:16 +00:00
Igor Sysoev
59695881ce Decrease of log level of some SSL handshake errors. 2011-10-25 15:04:09 +00:00
Igor Sysoev
94b5460c70 Releasing memory of idle SSL connection. This saves about 34K per SSL
connection. The SSL_MODE_RELEASE_BUFFERS option is available since
OpenSSL 1.0.0d.
2011-10-07 12:15:20 +00:00
Igor Sysoev
95084f7e1c Disabling SSL compression. This saves about 300K per SSL connection.
The SSL_OP_NO_COMPRESSION option is available since OpenSSL 1.0.0.
2011-10-07 10:59:02 +00:00
Maxim Dounin
265e51aa0b Fixed loss of chain links in ngx_event_pipe_read_upstream(). 2011-09-20 09:56:35 +00:00
Maxim Dounin
e4dab80e80 Fix of cpu hog in event pipe.
If client closed connection in ngx_event_pipe_write_to_downstream(), buffers
in the "out" chain were lost.  This caused cpu hog if all available buffers
were in the "out" chain.  Fix is to call ngx_chain_update_chains() before
checking return code of output filter to avoid loosing buffers in the "out"
chain.

Note that this situation (all available buffers in the "out" chain) isn't
normal, it should be prevented by busy buffers limit.  Though right now it
may happen with complex protocols like fastcgi.  This should be addressed
separately.
2011-09-20 09:55:27 +00:00
Igor Sysoev
c8df23cb29 The "worker_aio_requests" directive.
The default value is 32 AIO simultaneous requests per worker. Previously
they were hardcoded to 1024, and it was too large, since Linux allocated
them early on io_setup(), but not on request itself. So with default value
of /proc/sys/fs/aio-max-nr equal to 65536 only 64 worker processes could
be run simultaneously. 32 AIO requests are enough for modern disks even if
server runs only 1 worker.
2011-09-20 07:30:09 +00:00
Ruslan Ermilov
a823c550e4 Replaced "can not" with "cannot" and "could not" in a bunch of places.
Fixed nearby grammar errors.
2011-09-19 14:48:29 +00:00
Igor Sysoev
aa997c0289 Fixing Linux AIO initiatialization: AIO operations are disabled if kernel
does not support them.  Previously worker just exited.
2011-09-16 13:41:52 +00:00
Igor Sysoev
4134b48b68 Fixing Linux AIO syscalls return value handling:
syscall(2) uses usual libc convention, it returns -1 on error and
sets errno. Obsolete _syscall(2) returns negative value of error.

Thanks to Hagai Avrahami.
2011-09-16 12:43:16 +00:00
Maxim Dounin
a746bab7c1 Upstream: pipe length and input_filter_init in buffered mode.
As long as ngx_event_pipe() has more data read from upstream than specified
in p->length it's passed to input filter even if buffer isn't yet full.  This
allows to process data with known length without relying on connection close
to signal data end.

By default p->length is set to -1 in upstream module, i.e. end of data is
indicated by connection close.  To set it from per-protocol handlers upstream
input_filter_init() now called in buffered mode (as well as in
unbuffered mode).
2011-09-15 19:00:47 +00:00
Maxim Dounin
d7c2673d3f API change: ngx_chain_update_chains() now requires pool.
The ngx_chain_update_chains() needs pool to free chain links used for buffers
with non-matching tags.  Providing one helps to reduce memory consumption
for long-lived requests.
2011-09-15 16:03:17 +00:00
Maxim Dounin
82854d0d78 Proper setting of read->eof in pipe code.
Setting read->eof to 0 seems to be just a typo.  It appeared in
nginx-0.0.1-2003-10-28-18:45:41 import (r164), while identical code in
ngx_recv.c introduced in the same import do actually set read->eof to 1.

Failure to set read->eof to 1 results in EOF not being generally detectable
from connection flags.  On the other hand, kqueue won't report any read
events on such a connection since we use EV_CLEAR.  This resulted in read
timeouts if such connection was cached and used for another request.
2011-09-01 15:10:41 +00:00
Maxim Dounin
a9e3c65d22 Proper SSL shutdown handling.
If connection has unsent alerts, SSL_shutdown() tries to send them even
if SSL_set_shutdown(SSL_RECEIVED_SHUTDOWN|SSL_SENT_SHUTDOWN) was used.
This can be prevented by SSL_set_quiet_shutdown().  SSL_set_shutdown()
is required nevertheless to preserve session.
2011-09-01 13:49:36 +00:00
Igor Sysoev
dfd81a23b2 A new fix for the case when ssl_session_cache defined, but ssl is not
enabled in any server. The previous r1033 does not help when unused zone
becomes used after reconfiguration, so it is backed out.

The initial thought was to make SSL modules independed from SSL implementation
and to keep OpenSSL code dependance as much as in separate files.
2011-08-04 11:12:30 +00:00
Igor Sysoev
b0b6bcedfc fix SSL connection issues on platforms with 32-bit off_t
patch by Maxim Dounin
2011-07-22 12:53:04 +00:00
Igor Sysoev
a7ed0951e3 fix build by gcc46 with -Wunused-value option
patch by Maxim Dounin
2011-07-22 10:43:50 +00:00
Igor Sysoev
f39642a907 ECDHE support
patch by Adrian Kotelba
2011-07-20 15:42:40 +00:00
Igor Sysoev
e61ba26744 MSIE export versions are rare now, so RSA 512 key is generated on demand
and is shared among all hosts instead of pregenerating for every HTTPS host
on configuraiton phase. This decreases start time for configuration with
large number of HTTPS hosts.
2011-07-20 12:59:24 +00:00
Igor Sysoev
e2c8ad7122 use POSIX semaphores in shmtx instead of sched_yield()
number of spinlock spins are increased twice
2011-05-10 11:39:13 +00:00
Igor Sysoev
efde3eb92e fix building by gcc 4.6 without --with-debug 2011-04-23 17:25:06 +00:00
Igor Sysoev
3d86ad3f95 fix building on Fedora 14
patch by Kirill A. Korinskiy
2011-01-20 12:33:17 +00:00
Igor Sysoev
3e3ee60b99 remove SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG becuase of CVE-2010-4180 2010-12-06 11:17:03 +00:00
Igor Sysoev
0c39c27412 fix building by msvc8 introduced by the previous commit 2010-12-02 14:20:51 +00:00
Igor Sysoev
a07d6ec39f fallback to accept() if accept4() is not implemented,
the issue has been introduced in r3787
2010-12-02 10:05:41 +00:00
Igor Sysoev
40747ad861 Linux accept4() support 2010-11-25 10:15:04 +00:00
Igor Sysoev
6b45b065fe decrease SSL handshake error level to info 2010-07-29 09:30:15 +00:00
Igor Sysoev
05b1a8f1e3 ngx_str_set() and ngx_str_null() 2010-05-14 09:56:37 +00:00
Igor Sysoev
502252d43a MSVC8 compatibility with OpenSSL 1.0.0 2010-04-01 15:18:29 +00:00
Igor Sysoev
6d45d8a50d *) introduce ngx_time_sigsafe_update() to update the error log time only
*) change ngx_time_update() interface
2010-03-25 09:10:10 +00:00
Igor Sysoev
2f916a9721 *) use previously cached GMT offset value to update time from a signal handler
*) change ngx_time_update() interface since there are no notification methods
   those return time
2010-03-13 18:08:07 +00:00
Igor Sysoev
b80f68aeda do not update time in the timer signal handler,
since localtime_r() is not Async-Signal-Safe function
2010-03-12 14:31:47 +00:00
Igor Sysoev
e71f39932f add OpenSSL_add_all_algorithms(), this fixes the error
"ASN1_item_verify:unknown message digest algorithm" occurred if
client certificate is signed using sha256WithRSAEncryption
2010-03-03 16:23:14 +00:00
Igor Sysoev
416fc7aac7 Set SSL session context for "ssl_session_cache none".
This fixes a bug when client certficate is used and nginx closes connection
with the message: "SSL_GET_PREV_SESSION:session id context uninitialized".
2010-03-02 08:41:47 +00:00
Igor Sysoev
146324618d decrease SSL handshake error level to info 2010-02-19 20:54:58 +00:00
Igor Sysoev
d5624689cb update comments 2009-11-25 18:03:59 +00:00
Igor Sysoev
72db760eca add NGX_PROCESS_HELPER process status 2009-11-23 15:46:21 +00:00
Igor Sysoev
8019121120 decrease SSL handshake error level to info 2009-11-23 14:09:57 +00:00
Igor Sysoev
70bd187c4c disable SSL renegotiation (CVE-2009-3555) 2009-11-11 10:59:07 +00:00
Igor Sysoev
cc65b0879b fix segfault in SSL if limit_rate is used 2009-11-03 15:38:33 +00:00
Igor Sysoev
72e928755b proxy_bind, fastcgi_bind, and memcached_bind 2009-11-02 15:24:02 +00:00
Igor Sysoev
19811dbdde style fix 2009-11-02 12:41:56 +00:00
Igor Sysoev
61490aa6b6 delete unused field c->local_socklen 2009-11-01 19:29:49 +00:00
Igor Sysoev
baf8e409ba http listen unix domain sockets 2009-10-26 11:43:32 +00:00
Igor Sysoev
c81582ea67 fix r3155 2009-09-24 20:09:12 +00:00
Igor Sysoev
ef2662caab fix debug log message 2009-09-24 14:47:10 +00:00
Igor Sysoev
cdaf442a2f $ssl_session_id 2009-09-24 14:45:28 +00:00
Igor Sysoev
bfff03406d aio sendfile 2009-08-30 09:52:39 +00:00
Igor Sysoev
a962506498 FreeBSD and Linux AIO support 2009-08-28 08:12:35 +00:00
Igor Sysoev
5297d456d8 axe r->connection->destroyed testing 2009-08-26 16:14:57 +00:00
Igor Sysoev
b71610eb09 *) move small declarations in appropriate places and delete the surplus
header files
*) delete insignificant comments
2009-08-25 09:09:13 +00:00
Igor Sysoev
8e7e69e351 style fix 2009-08-25 09:06:21 +00:00
Igor Sysoev
3a58935936 *) share temporary number between workers
*) randomize collision offset
2009-08-21 09:06:35 +00:00
Igor Sysoev
365d663cc2 fix memory corruption in $ssl_client_cert 2009-07-27 11:51:12 +00:00
Igor Sysoev
f5ca9df2ab delete ancient define 2009-07-23 12:59:11 +00:00
Igor Sysoev
80c3e8e03b delete OpenSSL pre-0.9.7 compatibility: the sources were not actually
compatible with OpenSSL 0.9.6 since ssl_session_cache introduction
2009-07-23 12:54:20 +00:00
Igor Sysoev
9db0245cda ssl_crl 2009-07-23 12:21:26 +00:00
Igor Sysoev
5b4b7c58cc *) $ssl_client_verify
*) "ssl_verify_client ask" was changed to "ssl_verify_client optional"
2009-07-22 17:41:42 +00:00
Igor Sysoev
a5fe5881c6 ignore ngx_atomic_fetch_add() result
this fixes building at least by gcc 4.2.1 on Mac OS X 10.6
2009-06-18 13:14:51 +00:00
Igor Sysoev
260c4321d7 return NULL instead of NGX_CONF_ERROR on a create conf failure 2009-06-02 16:09:44 +00:00
Igor Sysoev
731e6a9b11 style fix 2009-05-14 16:24:39 +00:00
Igor Sysoev
6ce6fcd12d divide select module into two modules: Unix and Win32 ones 2009-05-06 14:53:54 +00:00
Igor Sysoev
44063a76f4 make code clearer 2009-05-06 08:54:54 +00:00
Igor Sysoev
57ca2c8013 test event type to prevent errors 2009-05-06 08:53:13 +00:00
Igor Sysoev
63d0bea178 do not free buffer with cache header before it would be written,
it seems this affected header only FastCGI responses only:
proxied header only responses were cached right
2009-05-04 19:04:00 +00:00
Igor Sysoev
b1e640a385 try to repair the case "select ready != events" 2009-04-29 18:56:47 +00:00