Welcome to Centmin Mod Community
Become a Member

Nginx [nginx-announce] nginx-1.15.4

Discussion in 'Nginx and PHP-FPM news & discussions' started by eva2000, Sep 26, 2018.

  1. eva2000

    eva2000 Administrator Staff Member

    50,460
    11,661
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,082
    Local Time:
    9:41 PM
    Nginx 1.25.x
    MariaDB 10.x
    Changes with nginx 1.15.4 25 Sep 2018

    *) Feature: now the "ssl_early_data" directive can be used with OpenSSL.

    *) Bugfix: in the ngx_http_uwsgi_module.
    Thanks to Chris Caputo.

    *) Bugfix: connections with some gRPC backends might not be cached when
    using the "keepalive" directive.

    *) Bugfix: a socket leak might occur when using the "error_page"
    directive to redirect early request processing errors, notably errors
    with code 400.

    *) Bugfix: the "return" directive did not change the response code when
    returning errors if the request was redirected by the "error_page"
    directive.


    *) Bugfix: standard error pages and responses of the
    ngx_http_autoindex_module module used the "bgcolor" attribute, and
    might be displayed incorrectly when using custom color settings in
    browsers.
    Thanks to Nova DasSarma.

    *) Change: the logging level of the "no suitable key share" and "no
    suitable signature algorithm" SSL errors has been lowered from "crit"
    to "info".


    --
    Maxim Dounin
    http://nginx.org/
    _______________________________________________
    nginx-announce mailing list
    nginx-announce@nginx.org
    http://mailman.nginx.org/mailman/listinfo/nginx-announce

    Continue reading...
     
  2. eva2000

    eva2000 Administrator Staff Member

    50,460
    11,661
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,082
    Local Time:
    9:41 PM
    Nginx 1.25.x
    MariaDB 10.x
    Looks good so far with nginx 1.15.4 with TLS 1.3 early data 0-RTT code supported and OpenSSL 1.1.1 TLS 1.3 RFC final + dual RSA 2048bit + ECDSA 256bit SSL certificate support

    Nginx ssl_early_data directive

    The last part about only supported in BoringSSL is only true for Nginx 1.15.3. Nginx 1.15.4 adds ssl_early_data directive support for OpenSSL 1.1.1+ built Nginx web servers.

    nginx config test works with TLS 1.3 0-RTT via ssl_early_data on directive set in nginx vhost instead of warning that ssl_early_data directive not supported when used with Nginx 1.15.4
    Code (Text):
    nginx -t
    nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
    nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
    

    Nginx 1.15.3 config test would report such error
    Code (Text):
    nginx -t
    nginx: [warn] "ssl_early_data" is not supported on this platform, ignored
    nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
    nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
    

    Similar to BoringSSL TLS 1.3 0-RTT Early Data test with Nginx 1.15.4 master branch - notice the line with 'Early data was accepted' :)

    Nginx directives set in Nginx vhost
    Code (Text):
    ssl_early_data on;
    proxy_set_header Early-Data $ssl_early_data;
    

    Test Early Data session resumption (TLS 1.3 0-RTT) via 2 commands
    Code (Text):
    /opt/openssl/bin/openssl s_client -connect domain.com:443 -sess_out session.pem
    

    Code (Text):
    echo -n | /opt/openssl/bin/openssl s_client -connect domain.com:443 -sess_in session.pem -early_data /tmp/https.txt
    

    output from 2nd command
    Code (Text):
    ---
    Server certificate
    -----BEGIN CERTIFICATE-----
    snipped....
    -----END CERTIFICATE-----
    subject=CN = domain.com
    
    issuer=C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
    
    ---
    No client certificate CA names sent
    Server Temp Key: X25519, 253 bits
    ---
    SSL handshake has read 245 bytes and written 805 bytes
    Verification error: unable to get local issuer certificate
    ---
    Reused, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
    Server public key is 256 bit
    Secure Renegotiation IS NOT supported
    Compression: NONE
    Expansion: NONE
    No ALPN negotiated
    Early data was accepted
    Verify return code: 20 (unable to get local issuer certificate)
    ---
    ---
    Post-Handshake New Session Ticket arrived:
    SSL-Session:
        Protocol  : TLSv1.3
        Cipher    : TLS_AES_256_GCM_SHA384
        Session-ID: 7207998AB9AABA8DDD19E3F31E02552EDCB3816BC962EF7CF3438C25DA38065C
        Session-ID-ctx:
        Resumption PSK: 5D273A9DA0D1286681344FC666AFC4045B2E13A0ECC21E38163C1B574EB0DB43900D7F973C9D8E194CD3CED1F62A260D
        PSK identity: None
        PSK identity hint: None
        SRP username: None
        TLS session ticket lifetime hint: 3600 (seconds)
        TLS session ticket:
        0000 - snipped
    
        Start Time: 1537907164
        Timeout   : 7200 (sec)
        Verify return code: 20 (unable to get local issuer certificate)
        Extended master secret: no
        Max Early Data: 16384
    ---
    read R BLOCK
    DONE
    

    Look for the lines in output for
    Code (Text):
    Early data was accepted
    

    and
    Code (Text):
        Max Early Data: 16384
    

    contents of /tmp/https.txt
    Code (Text):
    GET / HTTP/1.1
    Host: domain.com:443
    


    dev.ssllabs.com now supports testing TLS 1.3 RFC final as well SSL Server Test (Powered by Qualys SSL Labs). Just waiting on Chrome 70 and Firefox 63 next month to support TLS 1.3 RFC final now :)

    dev-ssllabs-cmm-nginx-1.15.4-master-openssl-1.1.1-tls13-01.png

    dev-ssllabs-cmm-nginx-1.15.4-master-openssl-1.1.1-tls13-02.png dev-ssllabs-cmm-nginx-1.15.4-master-openssl-1.1.1-tls13-03.png dev-ssllabs-cmm-nginx-1.15.4-master-openssl-1.1.1-tls13-04.png

    Note: right now it can be security risk in enabling TLS 1.3 0-RTT with early data directive due to replay attacks as you'd need logic in your web apps to determine what/when to accept such requests. Nginx recommends having the following set
    Code (Text):
    proxy_set_header Early-Data $ssl_early_data;
    

    Cloudflare's implementation of TLS 1.3 0-RTT has such logic baked in so slightly different.
     
    Last edited: Sep 26, 2018
  3. buik

    buik “The best traveler is one without a camera.”

    1,860
    492
    83
    Apr 29, 2016
    Flanders
    Ratings:
    +1,567
    Local Time:
    1:41 PM
  4. eva2000

    eva2000 Administrator Staff Member

    50,460
    11,661
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,082
    Local Time:
    9:41 PM
    Nginx 1.25.x
    MariaDB 10.x
    did a quick test setting persistent config file /etc/centminmod/custom_config.inc variable that I added for
    Code (Text):
    NGINX_PRIORITIZECHACHA='y'
    

    then ran centmin.sh menu option 4 to recompile Nginx 1.15.4 version via private updated 123.09beta01 code (haven't committed it to public 123.09beta01 branch yet)

    resulting Nginx 1.15.4 build
    build logs
    Code (Text):
    log files saved at /root/centminlogs
    -rw-r--r--  1 root root  1.8K Sep 25 22:10 patch_opensslpatches_250918-221028.log
    -rw-r--r--  1 root root    44 Sep 25 22:11 centminmod_opensslinstalltime_250918-221028.log
    -rw-r--r--  1 root root   641 Sep 25 22:11 patch_patchnginx_250918-221028.log
    -rw-r--r--  1 root root  8.3K Sep 25 22:12 nginx-configure-250918-221028.log
    -rw-r--r--  1 root root   28K Sep 25 22:13 nginx_autoconf.err.250918-221028.log
    -rw-r--r--  1 root root  2.4M Sep 25 22:13 centminmod_123.09beta01.b059_250918-221028_nginx_upgrade.log
    

    patch_patchnginx_*.log log
    Code (Text):
    cat /root/centminlogs/patch_patchnginx_250918-221028.log
    1015004
    1015004
    1015004
    /svr-setup/nginx-1.15.4 /svr-setup/nginx-1.15.4
    patching nginx for prioritizing chacha20 with OpenSSL 1.1.1 https://github.com/kn007/patch/issues/2
    patch -p01 < /usr/local/src/centminmod/patches/nginx-prioritize-chacha20/nginx-1.15.4-reprioritize-chacha-openssl-1.1.1.patch
    patching file src/event/ngx_event_openssl.c
    Hunk #1 succeeded at 350 with fuzz 1 (offset 20 lines).
    
    patching nginx for prioritizing chacha20 with OpenSSL 1.1.1
    /svr-setup/nginx-1.15.4
    1015004
    /usr/local/src/centminmod
    15
    18
    /svr-setup/redis2-nginx-module-0.15/src
    /svr-setup/memc-nginx-module-0.18/src
    1015004
    

    current OpenSSL 1.1.1 patch_opensslpatches log
    Code (Text):
    cat /root/centminlogs/patch_opensslpatches_250918-221028.log
    
    ######################################################################
    Patching OpenSSL 1.1.1
    ######################################################################
    Fix OpenSSL 1.1.1 broken SNI handshake patch
    https://github.com/openssl/openssl/issues/7244
    ######################################################################
    /svr-setup/openssl-1.1.1 /svr-setup/openssl-1.1.1
    patch -p1 < /usr/local/src/centminmod/patches/openssl/OpenSSL-1.1.1-sni-fix-delay-sig-algs.patch
    patching file ssl/statem/statem_srvr.c
    patching file test/sslapitest.c
    patching file test/ssltestlib.c
    patching file test/sslapitest.c
    /svr-setup/openssl-1.1.1
    
    
    ######################################################################
    Patching OpenSSL 1.1.1
    ######################################################################
    Reset TLS 1.3 ciphers in SSL_CTX_set_ssl_version() patch
    https://github.com/openssl/openssl/issues/7226
    ######################################################################
    /svr-setup/openssl-1.1.1 /svr-setup/openssl-1.1.1
    patch -p1 < /usr/local/src/centminmod/patches/openssl/OpenSSL-1.1.1-reset-tls1.3-ciphers-SSL_CTX_set_ssl_version.patch
    patching file ssl/ssl_lib.c
    /svr-setup/openssl-1.1.1
    
    
    ######################################################################
    Patching OpenSSL 1.1.1
    ######################################################################
    Fix the max psk len for TLSv1.3 patch
    https://github.com/openssl/openssl/issues/7261
    ######################################################################
    /svr-setup/openssl-1.1.1 /svr-setup/openssl-1.1.1
    patch -p1 < /usr/local/src/centminmod/patches/openssl/OpenSSL-1.1.1-tls13-fix-max-psk-len.patch
    patching file ssl/ssl_locl.h
    /svr-setup/openssl-1.1.1
    

    Not seeing any change in ChaCha20 priority for Android 7 though depends on the client device preferences

    this is on dev.ssllabs.com

    dev-ssllabs-cmm-nginx-1.15.4-master-openssl-1.1.1-tls13-chacha20-patch-01.png dev-ssllabs-cmm-nginx-1.15.4-master-openssl-1.1.1-tls13-chacha20-patch-02.png
     
  5. buik

    buik “The best traveler is one without a camera.”

    1,860
    492
    83
    Apr 29, 2016
    Flanders
    Ratings:
    +1,567
    Local Time:
    1:41 PM
    Indeed. Seems to be not working, after analyzing your test results.
    Perhaps a patch with Bassie's Openssl 1.1.1 pre backport bits is useful.

    I have to check if I continue with BoringSSL.
    As our favorite developer;) left a project un-maintained again.
    I consider returning to OpenSSL with patches.

    Because Nginx Bazel (compiled with BoringSSL) is quite useless now.
     
  6. eva2000

    eva2000 Administrator Staff Member

    50,460
    11,661
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,082
    Local Time:
    9:41 PM
    Nginx 1.25.x
    MariaDB 10.x
    But it is really not working ? as
    Suggests ChaCha20-Poly1305 cipher needs to be at the top of the client's cipher list. Is it always on top in Android 7 ? The assumption for ssllabs client tests is we are looking for ChaCha20 cipher for Android 7. But could some Android 7 devices not have it at top of their client cipher list ?
     
  7. buik

    buik “The best traveler is one without a camera.”

    1,860
    492
    83
    Apr 29, 2016
    Flanders
    Ratings:
    +1,567
    Local Time:
    1:41 PM
    Yup. Android x86 devices for example.
    Android 7 ARM does have chacha as top cipher.

    Pre-Android 7 is old-chacha or draft-chacha as top cipher if available.
    But we all know that old-chacha has been phased out.

    Consider that with SSLtest, Android is tested with the Android vanilla browser and not Chrome. And that the top-client cipher list partially depends on what the server supports / allows.
     
  8. eva2000

    eva2000 Administrator Staff Member

    50,460
    11,661
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,082
    Local Time:
    9:41 PM
    Nginx 1.25.x
    MariaDB 10.x
    Indeed this is the ssllabs Android 7 client profile Qualys SSL Labs - Projects / User Agent Capabilities: Android 7.0

    looks like Chacha20 new cipher is at top of client preferred list so yup that prioritize chacha20 patch isn't working as dev.ssllabs.com Android 7 client should report connecting via chacha20 cipher instead of AES128 GCM SHA256

    ssllabs-dev-android7-client.png
     
  9. eva2000

    eva2000 Administrator Staff Member

    50,460
    11,661
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,082
    Local Time:
    9:41 PM
    Nginx 1.25.x
    MariaDB 10.x
    FYI, folks enabling the Nginx Dynamic TLS patch when persistent config file /etc/centminmod/custom_config.inc is set with NGINX_DYNAMICTLS='y' may run into incompatibility compile error from nginx patch log after failed centmin.sh menu option 4 nginx recompile
    Code (Text):
    cat /root/centminlogs/patch_patchnginx_260918-001948.log
    
    ######################################################################
    Patching Nginx for Dynamic TLS Size Support
    ######################################################################
    Cloudflare Nginx Dynamic TLS patch
    https://github.com/cloudflare/sslconfig/raw/master/patches/nginx__dynamic_tls_records.patch
    ######################################################################
    patch -p1 < /usr/local/src/centminmod/patches/cloudflare/nginx__dynamic_tls_records_1011005.patch
    patching file src/event/ngx_event_openssl.c
    Hunk #1 succeeded at 1267 (offset 136 lines).
    Hunk #2 succeeded at 2116 (offset 446 lines).
    Hunk #3 succeeded at 2258 (offset 452 lines).
    patching file src/event/ngx_event_openssl.h
    Hunk #1 succeeded at 64 with fuzz 1 (offset 10 lines).
    Hunk #2 FAILED at 89.
    Hunk #3 succeeded at 116 (offset 18 lines).
    1 out of 3 hunks FAILED -- saving rejects to file src/event/ngx_event_openssl.h.rej
    patching file src/http/modules/ngx_http_ssl_module.c
    Hunk #1 succeeded at 246 with fuzz 1 (offset 13 lines).
    Hunk #2 succeeded at 611 (offset 43 lines).
    Hunk #3 succeeded at 683 (offset 45 lines).
    Hunk #4 succeeded at 881 with fuzz 1 (offset 49 lines).
    patching file src/http/modules/ngx_http_ssl_module.h
    Hunk #1 succeeded at 58 (offset 1 line).
    1015004
    1015004
    1015004
    /usr/local/src/centminmod
    15
    18
    /svr-setup/redis2-nginx-module-0.15/src
    /svr-setup/memc-nginx-module-0.18/src
    1015004
    

    I've just updated Centmin Mod 123.09beta01 to disable Nginx dynamic TLS patch when Nginx 1.15.4 is detected until I can add an updated Nginx dynamic TLS patch.

    So best practice is to update centmin mod code via = cmupdate command before running centmin.sh menu option 4 (which is what i do always)
    Code (Text):
    cmupdate
    cmdir
    ./centmin.sh
    


    edit: updated Centmin Mod 123.09beta01 just now with Nginx dynamic TLS patch for Nginx 1.15.4 located at Refresh nginx__dynamic_tls_records.patch for nginx 1.15.4 by leonklingele · Pull Request #100 · cloudflare/sslconfig
    Code (Text):
    cat /root/centminlogs/patch_patchnginx_260918-005125.log
                                                                     
    ######################################################################
    Patching Nginx for Dynamic TLS Size Support
    ######################################################################
    Cloudflare Nginx Dynamic TLS patch
    https://github.com/cloudflare/sslconfig/raw/master/patches/nginx__dynamic_tls_records.patch
    ######################################################################
    patch -p1 < /usr/local/src/centminmod/patches/cloudflare/nginx__dynamic_tls_records_1015004.patch
    patching file src/event/ngx_event_openssl.c
    patching file src/event/ngx_event_openssl.h
    patching file src/http/modules/ngx_http_ssl_module.c
    patching file src/http/modules/ngx_http_ssl_module.h
    1015004
    1015004
    1015004
    /usr/local/src/centminmod
    15
    18
    /svr-setup/redis2-nginx-module-0.15/src
    /svr-setup/memc-nginx-module-0.18/src
    1015004
    
     
    Last edited: Sep 26, 2018
  10. buik

    buik “The best traveler is one without a camera.”

    1,860
    492
    83
    Apr 29, 2016
    Flanders
    Ratings:
    +1,567
    Local Time:
    1:41 PM
    Hmm as written before Nginx Bazel seems to be a dead end.
    As BoringSSL is kind of a rolling release, it takes to many time to maintain Nginx with BoringSSL. Given the fact that the Bazel benefits fall away and patches need to be rewritten time over time as rolling release code.

    I am considering a return to Nginx 1.15.4 with OpenSSL 1.1.1.
    OpenSUSE build service seems to be nice to build one and another without maintaining own build systems and therefore save time. EL linux is supported by OpenSUSE build service.
     
  11. eva2000

    eva2000 Administrator Staff Member

    50,460
    11,661
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,082
    Local Time:
    9:41 PM
    Nginx 1.25.x
    MariaDB 10.x
  12. buik

    buik “The best traveler is one without a camera.”

    1,860
    492
    83
    Apr 29, 2016
    Flanders
    Ratings:
    +1,567
    Local Time:
    1:41 PM
    Nope. It's Nginx maintained by Google developers which has not been updated in any time. As it is maintained by Google developers it used Bazel by Google.
    Thats it.
     
  13. eva2000

    eva2000 Administrator Staff Member

    50,460
    11,661
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,082
    Local Time:
    9:41 PM
    Nginx 1.25.x
    MariaDB 10.x
  14. buik

    buik “The best traveler is one without a camera.”

    1,860
    492
    83
    Apr 29, 2016
    Flanders
    Ratings:
    +1,567
    Local Time:
    1:41 PM
  15. JJC84

    JJC84 Ad astra per aspera

    247
    109
    43
    Jan 31, 2018
    San Antonio, Texas
    Ratings:
    +169
    Local Time:
    6:41 AM
    1.15.x
    10.x.x
    Up and running!
     
  16. rdan

    rdan Well-Known Member

    5,419
    1,386
    113
    May 25, 2014
    Ratings:
    +2,167
    Local Time:
    7:41 PM
    Mainline
    10.2
    Code:
    ssl_early_data on;
    proxy_set_header Early-Data $ssl_early_data;
    On every domain SSL/443 vhost?
     
  17. eva2000

    eva2000 Administrator Staff Member

    50,460
    11,661
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,082
    Local Time:
    9:41 PM
    Nginx 1.25.x
    MariaDB 10.x
    can be at server context level or http context level Module ngx_http_ssl_module

    but i wouldn't enable early data for live/production sites until you fully understand the 0-RTT replay attack and mitigation steps
     
  18. rdan

    rdan Well-Known Member

    5,419
    1,386
    113
    May 25, 2014
    Ratings:
    +2,167
    Local Time:
    7:41 PM
    Mainline
    10.2
    Upgrading from 1.15.3 to 1.15.4 cause a downtime for my Site.
    (Reason: Socket timeout, unable to connect to server)
    Only resolve itself after upgrade was done and it takes 200 seconds :/.
     
  19. rdan

    rdan Well-Known Member

    5,419
    1,386
    113
    May 25, 2014
    Ratings:
    +2,167
    Local Time:
    7:41 PM
    Mainline
    10.2
    I'll put it under HTTP block then :).
     
  20. eva2000

    eva2000 Administrator Staff Member

    50,460
    11,661
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,082
    Local Time:
    9:41 PM
    Nginx 1.25.x
    MariaDB 10.x
    1st time this happened or happens each time you upgrade nginx ? nginx usually isn't stopped/restarted until end of upgrade routine