Welcome to Centmin Mod Community
Become a Member

Nginx Nginx - No longer needed workaround for BoringSSL

Discussion in 'Nginx and PHP-FPM news & discussions' started by buik, Aug 23, 2016.

  1. eva2000

    eva2000 Administrator Staff Member

    54,106
    12,179
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,738
    Local Time:
    1:53 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Guess i should read the nginx master commits more closely http://hg.nginx.org/nginx/rev/ba971deb4b44 new directive = ssl_early_data on


     
  2. buik

    buik “The best traveler is one without a camera.”

    2,026
    524
    113
    Apr 29, 2016
    Flanders
    Ratings:
    +1,674
    Local Time:
    4:53 PM
  3. eva2000

    eva2000 Administrator Staff Member

    54,106
    12,179
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,738
    Local Time:
    1:53 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Ok so with Centmin Mod Nginx 1.15.3 + BoringSSL with TLS 1.3 0-RTT early data enabled via = ssl_early_data on directive testing early data resumption (0-RTT)

    from boringssl bssl binary help file
    Code (Text):
    -test-resumption        Connect to the server twice. The first connection is closed once a session is established. The second connection offers it.
    
    -early-data     Enable early data. The argument to this flag is the early data to send or if it starts with '@', the file to read from for early data
    


    look for Early data: yes :)
    Code (Text):
    /opt/boringssl/build/tool/bssl client -connect domain.com:443 -test-resumption -early-data /tmp/https.txt               
    Connecting to IPADDR:443
    Connected.
      Version: TLSv1.3
      Resumed session: no
      Cipher: TLS_AES_128_GCM_SHA256
      ECDHE curve: X25519
      Signature algorithm: ecdsa_secp256r1_sha256
      Secure renegotiation: yes
      Extended master secret: yes
      Next protocol negotiated:
      ALPN protocol:
      OCSP staple: no
      SCT list: no
      Early data: no
      Cert subject: CN = domain.com
      Cert issuer: C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
    Connecting to IPADDR:443
    Connected.
      Version: TLSv1.3
      Resumed session: yes
      Cipher: TLS_AES_128_GCM_SHA256
      ECDHE curve: X25519
      Signature algorithm: ecdsa_secp256r1_sha256
      Secure renegotiation: no
      Extended master secret: no
      Next protocol negotiated:
      ALPN protocol:
      OCSP staple: no
      SCT list: no
      Early data: yes
      Cert subject: CN = domain.com
      Cert issuer: C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
    Error while reading: unknown error type (15)
    

    contents of /tmp/https.txt
    Code (Text):
    GET / HTTP/1.1
    Host: domain.com:443
    


     
    Last edited: Aug 20, 2018
  4. eva2000

    eva2000 Administrator Staff Member

    54,106
    12,179
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,738
    Local Time:
    1:53 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
  5. buik

    buik “The best traveler is one without a camera.”

    2,026
    524
    113
    Apr 29, 2016
    Flanders
    Ratings:
    +1,674
    Local Time:
    4:53 PM
    As you know i prefer Nginx stable + patches ;). Don't like master and mainline.
     
  6. eva2000

    eva2000 Administrator Staff Member

    54,106
    12,179
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,738
    Local Time:
    1:53 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    yeah I know.. me = loves mainline :D

    cmm-nginx-1.15.3-boringssl-0rtt-early-data.1-00.png
     
  7. buik

    buik “The best traveler is one without a camera.”

    2,026
    524
    113
    Apr 29, 2016
    Flanders
    Ratings:
    +1,674
    Local Time:
    4:53 PM
    Me don't like the coconut. :)
     
  8. buik

    buik “The best traveler is one without a camera.”

    2,026
    524
    113
    Apr 29, 2016
    Flanders
    Ratings:
    +1,674
    Local Time:
    4:53 PM
    Hereby another update with fixed code in line with the latest upstream code:
    [PATCH] to Enable TLS 1.3 on BoringSSL.

    Tested up-to Nginx 1.15.2 - (BoringSSL master (git branch Aug 25 2018 with TLS 1.3 draft up-to TLS 1.3 final IETF standard)).

    Thanks @artembokhan for the catch.
     
  9. eva2000

    eva2000 Administrator Staff Member

    54,106
    12,179
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,738
    Local Time:
    1:53 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
  10. buik

    buik “The best traveler is one without a camera.”

    2,026
    524
    113
    Apr 29, 2016
    Flanders
    Ratings:
    +1,674
    Local Time:
    4:53 PM
    Hmwha not entirely true if you ask me.

    First of all your install script patches the BoringSSL code which is normally used in patch file-form.

    Secondly Google has removed TLS 1.3 draft 28 in BoringSSL and it is plausible that draft 23 will follow.

    TLS 1.3 will no longer work without a patch in a few days or so after merging the above code by the Google team.

    As browsers does support TLS 1.3 drafts but won't support TLS 1.3 final as of today, and BoringSSL does support TLS 1.3 final but won't support TLS 1.3 drafts in a couple of days.
    In short, the reverse way.
     
  11. eva2000

    eva2000 Administrator Staff Member

    54,106
    12,179
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,738
    Local Time:
    1:53 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    When I was referring to no longer needed, I meant Nginx 1.15.3 commit for SSL: enabled TLSv1.3 with BoringSSL and SSL: support for TLSv1.3 early data with BoringSSL ensuring Nginx working with BoringSSL and TLS 1.3 as it that it compiled and worked. I didn't check your patches, but I assumed the patches were for BoringSSL compatibility with Nginx 1.15.2 and lower in technically enabling TLS 1.3 itself. Not whether a specific draft or RFC version of TLS 1.3 works with web browsers.

    So my assumption was
    • Nginx 1.15.2 and below without your BoringSSL patches would not enable any form of TLS 1.3 draft/rfc unless they used your BoringSSL patches
    • Nginx 1.15.3 and above without your BoringSSL patches would enable some form of TLS 1.3 whether it's draft/rfc depending on the BoringSSL source code (as you said removal of drafts for final RFC)
    Maybe I have my assumption wrong then ?
     
  12. buik

    buik “The best traveler is one without a camera.”

    2,026
    524
    113
    Apr 29, 2016
    Flanders
    Ratings:
    +1,674
    Local Time:
    4:53 PM
    The patch is indeed one of the possibility's to use TLS 1.3 draft with Nginx 1.15.2 and lower.
    It should enable TLS 1.3 final without patch but not formally tested by me.
    However patching is still needed as Google is in the process of removing the TLS 1.3 drafts.
    And browsers only support the TLS 1.3 drafts atm.

    In short, to answer your statement. Yes, a patch is still needed (you install script takes care of this). If you still want to make use of TLS 1.3 drafts.

    1. To re position the links in BoringSSL for TLS 1.3 drafts.
    2. Or in the very near feature to re position the whole TLS 1.3 draft code.
     
  13. eva2000

    eva2000 Administrator Staff Member

    54,106
    12,179
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,738
    Local Time:
    1:53 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Thanks for the clarification :)

    Here's to web browsers and cloudflare supporting TLS 1.3 RFC final version soon :D
     
  14. buik

    buik “The best traveler is one without a camera.”

    2,026
    524
    113
    Apr 29, 2016
    Flanders
    Ratings:
    +1,674
    Local Time:
    4:53 PM
    Yep it is already present in Chromium's git source and TLS 1.3 final will be release in Chrome 70 on Oct 16.
    That's 46 days counting from today.