[PATCH] Proxy: added the "proxy_ssl_ciphers" directive.

Maxim Dounin mdounin at mdounin.ru
Tue Sep 24 13:37:56 UTC 2013


On Mon, Sep 23, 2013 at 03:55:36PM -0700, Piotr Sikora wrote:

> Hi Maxim,
> >> Proxy: added the "proxy_ssl_ciphers" directive.
> >
> > Already asked in another thread if it really worth adding.
> Yes, it is, and in my experience this one is much more useful than
> "proxy_ssl_protocols".
> Basically, there are 2 categories of broken SSL servers:
> 1. cannot accept ClientHello that's > 255 bytes,
> 2. cannot downgrade gracefully to a common supported TLS version.

Fair enough, thanks for detailed answer.


> > This modifies current behaviour, and only allows to use
> > HIGH:!aNULL:!MD5 chipers by default.  Are there any specific
> > reasons to?
> >
> > The "!aNULL" looks especially wierd, as we don't check peers
> > certificates anyway.
> Good catch! Because of the issues above, we specify our own (rather
> limited) list of cipher suites that we advertise to the backend
> servers during SSL handshake, so I didn't notice that the defaults I
> provided are much stricter than necessary.
> In that case, I'd probably stick with "DEFAULT" (updated patch will
> follow)... Just keep in mind that nginx compiled against OpenSSL-1.0.1
> will be sending ClientHello that's 316 bytes in size and will have
> issue with broken SSL servers... Whether or not that's something that
> nginx should worry about it's another matter, but just to give you
> some perspective, last time I checked it was ~0.15% of servers that
> didn't like big ClientHello messages.

Given the fact that even with "HIGH:!aNULL:!MD5" nginx with recent 
OpenSSL results in the 300+ bytes client hello messages, 
preserving "DEFAULT" is probably good enough.  We may consider 
adding relevant hints to the documentation if there will be many 
problem reports.

Maxim Dounin

More information about the nginx-devel mailing list