[nginx] SSL: workaround for session timeout handling with TLSv1.3.
Sergey Kandaurov
pluknet at nginx.com
Thu Oct 13 10:57:33 UTC 2022
details: https://hg.nginx.org/nginx/rev/496241338da5
branches:
changeset: 8086:496241338da5
user: Maxim Dounin <mdounin at mdounin.ru>
date: Wed Oct 12 20:14:57 2022 +0300
description:
SSL: workaround for session timeout handling with TLSv1.3.
OpenSSL with TLSv1.3 updates the session creation time on session
resumption and keeps the session timeout unmodified, making it possible
to maintain the session forever, bypassing client certificate expiration
and revocation. To make sure session timeouts are actually used, we
now update the session creation time and reduce the session timeout
accordingly.
BoringSSL with TLSv1.3 ignores configured session timeouts and uses a
hardcoded timeout instead, 7 days. So we update session timeout to
the configured value as soon as a session is created.
diffstat:
src/event/ngx_event_openssl.c | 47 +++++++++++++++++++++++++++++++++++++++++++
src/event/ngx_event_openssl.h | 1 +
2 files changed, 48 insertions(+), 0 deletions(-)
diffs (68 lines):
diff -r 043006e5a0b1 -r 496241338da5 src/event/ngx_event_openssl.c
--- a/src/event/ngx_event_openssl.c Wed Oct 12 20:14:55 2022 +0300
+++ b/src/event/ngx_event_openssl.c Wed Oct 12 20:14:57 2022 +0300
@@ -1086,6 +1086,53 @@ ngx_ssl_info_callback(const ngx_ssl_conn
#endif
+#ifdef TLS1_3_VERSION
+
+ if ((where & SSL_CB_ACCEPT_LOOP) == SSL_CB_ACCEPT_LOOP
+ && SSL_version(ssl_conn) == TLS1_3_VERSION)
+ {
+ time_t now, time, timeout, conf_timeout;
+ SSL_SESSION *sess;
+
+ /*
+ * OpenSSL with TLSv1.3 updates the session creation time on
+ * session resumption and keeps the session timeout unmodified,
+ * making it possible to maintain the session forever, bypassing
+ * client certificate expiration and revocation. To make sure
+ * session timeouts are actually used, we now update the session
+ * creation time and reduce the session timeout accordingly.
+ *
+ * BoringSSL with TLSv1.3 ignores configured session timeouts
+ * and uses a hardcoded timeout instead, 7 days. So we update
+ * session timeout to the configured value as soon as a session
+ * is created.
+ */
+
+ c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn);
+ sess = SSL_get0_session(ssl_conn);
+
+ if (!c->ssl->session_timeout_set && sess) {
+ c->ssl->session_timeout_set = 1;
+
+ now = ngx_time();
+ time = SSL_SESSION_get_time(sess);
+ timeout = SSL_SESSION_get_timeout(sess);
+ conf_timeout = SSL_CTX_get_timeout(c->ssl->session_ctx);
+
+ timeout = ngx_min(timeout, conf_timeout);
+
+ if (now - time >= timeout) {
+ SSL_SESSION_set1_id_context(sess, (unsigned char *) "", 0);
+
+ } else {
+ SSL_SESSION_set_time(sess, now);
+ SSL_SESSION_set_timeout(sess, timeout - (now - time));
+ }
+ }
+ }
+
+#endif
+
if ((where & SSL_CB_ACCEPT_LOOP) == SSL_CB_ACCEPT_LOOP) {
c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn);
diff -r 043006e5a0b1 -r 496241338da5 src/event/ngx_event_openssl.h
--- a/src/event/ngx_event_openssl.h Wed Oct 12 20:14:55 2022 +0300
+++ b/src/event/ngx_event_openssl.h Wed Oct 12 20:14:57 2022 +0300
@@ -114,6 +114,7 @@ struct ngx_ssl_connection_s {
unsigned no_send_shutdown:1;
unsigned shutdown_without_free:1;
unsigned handshake_buffer_set:1;
+ unsigned session_timeout_set:1;
unsigned try_early_data:1;
unsigned in_early:1;
unsigned in_ocsp:1;
More information about the nginx-devel
mailing list