nginx-tests SSL tests failing out of the box?

Maxim Dounin mdounin at mdounin.ru
Mon Jan 29 03:24:53 UTC 2024 

Hello!

On Sat, Jan 27, 2024 at 07:19:45AM +0300, Maxim Dounin wrote:

> Hello!
> 
> On Fri, Jan 26, 2024 at 09:29:58PM +0400, Sergey Kandaurov wrote:
> 
> > On Thu, Jan 25, 2024 at 11:38:57PM +0300, Maxim Dounin wrote:
> > > Hello!
> > > 
> > > On Thu, Jan 25, 2024 at 06:59:36PM +0000, Mayerhofer, Austin via nginx-devel wrote:
> > > 
> > > > Hi all,
> > > > 
> > > > I have not made any changes to NGINX. Vanilla NGINX (./configure with no flags) passes all tests that run, but when compiling with SSL, not all SSL tests are passing. Is this expected, or do I need to configure nginx further aside from adding the --with-http_ssl_module flag? Do each of the failing tests below require separate fixes, or is there a one-size-fits-all solution for all of them?
> > > > 
> > > > OS: MacOS 12.6.3
> > > > Chip: Apple M1 Max
> > > > NGINX: 1.24.0 built from source code with ./configure --with-debug --with-http_ssl_module
> > > > Nginx-tests: https://github.com/nginx/nginx-tests/tree/4c2ad8093952706f327d04887c5546bad91b75a6
> > > > OpenSSL: 3.2.0 (/opt/homebrew/bin/openssl)
> > > > Perl: 5.30.3 (/usr/bin/perl)
> > > > 
> > > > When I run
> > > > 
> > > > ```
> > > > TEST_NGINX_BINARY=/usr/local/nginx/sbin/nginx prove -v ssl.t
> > > > ```
> > > > 
> > > > I see
> > > > 
> > > > ```
> > > > not ok 2 - session reused
> > > > 
> > > > #   Failed test 'session reused'
> > > > #   at ssl.t line 187.
> > > > #                   'HTTP/1.1 200 OK
> > > > # Server: nginx/1.24.0
> > > > # Date: Thu, 25 Jan 2024 18:50:10 GMT
> > > > # Content-Type: text/plain
> > > > # Content-Length: 6
> > > > # Connection: close
> > > > #
> > > > # body .'
> > > > #     doesn't match '(?^m:^body r$)'
> > > > ```
> > > 
> > > [...]
> > > 
> > > It looks like SSL session reuse is broken in Perl you are 
> > > using.  This might be the case if, for example, Net::SSLeay in 
> > > your installation was compiled with system LibreSSL as an SSL 
> > > library - at least on the server side LibreSSL simply does not 
> > > support session reuse with TLSv1.3.
> > > 
> > > Test suite checks if nginx was compiled with LibreSSL and marks 
> > > appropriate tests as TODO, but if the Perl module is broken 
> > > instead, the test will fail.
> > > 
> > 
> > Well, technically, we could test this and skip appropriately:
> > 
> > diff --git a/ssl_session_reuse.t b/ssl_session_reuse.t
> > --- a/ssl_session_reuse.t
> > +++ b/ssl_session_reuse.t
> > @@ -166,7 +166,9 @@ local $TODO = 'no TLSv1.3 sessions, old 
> >  local $TODO = 'no TLSv1.3 sessions, old IO::Socket::SSL'
> >  	if $IO::Socket::SSL::VERSION < 2.061 && test_tls13();
> >  local $TODO = 'no TLSv1.3 sessions in LibreSSL'
> > -	if $t->has_module('LibreSSL') && test_tls13();
> > +	if ($t->has_module('LibreSSL')
> > +		|| Net::SSLeay::constant("LIBRESSL_VERSION_NUMBER"))
> > +		&& test_tls13();
> >  
> >  is(test_reuse(8443), 1, 'tickets reused');
> >  is(test_reuse(8444), 1, 'tickets and cache reused');
> > 
> > But I see little to no purpose: if the testing tool is broken
> > in various unexpected ways (another example is X509_V_ERR_INVALID_PURPOSE
> > in peer certificate verification as reported in the adjacent thread),
> > I think we barely can handle this in general.
> 
> I generally agree.
> 
> Still, the X509_V_ERR_INVALID_PURPOSE seems to be an OpenSSL 
> 3.2.0-related issue: for tests using CA root certificates without 
> CA:TRUE it now generates X509_V_ERR_INVALID_CA on the root 
> certificate, which then changed to X509_V_ERR_INVALID_PURPOSE.
> 
> Given the list of incompatible changes from NEWS.md, and the fact 
> that the same tests work fine with OpenSSL 3.2.0 but with 
> "openssl" binary from older versions, it seems to be this:
> 
>   * The `x509`, `ca`, and `req` apps now always produce X.509v3 certificates.
> 
> This needs to be addressed.

Patch:

# HG changeset patch
# User Maxim Dounin <mdounin at mdounin.ru>
# Date 1706477656 -10800
#      Mon Jan 29 00:34:16 2024 +0300
# Node ID 156665421f83a054cf331e8f9a27dd4d2f86114d
# Parent  27a79d3a8658794d7c0f8c246bcd92a9861da468
Tests: compatibility with "openssl" app from OpenSSL 3.2.0.

OpenSSL 3.2.0's "openssl" app generates X.509v3 certificates unless explicitly
asked not to.  Such certificates, even self-signed ones, cannot be used to sign
other certificates without CA:TRUE explicitly set in the basicConstraints
extension.  As a result, tests doing so are now failing.

Fix is to provide basicConstraints with CA:TRUE for self-signed root
certificates used in "openssl ca" calls.

diff -r 27a79d3a8658 -r 156665421f83 ssl.t
--- a/ssl.t	Sun Jan 28 23:12:26 2024 +0300
+++ b/ssl.t	Mon Jan 29 00:34:16 2024 +0300
@@ -119,7 +119,10 @@ EOF
 default_bits = 2048
 encrypt_key = no
 distinguished_name = req_distinguished_name
+x509_extensions = myca_extensions
 [ req_distinguished_name ]
+[ myca_extensions ]
+basicConstraints = critical,CA:TRUE
 EOF
 
 my $d = $t->testdir();
diff -r 27a79d3a8658 -r 156665421f83 ssl_certificate_chain.t
--- a/ssl_certificate_chain.t	Sun Jan 28 23:12:26 2024 +0300
+++ b/ssl_certificate_chain.t	Mon Jan 29 00:34:16 2024 +0300
@@ -71,7 +71,10 @@ my $d = $t->testdir();
 default_bits = 2048
 encrypt_key = no
 distinguished_name = req_distinguished_name
+x509_extensions = myca_extensions
 [ req_distinguished_name ]
+[ myca_extensions ]
+basicConstraints = critical,CA:TRUE
 EOF
 
 $t->write_file('ca.conf', <<EOF);
diff -r 27a79d3a8658 -r 156665421f83 ssl_crl.t
--- a/ssl_crl.t	Sun Jan 28 23:12:26 2024 +0300
+++ b/ssl_crl.t	Mon Jan 29 00:34:16 2024 +0300
@@ -79,7 +79,10 @@ my $d = $t->testdir();
 default_bits = 2048
 encrypt_key = no
 distinguished_name = req_distinguished_name
+x509_extensions = myca_extensions
 [ req_distinguished_name ]
+[ myca_extensions ]
+basicConstraints = critical,CA:TRUE
 EOF
 
 $t->write_file('ca.conf', <<EOF);
diff -r 27a79d3a8658 -r 156665421f83 ssl_ocsp.t
--- a/ssl_ocsp.t	Sun Jan 28 23:12:26 2024 +0300
+++ b/ssl_ocsp.t	Mon Jan 29 00:34:16 2024 +0300
@@ -116,7 +116,10 @@ my $p = port(8081);
 default_bits = 2048
 encrypt_key = no
 distinguished_name = req_distinguished_name
+x509_extensions = myca_extensions
 [ req_distinguished_name ]
+[ myca_extensions ]
+basicConstraints = critical,CA:TRUE
 EOF
 
 $t->write_file('ca.conf', <<EOF);
diff -r 27a79d3a8658 -r 156665421f83 ssl_stapling.t
--- a/ssl_stapling.t	Sun Jan 28 23:12:26 2024 +0300
+++ b/ssl_stapling.t	Mon Jan 29 00:34:16 2024 +0300
@@ -125,7 +125,10 @@ my $p = port(8081);
 default_bits = 2048
 encrypt_key = no
 distinguished_name = req_distinguished_name
+x509_extensions = myca_extensions
 [ req_distinguished_name ]
+[ myca_extensions ]
+basicConstraints = critical,CA:TRUE
 EOF
 
 $t->write_file('ca.conf', <<EOF);
diff -r 27a79d3a8658 -r 156665421f83 ssl_verify_depth.t
--- a/ssl_verify_depth.t	Sun Jan 28 23:12:26 2024 +0300
+++ b/ssl_verify_depth.t	Mon Jan 29 00:34:16 2024 +0300
@@ -76,7 +76,10 @@ my $d = $t->testdir();
 default_bits = 2048
 encrypt_key = no
 distinguished_name = req_distinguished_name
+x509_extensions = myca_extensions
 [ req_distinguished_name ]
+[ myca_extensions ]
+basicConstraints = critical,CA:TRUE
 EOF
 
 $t->write_file('ca.conf', <<EOF);

-- 
Maxim Dounin
http://mdounin.ru/

More information about the nginx-devel mailing list