New SSL features for Nginx.

Igor Sysoev is at rambler-co.ru
Wed Jul 22 16:16:19 MSD 2009 

On Wed, Jul 22, 2009 at 12:21:23PM +0200, Brice Figureau wrote:

> Hi Igor,
> 
> On Wed, 2009-07-22 at 12:44 +0400, Igor Sysoev wrote:
> > On Tue, Jul 21, 2009 at 08:02:05PM +0200, Brice Figureau wrote:
> > 
> > > Hi,
> > > 
> > > For Puppet[1] Nginx deployement (that is using Nginx as a front-end 
> > > load-balancers to puppetmasters[2]), I had to create the following two 
> > > patches, to match Apache behaviour:
> > > 
> > >  * The first patch allows:
> > >   + a new variant of ssl_client_verify: optional. In this mode, if the 
> > > client sends a certificate it is verified, but if the client doesn't 
> > > send a certificate, the connection is authorized too.
> > > 
> > >   + a new variable: $ssl_client_verify which contains, either NONE, 
> > > SUCCESS or FAILURE depending on the verification status. It can be used 
> > > to send information to the upstream about the client verification.
> > > 
> > >  * The second patch adds CRL support to the client certificate 
> > > verification:
> > > 
> > >   ssl_crl /path/to/crl.pem;
> > > 
> > >  Nginx then verifies the client certificate hasn't been revoked in the 
> > > given CRL before allowing the connection to proceed.
> > > 
> > > For access to the patches, please see my last blog article:
> > > http://www.masterzen.fr/2009/07/21/new-ssl-features-for-nginx/
> > > 
> > > It would be great if those patches could be merged in the official Nginx 
> > > source tree.
> > 
> > Thank you, I have looked the patches, it was really surpise for me that
> > OpenSSL 0.9.7 supports CRL. I read in old enough book "Network Security
> > with OpenSSL" written when 0.9.7 was being developed, that OpenSSL has
> > no built-in CRL support. 
> 
> Ah, ok. I based all my development on OpenSSL 0.9.8, since that's what
> I'm building Nginx againt. And definitely there is CRL support.
> Is OpenSSL 0.9.7 a strict dependency for Nginx?

No. I think this code should be just "#ifdef'ed X509_V_FLAG_CRL_CHECK".

> > Then I have looked in Apache's mod_ssl sources and
> > its CRL support seemed to me very heavy: mod_ssl does a lot of useless
> > operations.
> 
> Which ones?
> What I don't get is why they're doing the CRL verification themselves.

Because mod_ssl were developed before 0.9.7.

> I found this comment in the code:
>      * OpenSSL provides the general mechanism to deal with CRLs but does
> not
>      * use them automatically when verifying certificates, so we do it
>      * explicitly here. We will check the CRL for the currently checked
>      * certificate, if there is such a CRL in the store.
> 
> This seems wrong to me, as I already tested, and it works fine at least
> in version 0.9.8.

Yes, this implementation. However, I made mistake: it's not too heavy as
it seemed to me first time I have looked.

> > I think that it's enough to store hash of only public key of
> > all CRL certificates (including intermediate ones). 
> 
> Why reinvent the wheel?
> The CRL is a standard thing (see RFC 3280), and basically this is a DER
> encoded ASN1 structure containing the list of the revoked certificates
> serial number, signed by the CA cert.
> 
> > Have you looked
> > how CRL is implemented in OpenSSL ?
> 
> Yes, I did. It is pretty extensive, and matches RFC3280.
> 
> I'll fetch OpenSSL 0.9.7 to see if it supports or not CRL, but I'd be
> suprised it wouldn't.
> 
> Thanks for reviewing the patch (at least the first one could be merged,
> isn't it?).

Probabaly, I will commit the patches in next 0.8.7.


-- 
Igor Sysoev
http://sysoev.ru/en/

More information about the nginx mailing list