Hello!
On Thu, Apr 10, 2025 at 10:15:06PM +0200, A. Schulze via nginx wrote:
> Am 10.04.25 um 07:09 schrieb Maxim Dounin:
> > OTOH, you may try the following patch which tries to use
> > SSL_get0_group_name() and SSL_group_to_name() if available.
> >
> > Note thought that it slightly changes names as seen in the
> > $ssl_curve and $ssl_curves variables. In particular, with OpenSSL
> > 3.5 both on the server and as a client, variables are changed
> > from:
> >
> > $ssl_curve: 0x11ec
> > $ssl_curves:
> > 0x11ec:X25519:prime256v1:X448:secp384r1:secp521r1:ffdhe2048:ffdhe3072
> >
> > to the following:
> >
> > $ssl_curve: X25519MLKEM768
> > $ssl_curves:
> > X25519MLKEM768:x25519:secp256r1:x448:secp384r1:secp521r1:ffdhe2048:ffdhe3072
> >
> > Note "X25519" changed to "x25519", and "prime256v1" to
> > "secp256r1".
> >
> > Please let me know what do you think.
>
> Hello Maxim,
>
> the patch let freenginx use the expected names I personally prefer over hex
> numbers.
> I don't care if I read X25519 or x25519. I also do not know a scenario, where
> these names matter.
> But this doesn't mean, they do not exist. If the would exist, an operator may
> with to
> decide/configure, which names nginx should use.
Thanks for the feedback.
Here is an updated path, which instead uses NIDs as before to
preserve existing names, and SSL_group_to_name() only if NID is
not found. Main benefit of this approach is that names are
consistent across various SSL libraries, such as different
versions of OpenSSL and BoringSSL.
# HG changeset patch
# User Maxim Dounin <mdou...@mdounin.ru>
# Date 1744560375 -10800
# Sun Apr 13 19:06:15 2025 +0300
# Node ID e6805fbe81004faafe47d69fb267e4a6b4b0cfbf
# Parent 0a8083b7093e88a56b6b06d534b52c367728d005
SSL: improved handling of $ssl_curve and $ssl_curves variables.
Now both $ssl_curve and $ssl_curves try to use SSL_group_to_name()
if available and no NID is found. Notably, this makes it possible to
see the name of the X25519MLKEM768 group as supported by OpenSSL 3.5.0.
diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c
--- a/src/event/ngx_event_openssl.c
+++ b/src/event/ngx_event_openssl.c
@@ -5270,6 +5270,26 @@ ngx_ssl_get_curve(ngx_connection_t *c, n
return NGX_OK;
}
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+ {
+ u_char *name;
+
+ name = (u_char *) SSL_group_to_name(c->ssl->connection, nid);
+
+ if (name) {
+ s->len = ngx_strlen(name);
+
+ s->data = ngx_pnalloc(pool, s->len);
+ if (s->data == NULL) {
+ return NGX_ERROR;
+ }
+
+ ngx_memcpy(s->data, name, s->len);
+ return NGX_OK;
+ }
+ }
+#endif
+
s->len = sizeof("0x0000") - 1;
s->data = ngx_pnalloc(pool, s->len);
@@ -5292,10 +5312,13 @@ ngx_ssl_get_curve(ngx_connection_t *c, n
ngx_int_t
ngx_ssl_get_curves(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s)
{
-#ifdef SSL_CTRL_GET_CURVES
+#ifdef SSL_get1_curves
int *curves, n, i, nid;
u_char *p;
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+ u_char *name;
+#endif
size_t len;
n = SSL_get1_curves(c->ssl->connection, NULL);
@@ -5316,12 +5339,25 @@ ngx_ssl_get_curves(ngx_connection_t *c,
for (i = 0; i < n; i++) {
nid = curves[i];
- if (nid & TLSEXT_nid_unknown) {
- len += sizeof("0x0000") - 1;
-
- } else {
+ if ((nid & TLSEXT_nid_unknown) == 0) {
len += ngx_strlen(OBJ_nid2sn(nid));
- }
+ goto next_length;
+ }
+
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+
+ name = (u_char *) SSL_group_to_name(c->ssl->connection, nid);
+
+ if (name) {
+ len += ngx_strlen(name);
+ goto next_length;
+ }
+
+#endif
+
+ len += sizeof("0x0000") - 1;
+
+ next_length:
len += sizeof(":") - 1;
}
@@ -5336,12 +5372,26 @@ ngx_ssl_get_curves(ngx_connection_t *c,
for (i = 0; i < n; i++) {
nid = curves[i];
- if (nid & TLSEXT_nid_unknown) {
- p = ngx_sprintf(p, "0x%04xd", nid & 0xffff);
-
- } else {
+ if ((nid & TLSEXT_nid_unknown) == 0) {
p = ngx_sprintf(p, "%s", OBJ_nid2sn(nid));
- }
+ goto next_value;
+
+ }
+
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+
+ name = (u_char *) SSL_group_to_name(c->ssl->connection, nid);
+
+ if (name) {
+ p = ngx_sprintf(p, "%s", name);
+ goto next_value;
+ }
+
+#endif
+
+ p = ngx_sprintf(p, "0x%04xd", nid & 0xffff);
+
+ next_value:
*p++ = ':';
}
--
Maxim Dounin
http://mdounin.ru/
