Opened 17 months ago

Closed 7 months ago

#2135 closed enhancement (fixed)

capture negotiated ssl_curve

Reported by: Geert Hendrickx Owned by:
Priority: minor Milestone:
Component: documentation Version: 1.19.x
Keywords: ssl, logging Cc:
uname -a:
nginx -V: nginx version: nginx/1.19.6

Description (last modified by Geert Hendrickx)

$ssl_ciphers contains the list of ciphers offered/supported by the client.
$ssl_cipher contains the one cipher selected by the server, from the above list of client ciphers.

$ssl_curves contains the list of elliptic curves offered/supported by the client.
However there is no $ssl_curve counterpart to log the selected curve.

Like $ssl_cipher, this could be useful for analysis and optimization of the SSL configuration.

Change History (5)

comment:1 by Geert Hendrickx, 17 months ago

Description: modified (diff)

comment:2 by Maxim Dounin, 17 months ago

While it might be interesting, it seems that OpenSSL currently provides no easy way to obtain the curve used during ECDH key exchange for the connection, at least not on the server side. While SSL_get_peer_tmp_key(), introduced in the OpenSSL 1.1.1 branch, expected to make it available on the server side, it seems to return something only when using TLSv1.3, much like SSL_get_peer_tmp_key(). Further, I would expect problems after session resumption, as the information about the curve used during handshake isn't stored into session data.

That is, more or less the only information we have is SSL_get_shared_curve(), which is not the curve used during the handshake, but rather a curve which would be used for ECDH key exchange given the list of curves provided by the client ($ssl_curves) and server settings (ssl_ecdh_curves, prefer_server_ciphers). I tend to think that such a variable would be misleading, since it will have a value even if ECDH key exchange is not used. Further, it can be trivially derived from $ssl_curves and server configuration, so hardly adds anything new.

comment:3 by Geert Hendrickx, 17 months ago

Thanks for your thoughts. We'll derive it from $ssl_curves like you suggested.

comment:4 by Sergey Kandaurov <pluknet@…>, 7 months ago

In 7973:3443c02ca1d1/nginx:

SSL: $ssl_curve (ticket #2135).

The variable contains a negotiated curve used for the handshake key
exchange process. Known curves are listed by their names, unknown
ones are shown in hex.

Note that for resumed sessions in TLSv1.2 and older protocols,
$ssl_curve contains the curve used during the initial handshake,
while in TLSv1.3 it contains the curve used during the session
resumption (see the SSL_get_negotiated_group manual page for
details).

The variable is only meaningful when using OpenSSL 3.0 and above.
With older versions the variable is empty.

comment:5 by Sergey Kandaurov, 7 months ago

Resolution: fixed
Status: newclosed
Note: See TracTickets for help on using tickets.