Opened 3 years ago
Closed 2 years ago
#2135 closed enhancement (fixed)
capture negotiated ssl_curve
| Reported by: | Geert Hendrickx | Owned by: | |
|---|---|---|---|
| Priority: | minor | Milestone: | |
| Component: | documentation | Version: | 1.19.x |
| Keywords: | ssl, logging | Cc: | |
| uname -a: | |||
| nginx -V: | nginx version: nginx/1.19.6 | ||
Description (last modified by )
$ssl_ciphers contains the list of ciphers offered/supported by the client.
$ssl_cipher contains the one cipher selected by the server, from the above list of client ciphers.
$ssl_curves contains the list of elliptic curves offered/supported by the client.
However there is no $ssl_curve counterpart to log the selected curve.
Like $ssl_cipher, this could be useful for analysis and optimization of the SSL configuration.
Change History (5)
comment:1 by , 3 years ago
| Description: | modified (diff) |
|---|
comment:2 by , 3 years ago
comment:3 by , 3 years ago
Thanks for your thoughts. We'll derive it from $ssl_curves like you suggested.
comment:5 by , 2 years ago
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
Note:
See TracTickets
for help on using tickets.
While it might be interesting, it seems that OpenSSL currently provides no easy way to obtain the curve used during ECDH key exchange for the connection, at least not on the server side. While SSL_get_peer_tmp_key(), introduced in the OpenSSL 1.1.1 branch, expected to make it available on the server side, it seems to return something only when using TLSv1.3, much like
SSL_get_peer_tmp_key(). Further, I would expect problems after session resumption, as the information about the curve used during handshake isn't stored into session data.That is, more or less the only information we have is
SSL_get_shared_curve(), which is not the curve used during the handshake, but rather a curve which would be used for ECDH key exchange given the list of curves provided by the client ($ssl_curves) and server settings (ssl_ecdh_curves,prefer_server_ciphers). I tend to think that such a variable would be misleading, since it will have a value even if ECDH key exchange is not used. Further, it can be trivially derived from$ssl_curvesand server configuration, so hardly adds anything new.