Opened 7 months ago

Last modified 7 months ago

#2546 new enhancement

Support RFC 8879: certificate compression

Reported by: Seirdy Owned by:
Priority: minor Milestone:
Component: other Version: 1.25.x
Keywords: TLS Cc:
uname -a: Linux fedora-vps01 6.4.14-200.fc38.x86_64 #1 SMP PREEMPT_DYNAMIC Sat Sep 2 16:36:06 UTC 2023 x86_64 GNU/Linux
nginx -V: nginx version: nginx/1.25.3 (static-pie clang musl zlib-ng brotli march=haswell boringssl ssl-staple nginx build)
built by clang 16.0.6
built with OpenSSL 1.1.1 (compatible; BoringSSL) (running with BoringSSL)
TLS SNI support enabled
configure arguments: --prefix=/usr/share/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib64/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --http-client-body-temp-path=/var/lib/nginx/tmp/client_body --http-proxy-temp-path=/var/lib/nginx/tmp/proxy --pid-path=/run/nginx.pid --lock-path=/run/lock/subsys/nginx --user=nginx --group=nginx --build='static-pie gcc musl zlib-ng brotli march=haswell boringssl hpack ssl-staple nginx build' --with-file-aio --with-threads --with-pcre --with-debug --with-stream --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_ssl_module --with-http_v2_module --with-http_v3_module --without-http_auth_basic_module --without-http_autoindex_module --without-http_browser_module --without-http_empty_gif_module --without-http_empty_gif_module --without-http_fastcgi_module --without-http_geo_module --without-http_grpc_module --without-http_mirror_module --without-http_referer_module --without-http_scgi_module --without-http_split_clients_module --without-http_ssi_module --without-http_status_module --without-http_upstream_hash_module --without-http_upstream_ip_hash_module --without-http_upstream_keepalive_module --without-http_upstream_least_conn_module --without-http_upstream_random_module --without-http_upstream_zone_module --without-http_userid_module --without-http_uwsgi_module --with-cc-opt='-O3 -march=haswell -ftrapv -DNDEBUG -fno-semantic-interposition -pipe -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong -m64 -fno-asynchronous-unwind-tables -fstack-clash-protection -fcf-protection=full -fPIC -fPIE -s -L. -fno-plt -Bsymbolic -fuse-ld=lld -ftrivial-auto-var-init=zero -fzero-call-used-regs=used-gpr -Wno-parentheses -Wno-unused-value -Wno-unused-command-line-argument -I/usr/include --sysroot /usr -isystem /usr/x86_64-linux-musl/include -I/usr/x86_64-linux-musl/include -L/usr/x86_64-linux-musl/lib -flto=full -fvisibility=hidden -fsplit-lto-unit -ffunction-sections -fdata-sections -I/usr/lib64/clang/version/include -I/ghq/github.com/zlib-ng/zlib-ng -I/ghq/github.com/zlib-ng/zlib-ng/build-server-clang -I/ghq/boringssl.googlesource.com/boringssl/include -Wno-error -DTCP_FASTOPEN=23 -I/ghq/github.com/PhilipHazel/pcre2/build-server-clang' --with-ld-opt='-O3 -march=haswell -ftrapv -DNDEBUG -fno-semantic-interposition -pipe -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong -m64 -fno-asynchronous-unwind-tables -fstack-clash-protection -fcf-protection=full -fPIC -fPIE -s -L. -fno-plt -Bsymbolic -fuse-ld=lld -ftrivial-auto-var-init=zero -fzero-call-used-regs=used-gpr -Wno-parentheses -Wno-unused-value -Wno-unused-command-line-argument -flto=full -fvisibility=hidden -fsplit-lto-unit -ffunction-sections -fdata-sections -Wl,-z,relro,-z,now,-z,noexecstack -Wl,--as-needed -Wl,-E -Wl,-Bstatic -static-pie -L/usr/x86_64-linux-musl/lib -Wl,--gc-sections -L/ghq/github.com/zlib-ng/zlib-ng/build-server-clang -l:libz.a -lz -L/ghq/boringssl.googlesource.com/boringssl/build-server-clang/ssl -l:libssl.a -L/ghq/boringssl.googlesource.com/boringssl/build-server-clang/crypto -l:libcrypto.a -L/ghq/github.com/PhilipHazel/pcre2/build-server-clang' --add-module=/ghq/github.com/google/ngx_brotli/static --add-module=/ghq/github.com/openresty/headers-more-nginx-module --add-module=/ghq/github.com/vision5/ngx_devel_kit --add-module=/ghq/github.com/openresty/set-misc-nginx-module

Description

RFC 8879 TLS Certificate Compression has been supported in BoringSSL for a while, and recently made it to OpenSSL. It allows us to more safely compress TLS certificates. OpenSSL supports zlib, zstd, and Brotli; BoringSSL supports zlib and Brotli.

Change History (1)

comment:1 by Maxim Dounin, 7 months ago

For the record, certificate compression was previously discussed in this thread:

https://mailman.nginx.org/pipermail/nginx-devel/2023-April/O5R42YXIMCJKIGPTNYDSHKWFBJY73H5J.html

In particular, see the review here:

https://mailman.nginx.org/pipermail/nginx-devel/2023-April/MK7QJ2XIYXDTSWJ5TXRGCP7S73WS6GWH.html

Unless OpenSSL fixed things since then, it is probably goes to be something we'll have to explicitly disable once OpenSSL 3.2 is released, as it is enabled by default and seems to allow various resource consumption attacks.

Note: See TracTickets for help on using tickets.