[Pkg-nginx-maintainers] Bug#920297: nginx-light: nginx breaks when TLS 1.3 KeyUpdate is used

Janusz Dziemidowicz rraptorr at nails.eu.org
Wed Jan 23 19:22:11 GMT 2019 

Package: nginx-light
Version: 1.14.2-2
Severity: important

Dear Maintainer,
citing original report from Adam Langley of Google:
"KeyUpdate messages are a feature of TLS 1.3 that allows the symmetric
keys of a connection to be periodically rotated. It's
mandatory-to-implement in TLS 1.3, but not mandatory to use. Google
Chrome tried enabling KeyUpdate and promptly broke several sites, at
least some of which are using HAProxy."

This report was against haproxy, but I have quickly found out that the
same problem applies to version of nginx used in Buster. Whole haproxy
thread, with all the details, can be found at:
https://www.mail-archive.com/haproxy@formilux.org/msg32495.html

In short, nginx 1.14.2 has TLS 1.3 incompatibility that will make nginx
unusable with future version of Chrome. nginx fixed this problem in
version 1.15.4

To reproduce this, install nginx in Buster, enable TLSv1.3 in config with
any certificate (can be snakeil). Then issue:

openssl s_client -connect localhost:443

and type single letter 'K'. This will make s_client send KeyUpdate.
If connection is closed, then the server has this incompatibility.

To fix this, nginx must be either updated to 1.15.4 or later, or the
following patches must be backported:
https://trac.nginx.org/nginx/changeset/dcab8611526120b270841a10a307f66f0be44e0a
https://trac.nginx.org/nginx/changeset/e3ba4026c02d2c1810fd6f2cecf499fc39dde5ee
https://trac.nginx.org/nginx/changeset/bf1ac3dc1e6856371c60bc5c57084662926dba0e

-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=pl_PL.UTF-8, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8), LANGUAGE=pl_PL.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages nginx-light depends on:
ii  libc6                   2.28-5
ii  libnginx-mod-http-echo  1.14.2-2
ii  libpcre3                2:8.39-11
ii  libssl1.1               1.1.1a-1
ii  nginx-common            1.14.2-2
ii  zlib1g                  1:1.2.11.dfsg-1

nginx-light recommends no packages.

Versions of packages nginx-light suggests:
pn  nginx-doc  <none>

-- no debconf information

More information about the Pkg-nginx-maintainers mailing list