使用SSL握手的Nginx严重错误 [英] nginx critical error with SSL handshaking

问题描述

在Ubuntu 14.04 LTS上我的nginx出现问题.我有时会遇到严重错误:

I have problem with my nginx on Ubuntu 14.04 LTS. From time to time I get a critical error:

2015/01/18 12:59:44 [crit] 1065#0: *28289 SSL_do_handshake() failed (SSL: error:140A1175:SSL routines:SSL_BYTES_TO_CIPHER_LIST:inappropriate fallback) while SSL handshaking, client: 10.0.2.2, server: 0.0.0.0:443

我已经检查过我的OpenSSL版本:

I've checked version of my OpenSSL:

root@www:~# ldd `which nginx` | grep ssl
        libssl.so.1.0.0 => /lib/x86_64-linux-gnu/libssl.so.1.0.0 (0x00007f39e236b000)

root@www:~# strings /lib/x86_64-linux-gnu/libssl.so.1.0.0 | grep "^OpenSSL "
OpenSSL 1.0.1f 6 Jan 2014

我搜索了有关它的更多信息，发现旧版本的OpenSSL可能有问题.因此，我尝试编译最新版本:

I've searched for more information about it and found that it might be problem with old version OpenSSL. So I've tried to compile the latest version:

wget https://www.openssl.org/source/openssl-1.0.1l.tar.gz && tar xzf && cd openssl-1.0.1l

./config && make && make install

我还通过symlink用新文件替换了旧的OpenSSL二进制文件:

I've also replaced old OpenSSL binary file with new one via symlink:

ln -sf /usr/local/ssl/bin/openssl `which openssl`

那之后我有:

root@www:~# openssl version
OpenSSL 1.0.1l 15 Jan 2015

但是我仍然在nginx中使用旧版本:

But still I have the old version in nginx:

root@www:~# strings /lib/x86_64-linux-gnu/libssl.so.1.0.0 | grep "^OpenSSL "
OpenSSL 1.0.1f 6 Jan 2014

更新OpenSSL后，我在Ubuntu中找不到其他任何新的libssl.如何更新libssl，以便nginx可以使用最新版本?

I couldn't find any other new libssl in Ubuntu after updating OpenSSL. How do I update libssl so that nginx could use the newest version?

P.S.1.严重错误的问题可能与OpenSSL的版本无关.

P.S.1. Maybe the problem with critical error isn't about version of OpenSSL.

P.S.2.我认为这个严重的错误可能会影响我的整个虚拟机.我也有不时出现VM崩溃的问题.

P.S.2. I think that this crtitical error might affect my whole Virtual Machine. I have also a problem with "from time to time" crashing of VM.

我已经尝试了很多事情，但现在我已经绝望了. Stackoverflow请帮忙！

I've tried so many things and now I am hopeless. Stackoverflow please help!

推荐答案

... BYTES_TO_CIPHER_LIST:不当回退)，而SSL握手时，客户端:10.2.0.2，服务器:0.0.0.0:443

...BYTES_TO_CIPHER_LIST:inappropriate fallback) while SSL handshaking, client: 10.0.2.2, server: 0.0.0.0:443

这看起来像是在检查服务器是否支持TLS_FALLBACK_SCSV(在您的情况下).完全不用担心.相反，这意味着您的服务器支持有用的安全功能.有关TLS_FALLBACK_SCSV以及如何检测SSL降级攻击的详细信息，例如 POODLE 这样，您可以查看 http://www.exploresecurity.com/poodle-和-the-tls_fallback_scsv-remedy/.

This looks like someone checking if the server supports TLS_FALLBACK_SCSV, which it does in your case. Nothing to worry about. On the contrary this means that your server supports a useful security feature. For more information about TLS_FALLBACK_SCSV and how one can detect SSL downgrade attacks like POODLE this way you might have a look at http://www.exploresecurity.com/poodle-and-the-tls_fallback_scsv-remedy/.

TLS_FALLBACK_SCSV是一个相当新的选项，旨在检测SSL降级攻击.它需要客户端和服务器上的支持.较旧的nginx/OpenSSL和较旧的浏览器根本没有此选项，因此无法检测到此问题，因此未登录较早的版本.此消息很关键，因为它可能表明针对此客户端的实际SSL降级攻击尝试已被该选项击败.实际上，它可能是一些探测该选项支持的工具，例如 SSLLabs .

TLS_FALLBACK_SCSV is a fairly new option intended to detect SSL downgrade attacks. It needs support on client and server. Older nginx/OpenSSL and older browsers simply did not have this option so this problem could not have been detected and thus not logged in earlier versions. This message is critical because it could indicate an actual SSL downgrade attack attempt against the client which was defeated by this option. In practice it is probably some tool probing for support of the option, like SSLLabs.

作为参考，来自ssl/ssl_lib.c函数ssl_bytes_to_cipher_list的相关代码:

For reference the relevant code from ssl/ssl_lib.c function ssl_bytes_to_cipher_list:

/* Check for TLS_FALLBACK_SCSV */
if ((n != 3 || !p[0]) &&
        (p[n-2] == ((SSL3_CK_FALLBACK_SCSV >> 8) & 0xff)) &&
        (p[n-1] == (SSL3_CK_FALLBACK_SCSV & 0xff)))
        {
        /* The SCSV indicates that the client previously tried a higher version.
         * Fail if the current version is an unexpected downgrade. */
        if (!SSL_ctrl(s, SSL_CTRL_CHECK_PROTO_VERSION, 0, NULL))
                {
                SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,SSL_R_INAPPROPRIATE_FALLBACK);
                if (s->s3)
                        ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_INAPPROPRIATE_FALLBACK);
                goto err;
                }
        p += n;
        continue;
        }

这篇关于使用SSL握手的Nginx严重错误的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！