Hi.

I've noticed that OCSP stapling was broken by 1.15.4, as you may see below:

---------- nginx 1.15.4 with OpenSSL 1.1.1 final --------
$ openssl s_client -connect bcdonadio.com:443 -tlsextdebug -status
CONNECTED(00000003)
TLS server extension "renegotiation info" (id=65281), len=1
0000 - 00 .
TLS server extension "EC point formats" (id=11), len=4
0000 - 03 00 01 02 ....
TLS server extension "session ticket" (id=35), len=0
TLS server extension "extended master secret" (id=23), len=0
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify return:1
depth=0 CN = bcdonadio.com
verify return:1
OCSP response: no response sent
---
Certificate chain
0 s:/CN=bcdonadio.com
i:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
1 s:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
i:/O=Digital Signature Trust Co./CN=DST Root CA X3
---
Server certificate
-----BEGIN CERTIFICATE-----
[long ASCII-armored certificate here]
-----END CERTIFICATE-----
subject=/CN=bcdonadio.com
issuer=/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
---
No client certificate CA names sent
Peer signing digest: SHA256
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 3520 bytes and written 326 bytes
Verification: OK
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
Session-ID:
[long session id here]
Session-ID-ctx:
Master-Key:
[long master key here]
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 600 (seconds)
TLS session ticket:
[long session ticket here]
Start Time: 1538394643
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: yes
---
---------- nginx 1.15.4 with OpenSSL 1.1.1 final --------

---------- nginx 1.15.3 with OpenSSL 1.1.1 final --------
$ openssl s_client -connect bcdonadio.com:443 -tlsextdebug -status
CONNECTED(00000003)
TLS server extension "renegotiation info" (id=65281), len=1
0000 - 00 .
TLS server extension "EC point formats" (id=11), len=4
0000 - 03 00 01 02 ....
TLS server extension "session ticket" (id=35), len=0
TLS server extension "status request" (id=5), len=0
TLS server extension "extended master secret" (id=23), len=0
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify return:1
depth=0 CN = bcdonadio.com
verify return:1
OCSP response:
======================================
OCSP Response Data:
OCSP Response Status: successful (0x0)
Response Type: Basic OCSP Response
Version: 1 (0x0)
Responder Id: C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
Produced At: Sep 30 06:00:00 2018 GMT
Responses:
Certificate ID:
Hash Algorithm: sha1
Issuer Name Hash: 7EE66AE7729AB3FCF8A220646C16A12D6071085D
Issuer Key Hash: A84A6A63047DDDBAE6D139B7A64565EFF3A8ECA1
Serial Number: 0338F3E6D2512FBF1BC91E766E237FE3E319
Cert Status: good
This Update: Sep 30 06:00:00 2018 GMT
Next Update: Oct 7 06:00:00 2018 GMT

Signature Algorithm: sha256WithRSAEncryption
08:c1:47:f6:db:c1:21:da:14:6f:69:ee:8e:fd:b7:ad:82:4c:
fa:d9:b8:03:93:a3:eb:ba:48:41:f7:d6:70:24:4a:79:e0:9a:
a5:59:ea:d0:e6:ab:e1:ab:bf:60:b9:b4:0a:e1:18:de:a4:f6:
73:ee:74:82:16:f2:88:4f:df:62:18:fc:ec:64:4b:00:46:13:
25:ad:37:35:bc:e1:cc:96:d2:8b:af:26:62:5a:c3:f7:72:ad:
d5:da:1b:70:96:c6:b6:e6:2b:06:5f:ab:61:49:ca:1a:a2:ac:
b7:eb:91:1e:73:d3:e2:b1:dd:d9:f2:bc:58:e1:3f:07:78:f6:
4b:d5:46:a8:89:80:9b:dd:d1:99:8f:2a:06:06:13:f4:93:dd:
19:b3:ca:b6:77:3d:fa:eb:e4:11:58:ba:e4:41:f0:8a:df:9e:
9a:81:96:49:16:12:ec:5a:eb:49:67:4f:bc:44:0e:4d:a3:c4:
f4:f1:a0:43:aa:d4:fb:5f:59:7e:b8:a9:52:81:63:05:f2:37:
b6:23:5a:59:82:95:3a:cf:23:8a:ee:89:40:40:bb:93:81:68:
5a:38:b4:d0:e4:ff:eb:d7:c4:e6:de:27:50:73:d6:0e:53:97:
33:4c:e9:44:21:d6:e6:eb:a4:73:c7:68:3a:af:a6:0a:6e:fa:
df:92:ec:c2
======================================
---
Certificate chain
0 s:/CN=bcdonadio.com
i:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
1 s:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
i:/O=Digital Signature Trust Co./CN=DST Root CA X3
---
Server certificate
-----BEGIN CERTIFICATE-----
[long ASCII-armored certificate here]
-----END CERTIFICATE-----
subject=/CN=bcdonadio.com
issuer=/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
---
No client certificate CA names sent
Peer signing digest: SHA256
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 4064 bytes and written 326 bytes
Verification: OK
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
Session-ID:
[long session id here]
Session-ID-ctx:
Master-Key:
[long master key here]
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 600 (seconds)
TLS session ticket:
[long session ticket here]
Start Time: 1538396356
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: yes
---
---------- nginx 1.15.3 with OpenSSL 1.1.1 final --------

This problem was also noticed here:
https://community.centminmod.com/threads/nginx-announce-nginx-1-15-4.15672/page-2#post-67107

There are no messages on nginx error log about any failed attempt to
contact the OCSP stapling server. Should I bisect or do you guys already
have some idea about which commit broke this?
--
Bernardo Donadio
IT Automation Engineer at Stone Payments
https://bcdonadio.com/

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx