Details
Critical Description
This bug is already fixed in https://github.com/MariaDB/server/pull/3500. This Jira was filed purely for tracking purposes.
Current behavior:
Currently, with the ssl-cipher parameter, I can configure TLSv1.3 ciphers or TLSv1.2 ciphers separately.
However, when trying to specify both TLSv1.3 ciphers and TLSv1.2 ciphers through the ssl-cipher parameter, what ends up happening is that the TLSv1.3 cipher list gets updated but the TLSv1.2 ciphers don't (all TLSv1.2 ciphers enabled by default are still supported).
This is a potential security vulnerability because users trying to restrict specific secure ciphers for TLSv1.3 and TLSv1.2, would still have the database support insecure TLSv1.2 ciphers.
I'm aware that the MariaDB documentation states that configuring TLSv1.3 ciphers aren't supported:
To avoid this problem, OpenSSL developers decided that TLSv1.3 cipher suites should not be affected by the normal cipher-selecting API. This means that ssl_cipher system variable has no effect on the TLSv1.3 cipher suites.
But this is not true based on testing. Also, the ability to restrict exactly which TLSv1.3 and TLSv1.2 ciphers are supported by the database can be useful for security compliance purposes as even certain TLSv1.3 cipher suites enabled by default by OpenSSL do not meet certain security requirements. For example NIST SP 800-52 does not approve of TLS_CHACHA20_POLY1305_SHA256 which OpenSSL enables by default.
Only specifying TLSv1.2 cipher:
|
root@a3593c75c38d:/quick-rebuilds# ./build/client/mariadb --user root --ssl-cipher="$cipher" -e "select @@ssl_cipher;show status like 'ssl_cipher%'\G"
|
+-----------------------------+
|
| @@ssl_cipher |
|
+-----------------------------+
|
| ECDHE-RSA-AES256-GCM-SHA384 |
|
+-----------------------------+
|
*************************** 1. row ***************************
|
Variable_name: Ssl_cipher
|
Value: TLS_AES_256_GCM_SHA384
|
*************************** 2. row ***************************
|
Variable_name: Ssl_cipher_list
|
Value: TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:ECDHE-RSA-AES256-GCM-SHA384
|
Only specifying TLSv1.3 cipher:
|
root@a3593c75c38d:/quick-rebuilds# ./build/client/mariadb --user root --ssl-cipher="$cipher" -e "select @@ssl_cipher;show status like 'ssl_cipher%'\G"
|
+------------------------+
|
| @@ssl_cipher |
|
+------------------------+
|
| TLS_AES_256_GCM_SHA384 |
|
+------------------------+
|
*************************** 1. row ***************************
|
Variable_name: Ssl_cipher
|
Value: TLS_AES_256_GCM_SHA384
|
*************************** 2. row ***************************
|
Variable_name: Ssl_cipher_list
|
Value: TLS_AES_256_GCM_SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:RSA-PSK-AES256-GCM-SHA384:DHE-PSK-AES256-GCM-SHA384:RSA-PSK-CHACHA20-POLY1305:DHE-PSK-CHACHA20-POLY1305:ECDHE-PSK-CHACHA20-POLY1305:AES256-GCM-SHA384:PSK-AES256-GCM-SHA384:PSK-CHACHA20-POLY1305:RSA-PSK-AES128-GCM-SHA256:DHE-PSK-AES128-GCM-SHA256:AES128-GCM-SHA256:PSK-AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:ECDHE-PSK-AES256-CBC-SHA384:ECDHE-PSK-AES256-CBC-SHA:SRP-RSA-AES-256-CBC-SHA:SRP-AES-256-CBC-SHA:RSA-PSK-AES256-CBC-SHA384:DHE-PSK-AES256-CBC-SHA384:RSA-PSK-AES256-CBC-SHA:DHE-PSK-AES256-CBC-SHA:AES256-SHA:PSK-AES256-CBC-SHA384:PSK-AES256-CBC-SHA:ECDHE-PSK-AES128-CBC-SHA256:ECDHE-PSK-AES128-CBC-SHA:SRP-RSA-AES-128-CBC-SHA:SRP-AES-128-CBC-SHA:RSA-PSK-AES128-CBC-SHA256:DHE-PSK-AES128-CBC-SHA256:RSA-PSK-AES128-CBC-SHA:DHE-PSK-AES128-CBC-SHA:AES128-SHA:PSK-AES128-CBC-SHA256:PSK-AES128-CBC-SHA
|
Specifying both TLSv1.2 and TLSv1.3 ciphers:
|
root@a3593c75c38d:/quick-rebuilds# ./build/client/mariadb --user root --ssl-cipher="$cipher" -e "select @@ssl_cipher;show status like 'ssl_cipher%'\G"
|
+----------------------------------------------------+
|
| @@ssl_cipher |
|
+----------------------------------------------------+
|
| TLS_AES_256_GCM_SHA384:ECDHE-RSA-AES128-GCM-SHA256 |
|
+----------------------------------------------------+
|
*************************** 1. row ***************************
|
Variable_name: Ssl_cipher
|
Value: TLS_AES_256_GCM_SHA384
|
*************************** 2. row ***************************
|
Variable_name: Ssl_cipher_list
|
Value: TLS_AES_256_GCM_SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:RSA-PSK-AES256-GCM-SHA384:DHE-PSK-AES256-GCM-SHA384:RSA-PSK-CHACHA20-POLY1305:DHE-PSK-CHACHA20-POLY1305:ECDHE-PSK-CHACHA20-POLY1305:AES256-GCM-SHA384:PSK-AES256-GCM-SHA384:PSK-CHACHA20-POLY1305:RSA-PSK-AES128-GCM-SHA256:DHE-PSK-AES128-GCM-SHA256:AES128-GCM-SHA256:PSK-AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:ECDHE-PSK-AES256-CBC-SHA384:ECDHE-PSK-AES256-CBC-SHA:SRP-RSA-AES-256-CBC-SHA:SRP-AES-256-CBC-SHA:RSA-PSK-AES256-CBC-SHA384:DHE-PSK-AES256-CBC-SHA384:RSA-PSK-AES256-CBC-SHA:DHE-PSK-AES256-CBC-SHA:AES256-SHA:PSK-AES256-CBC-SHA384:PSK-AES256-CBC-SHA:ECDHE-PSK-AES128-CBC-SHA256:ECDHE-PSK-AES128-CBC-SHA:SRP-RSA-AES-128-CBC-SHA:SRP-AES-128-CBC-SHA:RSA-PSK-AES128-CBC-SHA256:DHE-PSK-AES128-CBC-SHA256:RSA-PSK-AES128-CBC-SHA:DHE-PSK-AES128-CBC-SHA:AES128-SHA:PSK-AES128-CBC-SHA256:PSK-AES128-CBC-SHA
|