Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-37307

with WolfSSL, order in ssl_cipher matters, else TLSv1.3 fails

    XMLWordPrintable

Details

    • Bug
    • Status: Confirmed (View Workflow)
    • Major
    • Resolution: Unresolved
    • 11.4.5
    • 11.4
    • SSL
    • None
    • Not for Release Notes
    • Q4/2025 Server Maintenance

    Description

      When using a server linked against WolfSSL, not OpenSSL (as is standard on Windows, and when using statically linked tarball package on Linux), and restricting what SSL ciphers to use, the order becomes important. When having both TLS v1.2 and v1.3 ciphers on the list then the TLS v1.3 ones need to come first, otherwise only TLS v1.2 connections will work while connecting with v1.3 fails.

      I tried with just the two ciphers

      • v1.2 cipher ECDHE-RSA-AES256-GCM-SHA384
      • v1.3 cipher TLS13-AES128-GCM-SHA256

      and with four different combinations in the ssl_cipher variable:

      • v1.2 cipher only
      • v1.3 cipher only
      • v1.2 cipher, then v1.3 one
      • v1.3 cipher, then v1.2 one

      the expected result would be that for the first two just one TLS version would work, but for the last two both TLS v1.2 and v1.3 would work. When using OpenSSL that's indeed the case.

      The actual WolfSSL result though is that in "v1.2:v1.3" case only clients connecting with v1.2 will succeed, only the last variant will allow connections using either version.

      Tested with MariaDB 11.4.5 / WolfSSL 5.7.6 here, but was getting the same with 10.6, too.

      == ssl_cipher	ECDHE-RSA-AES256-GCM-SHA384 ==
      		 
       
      		 
      --- testing with --tls-version=TLSv1.2 ---
      		 
      Variable_name	Value
      		 
      Ssl_version	TLSv1.2
      		 
       
      		 
      --- testing with --tls-version=TLSv1.3 ---
      		 
      ERROR 2026 (HY000): TLS/SSL error: fatal alert received: Handshake failed
      		 
       
      		 
       
      		 
       
      		 
      == ssl_cipher	TLS13-AES128-GCM-SHA256 ==
      		 
       
      		 
      --- testing with --tls-version=TLSv1.2 ---
      		 
      ERROR 2026 (HY000): TLS/SSL error: fatal alert received: Handshake failed
      		 
       
      		 
      --- testing with --tls-version=TLSv1.3 ---
      		 
      Variable_name	Value
      		 
      Ssl_version	TLSv1.3
      		 
       
      		 
       
      		 
       
      		 
      == ssl_cipher	ECDHE-RSA-AES256-GCM-SHA384:TLS13-AES128-GCM-SHA256 ==
      		 
       
      		 
      --- testing with --tls-version=TLSv1.2 ---
      		 
      Variable_name	Value
      		 
      Ssl_version	TLSv1.2
      		 
       
      		 
      --- testing with --tls-version=TLSv1.3 ---
      		 
      ERROR 2026 (HY000): TLS/SSL error: fatal alert received: Handshake failed
      		 
       
      		 
       
      		 
       
      		 
      == ssl_cipher	TLS13-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384 ==
      		 
       
      		 
      --- testing with --tls-version=TLSv1.2 ---
      		 
      Variable_name	Value
      		 
      Ssl_version	TLSv1.2
      		 
       
      		 
      --- testing with --tls-version=TLSv1.3 ---
      		 
      Variable_name	Value
      		 
      Ssl_version	TLSv1.3

      Attachments

        Activity

          People

            wlad Vladislav Vaintroub
            hholzgra Hartmut Holzgraefe
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

              Created:
              Updated:

              Git Integration

                Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.