Details
-
Task
-
Status: Stalled (View Workflow)
-
Major
-
Resolution: Unresolved
-
None
-
None
-
10.2.0-8, 10.2.1-1, 10.2.1-2
Description
Thread safety (OpenSSL)
For both client and server use a global SSL context and provide locks for crypto API.
Affects: MDEV-9552
Global definitions
Current implementation uses HAVE_OPENSSL which indicates that the server supports SSL, additionally HAVE_YASSL indicates that Yassl is used instead of OpenSSL.
Suggestion:
HAVE_SSL: indicates that server/client supports SSL
HAVE_OPENSSL: OpenSSL library is used
HAVE_YASSL: Builtin yassl library is used.
HAVE_ANOTHER: Another SSL library is used.
TLS versions
Stop supporting deprecated SSLv3 and provide support for TLSv1.2.(already done)- Since Yassl doesn't support TLSV1.2 the library isn't able to negotiate TLS1+ during handshake, server should indicate SSL capabilities in extended flags.
SSL Ciphers:
Check for invalid cipher names
This should return an error:
MariaDB [(none)]> grant all on *.* to foo@localhost require cipher 'youcanspecifywhateveryouwanthere :-(';
|
Query OK, 0 rows affected (0.00 sec)
|
Disallow bad ciphers/groups
OpenSSL:
static const char blacklisted_ciphers[]= "!DES:!DHE-DSS-DES-CBC3-SHA:!DHE-RSA-DES-CBC3-SHA:"
|
"!ECDH-ECDSA-DES-CBC3-SHA:!ECDH-RSA-DES-CBC3-SHA:"
|
"!ECDHE-ECDSA-DES-CBC3-SHA:!ECDHE-RSA-DES-CBC3-SHA:";
|
static const char blacklisted_groups[]= "!EXPORT:!LOW:!MD5:!PSK:!RC2:!RC4:!aNULL:!eNULL:";
|
Yassl
/* several (but not all ciphers are already blacklisted in yassl_type.h, disabling groups only
|
might be enough */
|
static const char *blacklisted_ciphers = "";
|
static const char blacklisted_groups[] = "!aNULL:!eNULL:!EXPORT:!LOW:!MD5:!DES:!RC2:!RC4:!PSK:";
|
Valid/allowed ciphers
OpenSSL
static const char valid_ciphers[] = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:"
|
"ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:"
|
"DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:"
|
"ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:"
|
"ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:"
|
"DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:"
|
"ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:"
|
"ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:"
|
"DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:"
|
"AES256-GCM-SHA384:AES128-SHA256:"
|
"AES256-SHA256:AES128-SHA:AES256-SHA:";
|
Yassl
static const char valid_ciphers[]= "DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:"
|
"AES128-RMD:DES-CBC3-RMD:DHE-RSA-AES256-RMD:"
|
"DHE-RSA-AES128-RMD:DHE-RSA-DES-CBC3-RMD:"
|
"AES256-SHA:RC4-SHA:RC4-MD5:DES-CBC3-SHA:"
|
"DES-CBC-SHA:EDH-RSA-DES-CBC3-SHA:"
|
"EDH-RSA-DES-CBC-SHA:AES128-SHA:AES256-RMD";
|
Transport Layers:
On Windows systems, OpenSSL doesn't provide support for SSL via named pipe or shared memory. Instead we need to provide support for using SChannel (Windows security support provider).
DH (Diffie Hellmann) parameters
OpenSSL documentation recommends not to use static dh parameters: "The risk in reusing DH parameters is that an attacker may specialize on a very often used DH group. Applications should therefore generate their own DH parameters during the installation process using the openssl dhparam application. This application guarantees that "strong" primes are used."
- increase size of internal dh parameter from 2048 to 4096 (recommended)
- Since creating dh param on the fly is too slow, provide an adiitional option to load a dh.pem file
Passphrase protected private keys
If server uses a passphrase protected keyfile, it will not start unless correct passphrase for key was entered.
- Provide a server option --ssl-passphrase for decrypting private key without manual interaction
. OpenSSL version
set minimum required version of OpenSSL to 1.0.1 and update build machines
Server certificate verification
Current implementation only checks validity of server certificate if option MYSQL_OPT_SSL_VERIFY_SERVER_CERT was specified.
According to the documentation this option enables or disables verification of the server's Common Name value in its certificate against the host name used when connecting to the server