MDEV-22221: wolfssl tls13 #1501
Conversation
|
@grooverdan Looks promising, need some time to digest this myself. Looks like you might still be working on it. Please mark the PR when it's done so I can do a full review. Also, please squash everything into one commit before I start to review. |
|
I'm waiting on the wolfssl upstream to resolve the segfault with tls1.3 and 8k certs (or point to my mistake). Without this its a DoS vulnerability. I suspect nothing more is to be done here. The codebase needs some tls1.3 tests but I'm a bit out of time. What's with the squash commits requirement? These are logically separated, its not like commits are fixes to earlier works. Given https://mariadb.com/kb/en/using-tlsv13/ I was under the assumption that maybe the tests commits might need a backport and maybe the client one too since libmariadb has had non-openssl support for a while. |
vio/viosslfactories.c
Outdated
| @@ -182,6 +182,13 @@ static int wolfssl_send(WOLFSSL* ssl, char* buf, int sz, void* vio) | |||
| { | |||
| return (int)vio_write((Vio *)vio, (unsigned char*)buf, sz); | |||
| } | |||
|
|
|||
| #ifndef TLS1_3_VERSION | |||
| #define TLS1_3_VERSION | |||
There was a problem hiding this comment.
quite right, will remove.
vio/viosslfactories.c
Outdated
| #define TLS1_3_VERSION | ||
| #endif | ||
| #ifndef TLS1_2_VERSION | ||
| #define TLS1_2_VERSION |
There was a problem hiding this comment.
though it was a cleaner than defined(TLS1_2_VERSION) || defined(HAVE_WOLFSSL) below however these are correctly defined in extra/wolfssl/wolfssl/wolfssl/openssl/{tls1,ssl}.h. I will remove them.
Also Vlad, was there a reason FP_MAX_BITS to 16k was conditional on WOLFSSL_FASTMATH? Still trying to fix main.ssl_8k_key test for TLSv1.3 per comments from wolfssl upstream. There's probably something else other than just defining it as I'm still getting segfaults.
There was a problem hiding this comment.
I forgot most of details, but IIRC, FP_MAX_BITS 16K was to please this unrealistic ssl_8k_key test. Nobody in his right mind would allow keys that big, I guess. I think this fastmath was stack based, and alternative was heap based, but I frankly do not remember very much about that.
There was a problem hiding this comment.
Thanks. I'll look more closely at that before I finalise this. Still trying to appease the 8k test in tls1.3, the test that keeps on giving :-)
grooverdan
force-pushed
the
10.4-MDEV-22221-wolfssl-tls13
branch
from
4f8484d
to
4ae7c96
Compare
| @@ -3,15 +3,15 @@ create user ssl_user2@localhost require cipher 'AES256-SHA'; | |||
| create user ssl_user3@localhost require cipher 'AES256-SHA' AND SUBJECT '/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB/CN=client'; | |||
| create user ssl_user4@localhost require cipher 'AES256-SHA' AND SUBJECT '/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB/CN=client' ISSUER '/CN=cacert/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB'; | |||
| create user ssl_user5@localhost require cipher 'AES256-SHA' AND SUBJECT 'xxx'; | |||
| connect con1,localhost,ssl_user1,,,,,SSL-CIPHER=AES256-SHA; | |||
| connect con1,localhost,ssl_user1,,,,,SSL-CIPHER=AES256-SHA TLS-VERSION=TLSv1.1; | |||
There was a problem hiding this comment.
I guess you need TLS-VERSION=TLSv1,TLSv1.1,TLSv1.2 here, and in all other places
this excludes TLSv1.3, this is what you want to do, TLS-VERSION=TLSv1.1 would force 1.1 instead
There was a problem hiding this comment.
Or, you can maybe automatically set tls_version to "TLSv1,TLSv1.1,TLSv1.2", whenever SSL-CIPHER is given, this would minimize the patch
There was a problem hiding this comment.
I like the behaviour of implicit tls_version when SSL-CIPHER Is given. Good idea. I'll probably take a diversion to MDEV-21965 as it has some implications on what the behaviour here should be.
I'm also the the depths of EVP_CipherFinal_ex differences between openssl and wolfssl in the aes unittest failure on AES-GCM. So much for a quick enablement PR.
| @@ -2,7 +2,7 @@ | |||
| # | |||
| # Bug#29784 YaSSL assertion failure when reading 8k key. | |||
| # | |||
| --exec $MYSQL --connect-timeout=180 --ssl --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem -e "SELECT (VARIABLE_VALUE <> '') as have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher'" 2>&1 | |||
| --exec $MYSQL --connect-timeout=180 --ssl --tls-version=TLSv1.1 --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem -e "SELECT (VARIABLE_VALUE <> '') as have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher'" 2>&1 | |||
There was a problem hiding this comment.
is this --tls-version change needed?
|
fix committed by @vaintroub last year. |
libmariadb has exposes ssl options in non-openssl variants for a while so may as well enable them.
Passes the tests in the bug report:
TODO; need to resolve main.ssl_cipher and main.ssl_8k_key test cases and check FP_MAX_BITS cmake condition. Pushing for build results.