New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
MDEV-22221: wolfssl tls13 #1501
Conversation
@grooverdan Looks promising, need some time to digest this myself. Looks like you might still be working on it. Please mark the PR when it's done so I can do a full review. Also, please squash everything into one commit before I start to review. |
I'm waiting on the wolfssl upstream to resolve the segfault with tls1.3 and 8k certs (or point to my mistake). Without this its a DoS vulnerability. I suspect nothing more is to be done here. The codebase needs some tls1.3 tests but I'm a bit out of time. What's with the squash commits requirement? These are logically separated, its not like commits are fixes to earlier works. Given https://mariadb.com/kb/en/using-tlsv13/ I was under the assumption that maybe the tests commits might need a backport and maybe the client one too since libmariadb has had non-openssl support for a while. |
vio/viosslfactories.c
Outdated
@@ -182,6 +182,13 @@ static int wolfssl_send(WOLFSSL* ssl, char* buf, int sz, void* vio) | |||
{ | |||
return (int)vio_write((Vio *)vio, (unsigned char*)buf, sz); | |||
} | |||
|
|||
#ifndef TLS1_3_VERSION | |||
#define TLS1_3_VERSION |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
quite right, will remove.
vio/viosslfactories.c
Outdated
#define TLS1_3_VERSION | ||
#endif | ||
#ifndef TLS1_2_VERSION | ||
#define TLS1_2_VERSION |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do we need that?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
though it was a cleaner than defined(TLS1_2_VERSION) || defined(HAVE_WOLFSSL)
below however these are correctly defined in extra/wolfssl/wolfssl/wolfssl/openssl/{tls1,ssl}.h
. I will remove them.
Also Vlad, was there a reason FP_MAX_BITS to 16k was conditional on WOLFSSL_FASTMATH? Still trying to fix main.ssl_8k_key test for TLSv1.3 per comments from wolfssl upstream. There's probably something else other than just defining it as I'm still getting segfaults.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I forgot most of details, but IIRC, FP_MAX_BITS 16K was to please this unrealistic ssl_8k_key test. Nobody in his right mind would allow keys that big, I guess. I think this fastmath was stack based, and alternative was heap based, but I frankly do not remember very much about that.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks. I'll look more closely at that before I finalise this. Still trying to appease the 8k test in tls1.3, the test that keeps on giving :-)
4f8484d
to
4ae7c96
Compare
@@ -3,15 +3,15 @@ create user ssl_user2@localhost require cipher 'AES256-SHA'; | |||
create user ssl_user3@localhost require cipher 'AES256-SHA' AND SUBJECT '/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB/CN=client'; | |||
create user ssl_user4@localhost require cipher 'AES256-SHA' AND SUBJECT '/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB/CN=client' ISSUER '/CN=cacert/C=FI/ST=Helsinki/L=Helsinki/O=MariaDB'; | |||
create user ssl_user5@localhost require cipher 'AES256-SHA' AND SUBJECT 'xxx'; | |||
connect con1,localhost,ssl_user1,,,,,SSL-CIPHER=AES256-SHA; | |||
connect con1,localhost,ssl_user1,,,,,SSL-CIPHER=AES256-SHA TLS-VERSION=TLSv1.1; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I guess you need TLS-VERSION=TLSv1,TLSv1.1,TLSv1.2 here, and in all other places
this excludes TLSv1.3, this is what you want to do, TLS-VERSION=TLSv1.1 would force 1.1 instead
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Or, you can maybe automatically set tls_version to "TLSv1,TLSv1.1,TLSv1.2", whenever SSL-CIPHER is given, this would minimize the patch
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I like the behaviour of implicit tls_version when SSL-CIPHER Is given. Good idea. I'll probably take a diversion to MDEV-21965 as it has some implications on what the behaviour here should be.
I'm also the the depths of EVP_CipherFinal_ex differences between openssl and wolfssl in the aes unittest failure on AES-GCM. So much for a quick enablement PR.
@@ -2,7 +2,7 @@ | |||
# | |||
# Bug#29784 YaSSL assertion failure when reading 8k key. | |||
# | |||
--exec $MYSQL --connect-timeout=180 --ssl --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem -e "SELECT (VARIABLE_VALUE <> '') as have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher'" 2>&1 | |||
--exec $MYSQL --connect-timeout=180 --ssl --tls-version=TLSv1.1 --ssl-key=$MYSQL_TEST_DIR/std_data/client-key.pem --ssl-cert=$MYSQL_TEST_DIR/std_data/client-cert.pem -e "SELECT (VARIABLE_VALUE <> '') as have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher'" 2>&1 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
is this --tls-version change needed?
fix committed by @vaintroub last year. |
libmariadb has exposes ssl options in non-openssl variants for a while so may as well enable them.
Passes the tests in the bug report:
TODO; need to resolve main.ssl_cipher and main.ssl_8k_key test cases and check FP_MAX_BITS cmake condition. Pushing for build results.