New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
syslog-ng tries TLS1.3 even with TLS1.2 cipher-suite(s) #3906
Comments
Thanks for opening this issue. Cipher suites must be respected by syslog-ng, we'll look into that. Until then, you can try adding |
It seems OpenSSL provides a separate call for setting TLS 1.3 ciphers : I'll try to come up with a fix soon. Hopefully, we won't have to introduce a separate option for setting TLS 1.3 ciphers. |
Please don't :)
…On Tue, Feb 8, 2022, 18:18 László Várady ***@***.***> wrote:
It seems OpenSSL provides a separate call for setting TLS 1.3 ciphers :
SSL_CTX_set_ciphersuites().
SSL_CTX_set_cipher_list() (what we currently use) is only for TLS 1.2 and
below.
I'll try to come up with a fix soon. Hopefully, we don't have to introduce
a separate option for setting TLS 1.3 ciphers.
—
Reply to this email directly, view it on GitHub
<#3906 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAFOK5S7ABNDAGOLQ46UGZLU2FF5XANCNFSM5N267FSQ>
.
Triage notifications on the go with GitHub Mobile for iOS
<https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675>
or Android
<https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub>.
You are receiving this because you are subscribed to this thread.Message
ID: ***@***.***>
|
Thanks for confirming the issue and the workaround.
I ran syslog-ng 3.30 through ltrace in Alpine and, as far as I can tell, both APIs are called:
I ran syslog-ng like this:
Could it be that openssl calls the TLSv1.3 API internally? |
Yes, as we currently don't set TLS 1.3 ciphers properly with |
@bazsi I believe we can not "just fix" the OpenSSL started using a separate call intentionally.
This is why OpenSSL-based applications that let users configure their preferred cipher suite use separate options:
If we really don't want to add a new option for 1.3 ciphers, we may require users to differentiate 1.3 ciphers, for example with a unique prefix (similarly to the Apache protocol specifier). To be fully compatible with older syslog-ng versions and configurations, we should not restrict the default 1.3 cipher suite in case no TLS1.3 cipher was listed in |
The following would work as well (IMHO it looks better than separate options): Compat method (only for TLS 1.2-and-older):
Preferred new method:
|
This looks awesome. If we follow am options schema that is similar to other
apps using this option, I am fine with that too.
…On Wed, Feb 9, 2022, 13:26 László Várady ***@***.***> wrote:
The following would work as well (IMHO it looks better than separate
options):
Compat method:
tls(
cipher-suite("list:of:old:ciphers" tls13("list:of:new:ciphers"))
}
Preferred new method:
tls(
cipher-suite(tls12("list:of:old:ciphers"), tls13("list:of:new:ciphers"))
}
—
Reply to this email directly, view it on GitHub
<#3906 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAFOK5R47UVD727OR354GPTU2JMODANCNFSM5N267FSQ>
.
Triage notifications on the go with GitHub Mobile for iOS
<https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675>
or Android
<https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub>.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
#3907 will make it possible to restrict TLS 1.3 ciphers. Specifying an empty TLSv1.3 list is not allowed by OpenSSL, so |
syslog-ng
Version of syslog-ng
syslog-ng 3 (3.30.1)
Config version: 3.29
Installer-Version: 3.30.1
Revision:
Compile-Date: Sep 11 2021 11:42:11
Module-Directory: /usr/lib/syslog-ng
Module-Path: /usr/lib/syslog-ng
Include-Path: /usr/share/syslog-ng/include
Available-Modules: disk-buffer,afprog,dbparser,hook-commands,afuser,affile,confgen,cryptofuncs,basicfuncs,csvparser,linux-kmsg-format,pseudofile,appmodel,system-source,afsocket,kvformat,timestamp,azure-auth-header,cef,secure-logging,syslogformat
Enable-Debug: off
Enable-GProf: off
Enable-Memtrace: off
Enable-IPv6: on
Enable-Spoof-Source: off
Enable-TCP-Wrapper: off
Enable-Linux-Caps: off
Enable-Systemd: off
Platform
Container image based on Alpine 3.15.
Issue
We're using syslog-ng to forward log messages generated by some modules. Depending on configuration, the
messages can be sent over TLS. The modules are part of a bigger system which currently only knows TLSv1.2, and which wants to configure every syslog client to use certain TLSv1.2 only ciphers like AES128-GCM-SHA256, AES256-GCM-SHA384 etc. Thing is, even if I write the syslog-ng configuration to only use these TLSv1.2 ciphers, the ClientHello sent when syslog-ng initiates a connection includes extra ciphers which, as far as I can tell, are TLSv1.3 ciphers (and syslog-ng advertises TLSv1.3 support):
Is this behavior intended?
I know it's strange to turn off the newer and supposedly safer version of the protocol, but I'm told this is for certification purposes - as far as I understand, it's not possible to use TLS1.3 for FIPS certification.
One example configuration snippet I use:
destination destination_0 {
network(
""
transport("tls")
port(6514)
tls( ca_dir("/etc/syslog-ng/tls/ca.d")
key_file("/etc/syslog-ng/tls/cert.d/client_key")
cert_file("/etc/syslog-ng/tls/cert.d/client_cert")
cipher-suite("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256")
peer-verify(no)
)
);
};
We currently have syslog-ng 3.22, but verified this also happens in 3.30. I see in the latter version it's possible to specify 'ssl-options(no-tlsv13)', is that the only workaround? Or is there some other option to make the cipher-suite selection more strict?
The text was updated successfully, but these errors were encountered: