| Bug #104778 | Connection fail with FUTURE crypto policy | ||
|---|---|---|---|
| Submitted: | 31 Aug 2021 8:13 | Modified: | 4 Jan 2023 18:20 |
| Reporter: | Daniël van Eeden (OCA) | Email Updates: | |
| Status: | Closed | Impact on me: | |
| Category: | MySQL Server: C API (client library) | Severity: | S3 (Non-critical) |
| Version: | 8.0.26 | OS: | Any |
| Assigned to: | CPU Architecture: | Any | |
| Tags: | Crypto, policy, Security, SSL, tls | ||
[31 Aug 2021 8:14]
Daniël van Eeden
So: * Use a larger DH key * Improve the error reporting as it wasn't showing the failure reason without my patch
[6 Sep 2021 6:06]
MySQL Verification Team
Hello Daniël, Thank you for the report and feedback. regards, Umesh
[24 May 2022 14:33]
Daniël van Eeden
Note that Fedora is going to change this in two steps in Fedora 37 and Fedora 38 https://fedoraproject.org/wiki/Changes/StrongCryptoSettings3Forewarning1
[12 Jul 2022 13:28]
Daniël van Eeden
patch to improve the error handling, doesn't fix the problem that is causing this. (*) I confirm the code being submitted is offered under the terms of the OCA, and that I am authorized to contribute it.
Contribution: tls_err_detail.patch (text/x-patch), 448 bytes.
[14 Jul 2022 7:16]
Georgi Kodinov
Thank you for your bug report, Daniel. It's a valid problem, but the diff is basically a POC and not production ready. Note that the vio code is shared between libmysqlclient and the server.
[4 Jan 2023 18:20]
Christine Cole
Posted by developer: Fixed as of the upcoming MySQL 8.0.33 release, and here's the proposed changelog entry from the documentation team: A connection using the C API (libmysqlclient) client library could fail with the FUTURE crypto policy. Thank you for the bug report.
Description: On Fedora 34: $ sudo update-crypto-policies --set FUTURE Setting system policy to FUTURE Note: System-wide crypto policies are applied on application start-up. It is recommended to restart the system for the change of policies to fully take place. $ mysql -h 127.0.0.1 ERROR 2026 (HY000): SSL connection error: SSL_CTX_set_tmp_dh failed With a small patch: =========================================================== diff --git a/vio/viosslfactories.cc b/vio/viosslfactories.cc index c25117bd0fb..cb9b19565af 100644 --- a/vio/viosslfactories.cc +++ b/vio/viosslfactories.cc @@ -726,6 +726,7 @@ static struct st_VioSSLFd *new_VioSSLFd( /* DH stuff */ dh = get_dh2048(); if (SSL_CTX_set_tmp_dh(ssl_fd->ssl_context, dh) == 0) { + printf("%s\n", ERR_error_string(ERR_get_error(), NULL)); DH_free(dh); *error = SSL_INITERR_DHFAIL; goto error; =========================================================== $ ./runtime_output_directory/mysql -h 127.0.0.1 error:1408518A:SSL routines:ssl3_ctx_ctrl:dh key too small ERROR 2026 (HY000): SSL connection error: SSL_CTX_set_tmp_dh failed How to repeat: sudo update-crypto-policies --set FUTURE mysql -h 127.0.0.1 Some more details: $ cat /etc/crypto-policies/back-ends/opensslcnf.config; echo CipherString = @SECLEVEL=3:kEECDH:kEDH:kPSK:kDHEPSK:kECDHEPSK:-kRSAPSK:-kRSA:-aDSS:-AES128:-SHA256:-3DES:!DES:!RC4:!RC2:!IDEA:-SEED:!eNULL:!aNULL:-SHA1:!MD5:-SHA384:-CAMELLIA:-ARIA:-AESCCM8 Ciphersuites = TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256 MinProtocol = TLSv1.2 MaxProtocol = TLSv1.3 SignatureAlgorithms = ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:ed25519:ed448:rsa_pss_pss_sha256:rsa_pss_pss_sha384:rsa_pss_pss_sha512:rsa_pss_rsae_sha256:rsa_pss_rsae_sha384:rsa_pss_rsae_sha512:RSA+SHA256:RSA+SHA384:RSA+SHA512 Looks like "SECLEVEL=3" is restricting DH keys to >= 3072: https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_security_level.html Suggested fix: Use a >= 3072 bits DH key instead of 2048 bits. And/or make this configurable.