Description:
The newest RHEL/CentOS/SL 6.6 openssl package (1.0.1e-30.el6_6.9 ; published around 6/4/2015) contains a fix for CVE-2015-4000 (LogJam) . RedHat's fix for this was to limit the use of any SSL DH key sizes to a minimum of 768 bits. This breaks any DHE SSL ciphers for MySQL clients as soon as you install the openssl update, since in vio/viosslfactories.c , the default DHPARAM is a 512 bit one. As far as I can tell this cannot be changed in configuration/runtime; and needs a recompile.
How to repeat:
If a user on a MySQL 5.6.23 server is configured with grant "require SSL", and the client (using the updated openssl package: 1.0.1e-30.el6_6.9) executes:
# mysql -u user -h serverhostname --ssl --ssl-cipher=DHE-RSA-AES256-SHA -p
Enter password:
ERROR 2026 (HY000): SSL connection error: error:00000001:lib(0):func(0):reason(1)
Using a non-DHE cipher works fine, e.g.:
# mysql -u user -h serverhostname --ssl --ssl-cipher=AES256-SHA -p
The same problem will also occur for any supported DHE cipher. Any non-DHE cipher will work as expected.
Workaround:
* Downgrade the client openssl package to any version before 1.0.1e-30.el6_6.9; e.g. 0:1.0.1e-30.el6_6.8
* Alternatively, do not use DH ciphers. This is not acceptable because the supported non-DH ciphers do not afford any PFS protection.
Suggested fix:
Solution is for the server to present a 1024 bit DH param. This would:
* Avoid the problem with "fixed" client libraries.
* Still be small enough to avoid problems with some clients (e.g. older Java versions do not like DH params > 1024 bit)
* Improve security in general.
To achieve this, we should probably include this RedHat patch:
https://lists.fedoraproject.org/pipermail/scm-commits/2012-December/910767.html
