Bug #77602 | Support reading Diffie Hellman parameters from an external file | ||
---|---|---|---|
Submitted: | 2 Jul 2015 16:00 | ||
Reporter: | Georgi Kodinov | Email Updates: | |
Status: | Verified | Impact on me: | |
Category: | MySQL Server: Security: Encryption | Severity: | S4 (Feature request) |
Version: | OS: | Any | |
Assigned to: | CPU Architecture: | Any |
[2 Jul 2015 16:00]
Georgi Kodinov
[8 Jul 2015 15:57]
Jonathan Champ
Problem #1: Using a static value for all servers is that if that value is broken, all servers are broken. From https://weakdh.org/ : Breaking the single, most common 1024-bit prime used by web servers would allow passive eavesdropping on connections to 18% of the Top 1 Million HTTPS domains. A second prime would allow passive decryption of connections to 66% of VPN servers and 26% of SSH servers. Problem #2: Not allowing a custom value requires a code modification and recompile to resolve issues associated with the static value. From https://bugs.mysql.com/bug.php?id=77275 : The newest RHEL/CentOS/SL 6.6 openssl package contains a fix for CVE-2015-4000 (LogJam) [which] limit the use of any SSL DH key sizes to a minimum of 768 bits. This breaks any DHE SSL ciphers for MySQL clients, since the default DHPARAM is a 512 bit one. As far as I can tell this cannot be changed in configuration/runtime; and needs a recompile.
[10 Jul 2015 1:12]
Daniel Black
or generate it on start up -> time openssl dhparam -out dhparams.pem 1024 -> 1.7 seconds, 2K -> 91 seconds. so two vars: ssl_dh_size - key size of autogenerated DH parameters - defaults to 0 (use internal) though could be 1-2K in 5.7, allowed values >= 1024 or 0 ssl_dh_file - dh file to load, if it exists. If it doesn't exist and ssl_dh_size > 0 then DH params are created on startup. If ssl_dh_file is writable by the server, generated parameters are saved to the ssl_dh_file.