Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support SSL Request V2 packet #1342

Open
bgrainger opened this issue Jul 9, 2023 · 3 comments
Open

Support SSL Request V2 packet #1342

bgrainger opened this issue Jul 9, 2023 · 3 comments

Comments

@bgrainger
Copy link
Member

If mariadb-corporation/mariadb-connector-c#227 is accepted, then MySqlConnector should also support the new TLS handshake.

Exact details are in that case and subject to change, but at a high level:

  • Server exposes "supports SSL Request V2" bit
  • Client sends new two-byte SSL Request V2 packet
  • Client should (must?) verify CA to avoid MitM
  • Client sends handshake response with "supports SSL Request V2" bit set
@dlenski
Copy link
Contributor

dlenski commented Jul 11, 2023

Thanks for creating this!

As I just noted in mariadb-corporation/mariadb-connector-c#227 (comment)

I also moved the CLIENT_CAN_SSL_V2 capability bit from the MariaDB extensions (1ULL << 37) to the shared MySQL/MariaDB capability bits (1ULL << 28).

MySQL is affected by these vulnerabilities as well, and if we want to enable a better TLS handshake for all client/server combinations, this capability bit needs to be sent between all client/server combinations.

I believe this will be necessary for non-MariaDB-specific clients like yours to receive the appropriate capability bit from the server (Server exposes "supports SSL Request V2" bit ).

@dlenski
Copy link
Contributor

dlenski commented Jul 11, 2023

  • Client sends handshake response with "supports SSL Request V2" bit set

As it's currently implemented in mariadb-corporation/mariadb-connector-c#227 and MariaDB/server#2684, the client's initial (plaintext) packet will contain only the CLIENT_SSL bit.

However, in the post-TLS packet, the client should send the CLIENT_CAN_SSL_V2 bit, because this will allow the server to detect a downgrade attack in which a MITM has forced the client not to use the SSL V2 handshake.

https://github.com/MariaDB/server/pull/2684/files#diff-df544694418bef1c4bc6cdc5211ca133e7ad4d31901f16d0fdee8df6e4debe89R12792-R12813

@bgrainger
Copy link
Member Author

  • Client sends handshake response with "supports SSL Request V2" bit set

However, in the post-TLS packet, the client should send the CLIENT_CAN_SSL_V2 bit

Yes, that's what I meant in my issue. The handshake packet is now only sent after TLS is negotiated (because what would have been the first "handshake response" is now replaced with "SSL Request V2").

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Development

No branches or pull requests

2 participants