Add identify verification option for TLS

dbussink · dbussink · commit 83c6b8ce0a51 · 2022-04-07T14:14:55.000+02:00
Right now the hostname presented on a TLS certificate is never
validated. This means that man-in-the-middle attacks are trivial when
using for example public CAs to sign certificates.

The issue is that anyone can have a public CA sign a certificate for a
hostname they own, which is key to the security model there. But with
the current functionality in the `mysql2` driver, the hostname is never
verified.

This means an attacker could do a man in the middle attack and only has
to present a signed certificate but doesn't have to match the hostname.

It does not only apply to public CAs in system roots, but also for
example Amazon RDS where a single root chain is also used.

The changes here add an option to explicitly verify the identity on the
certificate. This option is available in other MySQL drivers as well,
such as `libmysqlclient` and everything based on that (often drivers for
Ruby, Python etc.). Also other languages like Go, Java, .Net etc.
provide an option to have strict identity verification.

Ideally of course, this validation would be the default and always
enforced, but that also would likely be a significant breaking change,
so right now in the code here the setting is opt-in for having a secure
connection to MySQL.

Additionally, it adds SNI on the connection which is a best practice as
well.
diff --git a/lib/connection.js b/lib/connection.js
@@ -342,13 +342,19 @@ class Connection extends EventEmitter {
       minVersion: this.config.ssl.minVersion
     });
     const rejectUnauthorized = this.config.ssl.rejectUnauthorized;
+    const verifyIdentity = this.config.ssl.verifyIdentity;
+    const host = this.config.host;
+
     let secureEstablished = false;
     const secureSocket = new Tls.TLSSocket(this.stream, {
       rejectUnauthorized: rejectUnauthorized,
       requestCert: true,
       secureContext: secureContext,
       isServer: false
     });
+    if (typeof host === 'string') {
+      secureSocket.setServername(host);
+    }
     // error handler for secure socket
     secureSocket.on('_tlsError', err => {
       if (secureEstablished) {
@@ -359,7 +365,15 @@ class Connection extends EventEmitter {
     });
     secureSocket.on('secure', () => {
       secureEstablished = true;
-      onSecure(rejectUnauthorized ? secureSocket.ssl.verifyError() : null);
+      let callbackValue = null;
+      if (rejectUnauthorized) {
+        callbackValue = secureSocket.ssl.verifyError()
+        if (!callbackValue && typeof host === 'string' && verifyIdentity) {
+          const cert = secureSocket.ssl.getPeerCertificate(true);
+          callbackValue = Tls.checkServerIdentity(host, cert)
+        }
+      }
+      onSecure(callbackValue);
     });
     secureSocket.on('data', data => {
       this.packetParser.execute(data);
diff --git a/typings/mysql/lib/Connection.d.ts b/typings/mysql/lib/Connection.d.ts
@@ -226,6 +226,12 @@ declare namespace Connection {
          * Configure the minimum supported version of SSL, the default is TLSv1.2.
          */
         minVersion?: string;
+
+        /**
+         * You can verify the server name identity presented on the server certificate when connecting to a MySQL server.
+         * You should enable this but it is disabled by default right now for backwards compatibility.
+         */
+         verifyIdentity?: boolean;
     }
 }
 

Original file line number	Diff line number	Diff line change
`@@ -226,6 +226,12 @@ declare namespace Connection {`
`226`	`226`	`* Configure the minimum supported version of SSL, the default is TLSv1.2.`
`227`	`227`	`*/`
`228`	`228`	`minVersion?: string;`
	`229`	`+`
	`230`	`+ /**`
	`231`	`+ * You can verify the server name identity presented on the server certificate when connecting to a MySQL server.`
	`232`	`+ * You should enable this but it is disabled by default right now for backwards compatibility.`
	`233`	`+ */`
	`234`	`+ verifyIdentity?: boolean;`
`229`	`235`	`}`
`230`	`236`	`}`
`231`	`237`