Am 18.12.25 um 17:17 schrieb Mark Thomas:
On 18/12/2025 13:28, Mark Thomas wrote:
On 18/12/2025 12:58, Rainer Jung wrote:
I was analyzing it using 9.0.113 but I think I also saw it for
10.1.50. JVM was from various 1.8.0 vendor for TC 9 and at least
adopt 11 for 10.1.50 (I then stopped testing).
Bingo. Now I know what is going on.
Those versions have a default value of ciphers of:
"HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA"
That doesn't include the default TLS 1.3 ciphers so when we run a test
that uses only TLS 1.3 the new native code fails because no TLS 1.3
ciphers are set.
I was testing with 9.0.x etc where the default for ciphers is now:
"HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!
kRSA:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256"
We need to figure out how to make this work for older versions.
I think we need to be able to differentiate between Tomcat <= 11.0.15,
<= 10.1.50 and <= 9.0.113 configuring protocols="TLSv1.3" and the
default ciphers that only includes TLSv1.2 ciphers (should use default
ciphers for TLSv1.3) and newer versions of Tomcat that configure
protocols="TLSv1.3" and an explicit ciphers value without any TLSv1.3
ciphers (should fail).
I think the only way to do this is with a new Tomcat Native method
that sets cipher suites for TLS 1.2 and TLS 1.3. I think that is the
only way to distinguish between these scenarios.
How about:
public static native boolean setCipherSuites(long ctx, String
cipherSuites)
(note the extra "s" at the end of the method name)
Hmm. We currently have:
SSLContext.setCipherSuite
and
SSL.setCipherSuites
so the original name for the new method won't work. How about:
public static native boolean setCipherSuitesEx(long ctx, String
cipherSuites)
on both SSLContext and SSL
I can also reproduce the "... Tomcat interprets the [ciphers]
attribute..." warning now as well.
There are a lot of moving parts here and I want to get to the bottom of
all of the various issues we are seeing and make sure that they are
resolved - or at least documented and understood - for all the various
combinations of Tomcat version, OpenSSL version, Java version, Tomcat
Native version etc.
I think a tag this week is currently looking less likely than I thought
a few hours ago.
Since the OpenSSL methods for setting ciphers for TLS < 1.3 and == 1.3
behave so different, I wonder whether a uniform approach can work.
The httpd web server reused its existing SSLCipherSuite config
directive, but in effect you can use it like before, which only sets the
cipher list for TLS < 1.3 or you can use it with the additional token
"TLS1.3" before the ciphers, which then sets the TLS 1.3 ciphers. And
you can use it twice, once for the non 1.3 ciphers and once for the 1.3
ciphers. So httpd makes no attempt to unify those two cases. They are
configured and handled separately.
Since it might not be clear, which protocol client and server negotiate,
I am not sure how easy it is to get to a uniform cipher configuration.
Whether we provide two API methods (< 1.3 and == 1.3) or some syntactic
cipher list sugar that we can use to split the two intended cases (<1.3
and == 1.3) from one config string might be a question of style. But I
think we need a way to express different cipher configurations for < 1.3
and == 1.3.
Hope that makes sense, but maybe I did not yet fully understand the
scope of the discussion.
Best regards,
Rainer
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
