Re: ssl_cipher_list_to_bytes:no ciphers available
On 5/6/21 9:30 PM, Howard Chu wrote: > With this patch > https://git.openldap.org/openldap/openldap/-/commit/cd3567d750b653949e50b6245428e594dff1d8a4 > the above problem will no longer occur.> That is, if your ciphersuite doesn't > contain any TLS1.3 ciphers, then > the existing TLS1.3 ciphersuites will not be changed. So you'll get > the compiled-in defaults if nothing else was changed. That means you > can continue to use old configs without any further changes. That's helpful and will avoid lots of questions on the mailing lists. Ciao, Michael.
Re: ssl_cipher_list_to_bytes:no ciphers available
Michael Ströder wrote: > On 5/5/21 1:29 PM, Howard Chu wrote: >> Michael Ströder wrote: >>> TLSProtocolMin 3.3 >>> TLSCipherSuite HIGH >> >> Then you're getting TLSv1.3 on these connections. Your ciphersuite config >> has no TLSv1.3 ciphers though; cipher suite "HIGH" only affects TLSv1.2 and >> below. > > Ah sorry. I've wrongly implied that OpenSSL automagically chooses > appropriate TLSv1.3 ciphers for HIGH. > >> Change your suite config to include some actual TLSv1.3 suites and it will be >> fine. There's no bug here, just a change in OpenSSL behavior which is covered >> in their documentation. https://wiki.openssl.org/index.php/TLS1.3 > > Thanks for your explanations. > > Your text seems worth to be added herein: > > https://www.openldap.org/doc/admin25/guide.html#More%20extensive%20TLS%20configuration%20control With this patch https://git.openldap.org/openldap/openldap/-/commit/cd3567d750b653949e50b6245428e594dff1d8a4 the above problem will no longer occur. That is, if your ciphersuite doesn't contain any TLS1.3 ciphers, then the existing TLS1.3 ciphersuites will not be changed. So you'll get the compiled-in defaults if nothing else was changed. That means you can continue to use old configs without any further changes. I don't think there's any security weakness here since the compiled-in defaults are strong. Just a question of whether it's better to force sysadmins to be cognizant of TLS1.3 or let them keep going on without thinking about it. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
Re: ssl_cipher_list_to_bytes:no ciphers available
On 5/5/21 1:29 PM, Howard Chu wrote: > Michael Ströder wrote: >> TLSProtocolMin 3.3 >> TLSCipherSuite HIGH > > Then you're getting TLSv1.3 on these connections. Your ciphersuite config > has no TLSv1.3 ciphers though; cipher suite "HIGH" only affects TLSv1.2 and > below. Ah sorry. I've wrongly implied that OpenSSL automagically chooses appropriate TLSv1.3 ciphers for HIGH. > Change your suite config to include some actual TLSv1.3 suites and it will be > fine. There's no bug here, just a change in OpenSSL behavior which is covered > in their documentation. https://wiki.openssl.org/index.php/TLS1.3 Thanks for your explanations. Your text seems worth to be added herein: https://www.openldap.org/doc/admin25/guide.html#More%20extensive%20TLS%20configuration%20control Ciao, Michael.
Re: ssl_cipher_list_to_bytes:no ciphers available
On 5/5/21 2:51 AM, Howard Chu wrote: > Michael Ströder wrote: >> I have issues with OpenSSL ciphers on my openSUSE Tumbleweed and release >> 2.5.4 when connecting to an 2.4 provider: >> >> TLS: can't connect: error:141A90B5:SSL >> routines:ssl_cipher_list_to_bytes:no ciphers available. >> >> An 2.4.58 consumer replica works just fine. >> >> There is this commit in RE25 and I'm not sure whether that introduces a >> regression on my system: >> >> b72bce2400ce303766f355a1dd37f4012754c942 >> ITS#9521 Set TLSv1.3 cipher suites for OpenSSL 1.1 >> >> BTW: openSUSE has implemented something like a crypto policy configuration: >> >> https://build.opensuse.org/package/view_file/security:tls/openssl-1_1/openssl-1.1.1-system-cipherlist.patch?expand=1 >> >> Any clue what's going on? > > What ciphers have you configured on your client and server? What versions of > OpenSSL are running on each? TL;DR: If I comment TLSCipherSuite in the 2.5.4 slapd.conf everything works. It fails when setting this in slapd provider (2.4.58) *and* consumer (2.5.4): TLSProtocolMin 3.3 TLSCipherSuite HIGH BTW: I didn't know that these server-side settings also affect the syncrepl-client config. This works when connecting with 2.5.4 CLI tools to 2.4.58 server: LDAPNOINIT=1 LDAPTLS_PROTOCOL_MIN=3.3 LDAPTLS_CIPHER_SUITE=HIGH /opt/openldap-ms/bin/ldapwhoami .. But connecting even only with openssl s_client to 2.5.4 server does not work with the above TLSCipherSuite settings. All systems have OpenSSL 1.1.1k. The symlink /etc/crypto-policies/back-ends/openssl.config points to /usr/share/crypto-policies/DEFAULT/openssl.txt which has this single line: @SECLEVEL=2:kEECDH:kRSA:kEDH:kPSK:kDHEPSK:kECDHEPSK:kRSAPSK:-aDSS:-3DES:!DES:!RC4:!RC2:!IDEA:-SEED:!eNULL:!aNULL:!MD5:-SHA384:-CAMELLIA:-ARIA:-AESCCM8 Not sure what is really affected by this file. You can see how RPMs are built in OBS: https://build.opensuse.org/package/show/security:tls/openssl-1_1 https://build.opensuse.org/package/show/home:stroeder:openldap25/openldap-ms Ciao, Michael.
Re: ssl_cipher_list_to_bytes:no ciphers available
Michael Ströder wrote: > On 5/5/21 1:29 PM, Howard Chu wrote: >> Michael Ströder wrote: >>> TLSProtocolMin 3.3 >>> TLSCipherSuite HIGH >> >> Then you're getting TLSv1.3 on these connections. Your ciphersuite config >> has no TLSv1.3 ciphers though; cipher suite "HIGH" only affects TLSv1.2 and >> below. > > Ah sorry. I've wrongly implied that OpenSSL automagically chooses > appropriate TLSv1.3 ciphers for HIGH. > >> Change your suite config to include some actual TLSv1.3 suites and it will be >> fine. There's no bug here, just a change in OpenSSL behavior which is covered >> in their documentation. https://wiki.openssl.org/index.php/TLS1.3 This appears to be one of the things they changed between OpenSSL 1.1.0 and 1.1.1. It's overall pretty user-unfriendly, I've submitted a patch to them to make things a little easier. https://github.com/openssl/openssl/pull/15161 Perhaps this problem can go away in a future OpenSSL release. > > Thanks for your explanations. > > Your text seems worth to be added herein: > > https://www.openldap.org/doc/admin25/guide.html#More%20extensive%20TLS%20configuration%20control > > Ciao, Michael. > -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
Re: ssl_cipher_list_to_bytes:no ciphers available
Michael Ströder wrote: > Filed ITS: > > https://bugs.openldap.org/show_bug.cgi?id=9546 Not a bug. Closing. > > Ciao, Michael. > -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
Re: ssl_cipher_list_to_bytes:no ciphers available
Michael Ströder wrote: > On 5/5/21 2:51 AM, Howard Chu wrote: >> Michael Ströder wrote: >>> I have issues with OpenSSL ciphers on my openSUSE Tumbleweed and release >>> 2.5.4 when connecting to an 2.4 provider: >>> >>> TLS: can't connect: error:141A90B5:SSL >>> routines:ssl_cipher_list_to_bytes:no ciphers available. >>> >>> An 2.4.58 consumer replica works just fine. >>> >>> There is this commit in RE25 and I'm not sure whether that introduces a >>> regression on my system: >>> >>> b72bce2400ce303766f355a1dd37f4012754c942 >>> ITS#9521 Set TLSv1.3 cipher suites for OpenSSL 1.1 >>> >>> BTW: openSUSE has implemented something like a crypto policy configuration: >>> >>> https://build.opensuse.org/package/view_file/security:tls/openssl-1_1/openssl-1.1.1-system-cipherlist.patch?expand=1 >>> >>> Any clue what's going on? >> >> What ciphers have you configured on your client and server? What versions of >> OpenSSL are running on each? > > TL;DR: If I comment TLSCipherSuite in the 2.5.4 slapd.conf everything works. > > It fails when setting this in slapd provider (2.4.58) *and* consumer > (2.5.4): > > TLSProtocolMin 3.3 > TLSCipherSuite HIGH > > BTW: I didn't know that these server-side settings also affect the > syncrepl-client config. > > This works when connecting with 2.5.4 CLI tools to 2.4.58 server: > > LDAPNOINIT=1 LDAPTLS_PROTOCOL_MIN=3.3 LDAPTLS_CIPHER_SUITE=HIGH > /opt/openldap-ms/bin/ldapwhoami .. > > But connecting even only with openssl s_client to 2.5.4 server does not > work with the above TLSCipherSuite settings. > > All systems have OpenSSL 1.1.1k. Then you're getting TLSv1.3 on these connections. Your ciphersuite config has no TLSv1.3 ciphers though; cipher suite "HIGH" only affects TLSv1.2 and below. When you leave the suite unconfigured, it works because the hardcoded default in OpenSSL includes a set of TLSv1.3 suites. When you set the TLSCipherSuite parameter, all defaults are zeroed out and then your settings are configured. The OpenSuSE patch you pointed to also only sets the suites for TLSv1.2 and below, it doesn't call the OpenSSL API to set TLSv1.3 suites so the hardcoded defaults are still in effect. Change your suite config to include some actual TLSv1.3 suites and it will be fine. There's no bug here, just a change in OpenSSL behavior which is covered in their documentation. https://wiki.openssl.org/index.php/TLS1.3 I've seen in other software that they've split their cipher config to use CIPHER_LIST to configure TLSv1.2 and below, and CIPHER_SUITE to configure TLSv1.3. Since our config keyword already uses CIPHERSUITE our approach was simply to use it for both, scanning the provided string for TLSv1.3 suite names before doing the usual TLSv1.2 processing. This behavior is also in accordance with OpenSSL's own tools, which always list the TLSv1.3 ciphers along with the TLSv1.2 ciphers when you query it for configured cipher suites. I.e., even though OpenSSL itself configures them separately, it always displays the configuration as a single list, so conceptually, for us anyway, it is still a single parameter list. > The symlink > /etc/crypto-policies/back-ends/openssl.config points to > /usr/share/crypto-policies/DEFAULT/openssl.txt which has this single line: > > @SECLEVEL=2:kEECDH:kRSA:kEDH:kPSK:kDHEPSK:kECDHEPSK:kRSAPSK:-aDSS:-3DES:!DES:!RC4:!RC2:!IDEA:-SEED:!eNULL:!aNULL:!MD5:-SHA384:-CAMELLIA:-ARIA:-AESCCM8 > > Not sure what is really affected by this file. > > You can see how RPMs are built in OBS: > > https://build.opensuse.org/package/show/security:tls/openssl-1_1 > > https://build.opensuse.org/package/show/home:stroeder:openldap25/openldap-ms > > Ciao, Michael. > -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
Re: ssl_cipher_list_to_bytes:no ciphers available
Filed ITS: https://bugs.openldap.org/show_bug.cgi?id=9546 Ciao, Michael.
Re: ssl_cipher_list_to_bytes:no ciphers available
Michael Ströder wrote: > HI! > > I have issues with OpenSSL ciphers on my openSUSE Tumbleweed and release > 2.5.4 when connecting to an 2.4 provider: > > TLS: can't connect: error:141A90B5:SSL > routines:ssl_cipher_list_to_bytes:no ciphers available. > > An 2.4.58 consumer replica works just fine. > > There is this commit in RE25 and I'm not sure whether that introduces a > regression on my system: > > b72bce2400ce303766f355a1dd37f4012754c942 > ITS#9521 Set TLSv1.3 cipher suites for OpenSSL 1.1 > > BTW: openSUSE has implemented something like a crypto policy configuration: > > https://build.opensuse.org/package/view_file/security:tls/openssl-1_1/openssl-1.1.1-system-cipherlist.patch?expand=1 > > Any clue what's going on? What ciphers have you configured on your client and server? What versions of OpenSSL are running on each? > > Ciao, Michael. > -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/