Re: Tomcat 9.0.59 - TLS 1.3 cipher configuration ignored (TLS 1.2 ok)
Am Dienstag, dem 15.03.2022 um 15:29 +0100 schrieb Rémy Maucherat: > I used Panama for prototyping, SSL_CTX_set_ciphersuites works but is > > not so trivial to use. If you try using the ciphersuite for more than > > 1.3, there will be warnings (which I improved), and the default > Tomcat > > uses also does not make sense for 1.3. I wonder if it should revert > to > > not setting anything in that case (which would need some more > > changes). > > > > Rémy Should I open a bug / feature request in bugzilla to track that feature? Torsten -- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Tomcat 9.0.59 - TLS 1.3 cipher configuration ignored (TLS 1.2 ok)
On Fri, Mar 11, 2022 at 6:58 PM Christopher Schultz wrote: > > Torsten, > > On 3/11/22 06:03, Torsten Krah wrote: > >> It seems to me you are listing a cipher that might be correct > >> according to the OpenSSL documentation, but then whether that is > >> available to your JVM may be different. > > > > That is for sure not the problem - just use the "ciphers.sh" from the > > binary directory of tomcat which will list you all possible ciphers you > > can use - and those match the ones I want to use. > > > >> > >> Maybe you can run some small java application on the very same JVM to > >> simply list the supported ciphers? At least that would give you an > >> authorative list of ciphers you can put into the configuration file. > > > > No need for that, tomcat already has that - use ciphers.sh . > > > > As Thomas found, it is a known bug / missing feature of tomcat - you > > can't configure TLS 1.3 ciphers in tomcat yet if you want to use the > > OpenSSL native implementation and Mark Thomas confirmed that here: > > > > https://lists.apache.org/thread/q8lmp40xkn0b4k4o6n05n9fyttlvmd22 > > > > That was 08/2019 - but it still is unsupported in 03/2022 - maybe I'll > > do a patch for that one ;). > > If you do, please make sure you use appropriate #ifdefs in order to > allow it to compile against multiple versions of OpenSSL, not just > whatever version you happen to have installed on your local machine. I used Panama for prototyping, SSL_CTX_set_ciphersuites works but is not so trivial to use. If you try using the ciphersuite for more than 1.3, there will be warnings (which I improved), and the default Tomcat uses also does not make sense for 1.3. I wonder if it should revert to not setting anything in that case (which would need some more changes). Rémy > -chris > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Tomcat 9.0.59 - TLS 1.3 cipher configuration ignored (TLS 1.2 ok)
Torsten, On 3/11/22 06:03, Torsten Krah wrote: It seems to me you are listing a cipher that might be correct according to the OpenSSL documentation, but then whether that is available to your JVM may be different. That is for sure not the problem - just use the "ciphers.sh" from the binary directory of tomcat which will list you all possible ciphers you can use - and those match the ones I want to use. Maybe you can run some small java application on the very same JVM to simply list the supported ciphers? At least that would give you an authorative list of ciphers you can put into the configuration file. No need for that, tomcat already has that - use ciphers.sh . As Thomas found, it is a known bug / missing feature of tomcat - you can't configure TLS 1.3 ciphers in tomcat yet if you want to use the OpenSSL native implementation and Mark Thomas confirmed that here: https://lists.apache.org/thread/q8lmp40xkn0b4k4o6n05n9fyttlvmd22 That was 08/2019 - but it still is unsupported in 03/2022 - maybe I'll do a patch for that one ;). If you do, please make sure you use appropriate #ifdefs in order to allow it to compile against multiple versions of OpenSSL, not just whatever version you happen to have installed on your local machine. -chris - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Tomcat 9.0.59 - TLS 1.3 cipher configuration ignored (TLS 1.2 ok)
> It seems to me you are listing a cipher that might be correct > according to the OpenSSL documentation, but then whether that is > available to your JVM may be different. That is for sure not the problem - just use the "ciphers.sh" from the binary directory of tomcat which will list you all possible ciphers you can use - and those match the ones I want to use. > > Maybe you can run some small java application on the very same JVM to > simply list the supported ciphers? At least that would give you an > authorative list of ciphers you can put into the configuration file. No need for that, tomcat already has that - use ciphers.sh . As Thomas found, it is a known bug / missing feature of tomcat - you can't configure TLS 1.3 ciphers in tomcat yet if you want to use the OpenSSL native implementation and Mark Thomas confirmed that here: https://lists.apache.org/thread/q8lmp40xkn0b4k4o6n05n9fyttlvmd22 That was 08/2019 - but it still is unsupported in 03/2022 - maybe I'll do a patch for that one ;). kind regards Torsten - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Tomcat 9.0.59 - TLS 1.3 cipher configuration ignored (TLS 1.2 ok)
CONFIDENTIAL & RESTRICTED Hello Torsten. It seems to me you are listing a cipher that might be correct according to the OpenSSL documentation, but then whether that is available to your JVM may be different. Maybe you can run some small java application on the very same JVM to simply list the supported ciphers? At least that would give you an authorative list of ciphers you can put into the configuration file. And on another level: Could Tomcat list the supported ciphers as part of the exception text? This would neither consume performance because we are in error state anyway and give a direct hint for all future encounters of this problem. Hiran -Original Message- From: Torsten Krah Sent: Friday, March 11, 2022 9:51 To: users@tomcat.apache.org Subject: Re: Tomcat 9.0.59 - TLS 1.3 cipher configuration ignored (TLS 1.2 ok) CAUTION: External mail. Be careful with links and attachments. Interesting exception on startup when using TLS 1.3 only - configured the connector like this: using only TLS 1.3 and the configured ciphers but now I get this on startup: 11-Mar-2022 09:43:42.753 WARNUNG [main] org.apache.tomcat.util.net.openssl.OpenSSLContext.init Fehler beim initialisieren des SSL Contexts java.lang.Exception: Unable to configure permitted SSL ciphers (error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match) at org.apache.tomcat.jni.SSLContext.setCipherSuite(Native Method) at org.apache.tomcat.util.net.openssl.OpenSSLContext.init(OpenSSLContext.java:329) at org.apache.tomcat.util.net.SSLUtilBase.createSSLContext(SSLUtilBase.java:245) at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:97) at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:71) at org.apache.tomcat.util.net.Nio2Endpoint.bind(Nio2Endpoint.java:144) at org.apache.tomcat.util.net.AbstractEndpoint.bindWithCleanup(AbstractEndpoint.java:1227) at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:1240) at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:603) at org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Protocol.java:80) at org.apache.catalina.connector.Connector.initInternal(Connector.java:1046) at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136) at org.apache.catalina.core.StandardService.initInternal(StandardService.java:556) at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136) at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:1042) at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136) at org.apache.catalina.startup.Catalina.load(Catalina.java:724) at org.apache.catalina.startup.Catalina.load(Catalina.java:746) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:568) at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:305) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:475) The cipher names does match: https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwiki.openssl.org%2Findex.php%2FTLS1.3%23Ciphersuitesdata=04%7C01%7C%7C6906465697414d1c2b3b08da033c40bb%7Cb3f4f7c272ce4192aba4d6c7719b5766%7C0%7C0%7C637825898789079215%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000sdata=2KWhK88gs8TleiI1rCujofD%2Fz5t%2B%2F1CUwP0imfcR8bg%3Dreserved=0 and https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fhtml%2Frfc8446%23appendix-B.4data=04%7C01%7C%7C6906465697414d1c2b3b08da033c40bb%7Cb3f4f7c272ce4192aba4d6c7719b5766%7C0%7C0%7C637825898789079215%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000sdata=WUut0yFyPkEaaHrkOwu0Xlcozrowd7sdKdKEiCk4O18%3Dreserved=0 I am lost at that point, maybe someone has an idea. kind regards Torsten - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org IMPORTANT - CONFIDENTIALITY NOTICE - This e-mail is intended only for the use of the individual or entity shown above as addressees . It may contain information which is privileged, confidential or other
Re: Tomcat 9.0.59 - TLS 1.3 cipher configuration ignored (TLS 1.2 ok)
Am Freitag, dem 11.03.2022 um 09:17 + schrieb Thomas Hoffmann (Speed4Trade GmbH): > The configuration which works for me is: > > protocol="org.apache.coyote.http11.Http11NioProtocol" > > > sslImplementationName="org.apache.tomcat.util.net.openssl.OpenSSLImpl > ementation" > >maxThreads="150" minSpareThreads="25" > >URIEncoding="UTF-8" useBodyEncodingForURI="false" > >enableLookups="false" disableUploadTimeout="true" > >acceptCount="100" scheme="https" secure="true" > >SSLEnabled="true"> > > > disab > leSessionTickets="true" > > honor > CipherOrder="false" > > proto > cols="+TLSv1.2,+TLSv1.3"> I am using: protocol="org.apache.coyote.http11.Http11Nio2Protocol" and in combination with the native APR in place it does the correct thing, using OpenSSL - and the error shows that this is in place. The list of protocols can be either of those - see the https://tomcat.apache.org/tomcat-9.0-doc/config/http.html ciphers docs: The ciphers to enable using the OpenSSL syntax. (See the OpenSSL documentation for the list of ciphers supported and the syntax). Alternatively, a comma separated list of ciphers using the standard OpenSSL cipher names or the standard JSSE cipher names may be used. Your example does not have any TLS 1.3 cipher listet - so you just get the 3 defaults (which I want / need to change) - and as seen in the code it won't work anyway, because it does not call: SSL_CTX_set_ciphersuites() to set the 1.3 suites. kind regards Torsten - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Tomcat 9.0.59 - TLS 1.3 cipher configuration ignored (TLS 1.2 ok)
Am Freitag, dem 11.03.2022 um 10:09 +0100 schrieb Torsten Krah:
> So it seems like a bug to me, right?
I had a quick look on the JNI SSLContext code + the native
implementation:
TCN_IMPLEMENT_CALL(jboolean, SSL, setCipherSuites)(TCN_STDARGS, jlong ssl,
jstring ciphers)
{
jboolean rv = JNI_TRUE;
SSL *ssl_ = J2P(ssl, SSL *);
TCN_ALLOC_CSTRING(ciphers);
UNREFERENCED_STDARGS;
if (ssl_ == NULL) {
TCN_FREE_CSTRING(ciphers);
tcn_ThrowException(e, "ssl is null");
return JNI_FALSE;
}
UNREFERENCED(o);
if (!J2S(ciphers)) {
TCN_FREE_CSTRING(ciphers);
return JNI_FALSE;
}
if (!SSL_set_cipher_list(ssl_, J2S(ciphers))) {
char err[256];
ERR_error_string(SSL_ERR_get(), err);
tcn_Throw(e, "Unable to configure permitted SSL ciphers (%s)", err);
rv = JNI_FALSE;
}
TCN_FREE_CSTRING(ciphers);
return rv;
}
and this one does really use SSL_set_cipher_list even for TLS 1.3 -
that won't work.
Can anyone confirm that? Should I open a bug here:
https://bz.apache.org/bugzilla/enter_bug.cgi
about that?
kind regards
Torsten
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Tomcat 9.0.59 - TLS 1.3 cipher configuration ignored (TLS 1.2 ok)
Am Freitag, dem 11.03.2022 um 09:50 +0100 schrieb Torsten Krah: > (error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match) Reading that message and looking at: https://wiki.openssl.org/index.php/TLS1.3#Ciphersuites there it is written that with TLS 1.3: Applications should use the SSL_CTX_set_ciphersuites() or SSL_set_ciphersuites() functions to configure TLSv1.3 ciphersuites. Seems tomcat is using *SSL_CTX_set_cipher_list* instead of *SSL_CTX_set_ciphersuites* - maybe someone with knowledge here can confirm that theory. Reading: https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set_cipher_list.html there is this: SSL_CTX_set_cipher_list() sets the list of available ciphers (TLSv1.2 and below) for ctx using the control string str. The format of the string is described in openssl-ciphers(1). The list of ciphers is inherited by all ssl objects created from ctx. This function does not impact TLSv1.3 ciphersuites. Use SSL_CTX_set_ciphersuites() to configure those. So it seems like a bug to me, right? kind regards Torsten - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Tomcat 9.0.59 - TLS 1.3 cipher configuration ignored (TLS 1.2 ok)
Am Freitag, dem 11.03.2022 um 08:52 + schrieb Thomas Hoffmann (Speed4Trade GmbH): > Hello, > > the protocol attribute looks a bit strange. > > I think it should be: > > protocols="+TLSv1.2,+TLSv1.3"> I tried standalone TLS 1.3 like you suggested: protocols="+TLSv1.3" still the same exception: 11-Mar-2022 09:57:41.996 WARNUNG [main] org.apache.tomcat.util.net.openssl.OpenSSLContext.init Fehler beim initialisieren des SSL Contexts java.lang.Exception: Unable to configure permitted SSL ciphers (error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match) kind regards Torsten - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Tomcat 9.0.59 - TLS 1.3 cipher configuration ignored (TLS 1.2 ok)
Interesting exception on startup when using TLS 1.3 only - configured the connector like this: using only TLS 1.3 and the configured ciphers but now I get this on startup: 11-Mar-2022 09:43:42.753 WARNUNG [main] org.apache.tomcat.util.net.openssl.OpenSSLContext.init Fehler beim initialisieren des SSL Contexts java.lang.Exception: Unable to configure permitted SSL ciphers (error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match) at org.apache.tomcat.jni.SSLContext.setCipherSuite(Native Method) at org.apache.tomcat.util.net.openssl.OpenSSLContext.init(OpenSSLContext.java:329) at org.apache.tomcat.util.net.SSLUtilBase.createSSLContext(SSLUtilBase.java:245) at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:97) at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:71) at org.apache.tomcat.util.net.Nio2Endpoint.bind(Nio2Endpoint.java:144) at org.apache.tomcat.util.net.AbstractEndpoint.bindWithCleanup(AbstractEndpoint.java:1227) at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:1240) at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:603) at org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Protocol.java:80) at org.apache.catalina.connector.Connector.initInternal(Connector.java:1046) at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136) at org.apache.catalina.core.StandardService.initInternal(StandardService.java:556) at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136) at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:1042) at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136) at org.apache.catalina.startup.Catalina.load(Catalina.java:724) at org.apache.catalina.startup.Catalina.load(Catalina.java:746) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:568) at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:305) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:475) The cipher names does match: https://wiki.openssl.org/index.php/TLS1.3#Ciphersuites and https://datatracker.ietf.org/doc/html/rfc8446#appendix-B.4 I am lost at that point, maybe someone has an idea. kind regards Torsten - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
