Percona Server moved to https://jira.percona.com/projects/PS

Newest RHEL/CentOS openssl update breaks mysql DHE

Bug #1462856 reported by Jacques Grove on 2015-06-08

This bug affects 11 people

	Status	Importance	Assigned to	Milestone
MySQL Server	Unknown	Unknown	mysql-bugs #77275
Percona Server moved to https://jira.percona.com/projects/PS	Fix Released	High	Laurynas Biveinis	Percona Server moved to https://jira.percona.com/projects/PS 5.6.25-73.0
5.5	Fix Released	High	Laurynas Biveinis	Percona Server moved to https://jira.percona.com/projects/PS 5.5.44-37.3
5.6	Fix Released	High	Laurynas Biveinis	Percona Server moved to https://jira.percona.com/projects/PS 5.6.25-73.0

Bug Description

This is a problem in upstream as well, I am pretty sure:

The newest RHEL/CentOS/SL 6.6 openssl package (1.0.1e-30.el6_6.9 ; published around 6/4/2015) contains a fix for CVE-2015-4000 . RedHat's fix for this was to limit the use of any SSL DH key sizes to a minimum of 768 bits. This breaks any DHE SSL ciphers for MySQL clients as soon as you install the openssl update, since in vio/viosslfactories.c , the default DHPARAM is a 512 bit one. As far as I can tell this cannot be changed in configuration/runtime; and needs a recompile.

We should probably include and/or upstream this patch:

https://lists.fedoraproject.org/pipermail/scm-commits/2012-December/910767.html

Example:

If a user in a Percona 5.6.23-72.1-log server is setup with grant "require SSL", and the client (using the updated openssl package) executes:
# mysql -u user -h serverhostname --ssl --ssl-cipher=DHE-RSA-AES256-SHA -p
Enter password:
ERROR 2026 (HY000): SSL connection error: error:00000001:lib(0):func(0):reason(1)

This will occur for any DHE cipher. Using a non-DHE cipher will work as expected.

Workaround:
* Downgrade the client openssl package to any version before 1.0.1e-30.el6_6.9; e.g. 0:1.0.1e-30.el6_6.8
* Alternatively, do not use DH ciphers. This is not acceptable because the supported non-DH ciphers do not afford any PFS protection.

Solution is for the server to present a 1024 bit DH param. This would:

* Avoid the problem with "fixed" client libraries.
* Still be small enough to avoid problems with some clients (e.g. older Java versions do not like DH params > 1024 bit)
* Improve security in general.

Tags:

CVE References

2015-4000

Revision history for this message

Valerii Kravchuk (valerii-kravchuk) wrote on 2015-06-08:

It's clear that both upstream MySQL and Percona Server are ffected (I've checked 5.6 branches below):

[openxs@chief mysql-server]$ git pull
Already up-to-date.
[openxs@chief mysql-server]$ grep -rn dh512_p *
extra/yassl/src/yassl.cpp:89: static unsigned char dh512_p[] =
extra/yassl/src/yassl.cpp:105: base.dh_->p = BN_bin2bn(dh512_p, sizeof(dh512_p), 0);
vio/viosslfactories.c:23:static unsigned char dh512_p[]=
vio/viosslfactories.c:42: dh->p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL);
[openxs@chief mysql-server]$ grep -rn dh1024_p *
extra/yassl/testsuite/test.hpp:486: static unsigned char dh1024_p[] =
extra/yassl/testsuite/test.hpp:508: dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), 0);
[openxs@chief mysql-server]$ cd ../percona-server/
[openxs@chief percona-server]$ grep -rn dh512_p *
extra/yassl/src/yassl.cpp:89: static unsigned char dh512_p[] =
extra/yassl/src/yassl.cpp:105: base.dh_->p = BN_bin2bn(dh512_p, sizeof(dh512_p), 0);
vio/viosslfactories.c:23:static unsigned char dh512_p[]=
vio/viosslfactories.c:42: dh->p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL);
[openxs@chief percona-server]$ grep -rn dh1024_p *
extra/yassl/testsuite/test.hpp:486: static unsigned char dh1024_p[] =
extra/yassl/testsuite/test.hpp:508: dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), 0);
[openxs@chief percona-server]$ git branch
* 5.6

Do you prefer to report upstream bug yourself to get a credit?

tags:

added: upstream

Revision history for this message

Jacques Grove (aquarapid) wrote on 2015-06-08:

Logged upstream as http://bugs.mysql.com/77275

Revision history for this message

Tomas Hoger (thoger) wrote on 2015-06-08:

MariaDB bug and fix in 10.0.18:

https://mariadb.atlassian.net/browse/MDEV-7695
https://github.com/MariaDB/server/commit/7e7dd8e

Revision history for this message

Chris Calender (chriscalender) wrote on 2015-06-09:

Fix will also appear in MariaDB 5.5.44.

Revision history for this message

Mischa ter Smitten (mischa-ter-smitten) wrote on 2015-06-12:

The problem is also present in Ubuntu after installing http://www.ubuntu.com/usn/usn-2639-1/

Revision history for this message

Dan Benton (dogsbody) wrote on 2015-06-14:

How can we downgrade OpenSSL when it seems all the packages have been removed from the repo's? :-/

$ sudo apt-get install openssl=1.0.1f-1ubuntu2.12
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Version '1.0.1f-1ubuntu2.12' for 'openssl' was not found

$ apt-cache showpkg openssl
[...]
Provides:
1.0.1f-1ubuntu2.15 -
1.0.1f-1ubuntu2 -

1.0.1f-1ubuntu2.15 is the version that has broken our databases :-/

Revision history for this message

Teodor Milkov (tm-del) wrote on 2015-06-14:

percona mysql server also broken on Debian now after DSA 3287-1 went live: https://lists.debian.org/debian-security-announce/2015/msg00182.html

Revision history for this message

Dan Benton (dogsbody) wrote on 2015-06-14:

Found the packages in the local cache on all our servers.

Rolled back with...
sudo dpkg -i /var/cache/apt/archives/libssl1.0.0_1.0.1f-1ubuntu2.12_amd64.deb
sudo dpkg -i /var/cache/apt/archives/openssl_1.0.1f-1ubuntu2.12_amd64.deb

David Busby (d-busby) on 2015-06-19

tags:

added: security

Revision history for this message

Laurynas Biveinis (laurynas-biveinis) wrote on 2015-06-19:

#10

https://github.com/percona/percona-server/pull/90
https://github.com/percona/percona-server/pull/91

Revision history for this message

Dan Benton (dogsbody) wrote on 2015-06-24:

#11

Thank you for fixing this issue. Any ideas when a new package will be released to the repo's so we can test it?

Revision history for this message

Hrvoje Matijakovic (hrvojem) wrote on 2015-06-25:

#12

Packages are now available in our testing repos (https://www.percona.com/doc/percona-server/5.5/installation/apt_repo.html#percona-apt-testing-repository) so you can give them a try.

Revision history for this message

jolan (jolan) wrote on 2015-06-25:

#13

Are xtradb cluster builds being done by a different team? I don't see an update for that in the testing repo.

Revision history for this message

Hrvoje Matijakovic (hrvojem) wrote on 2015-06-26:

#14

@jolan - PXC will be fixed in the next/upcoming release.

Revision history for this message

Stephen Colebrook (scolebrook) wrote on 2015-06-26:

#15

@hrvojem Any rough timeframe on when we might see that release?

Sveta Smirnova (svetasmirnova) on 2015-07-20

tags:

added: i57089

Revision history for this message

Shahriyar Rzayev (rzayev-sehriyar) wrote on 2018-01-25:

#16

Percona now uses JIRA for bug reports so this bug report is migrated to: https://jira.percona.com/browse/PS-906

Report a bug

This report contains Public information

Everyone can see this information.

Duplicates of this bug

Bug #1464683

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

mysql-bugs #77275 Edit

Bug watches keep track of this bug in other bug trackers.