How to use SSL? (SSL is enabled but not used)

Hello,

I have setup a MySQL 5.1 server on Ubuntu Linux 10.4 and created an SSL
certificate and key. I updated the MySQL configuration to point to the
SSL files. There's no error message at startup in MySQL's error log.
(Before I granted the process access to the SSL files through AppArmor,
there was an error message that it couldn't get the SSL files, so I
assume MySQL really reads the file now.)

In MySQL Workbench 5.2.25 I enabled the use of SSL for the connection,
but the statement "show variables like '%ssl%'" doesn't show a value for
ssl_cipher. Here's the entire output:

have_openssl YES
have_ssl YES
ssl_ca
ssl_capath
ssl_cert /etc/ssl/private/cert-xxxx.de
ssl_cipher
ssl_key /etc/ssl/private/cert-xxxx.de

From the wording in the client, I believe that the SSL option is pretty
much useless. It reads that it will use SSL if it's available [in the
client library]. It probably wouldn't use it too if the server didn't
support it. So in the end, it may or may not use SSL to its own liking.

Where's the switch where I can force the use of SSL? I don't want to
send my authentication data in plain text over the network before I can
even verify that SSL is in use?

And still why doesn't it use SSL in my case?

--
Yves Goergen "LonelyPixel"
Visit my web laboratory at http://beta.unclassified.de

--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/mysql?unsub=gcdmg-mysql-2@m.gmane.org

Re: How to use SSL? (SSL is enabled but not used)

Does anybody know how to use SSL-secured connections to a MySQL server?
Has anybody done that at all?

In the manual I have now found the following statement:

http://dev.mysql.com/doc/refman/5.1/en/ssl-options.html
> Note that use of --ssl does not require an SSL connection. For
> example, if the server or client is compiled without SSL support, a
> normal unencrypted connection is used.

What's that supposed to mean? If there's no way to force the connection
into SSL, it is entirely useless. Anyone on the wire could simply
pretend that the server doesn't support SSL and so deny the encryption
and the client wouldn't even care...

I don't want to use REQUIRE SSL for an account that is regularly used
locally and doesn't need SSL. SSL should really be selected by the
client per connection when connecting from some other untrusted network.
The whole SSL thing looks pretty unfinished like that.

--
Yves Goergen "LonelyPixel"
Visit my web laboratory at http://beta.unclassified.de

--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/mysql?unsub=gcdmg-mysql-2@m.gmane.org

Re: How to use SSL? (SSL is enabled but not used)

On 8/9/2010 5:27 PM, Yves Goergen wrote:
> Does anybody know how to use SSL-secured connections to a MySQL server?
> Has anybody done that at all?
>
> In the manual I have now found the following statement:
>
> http://dev.mysql.com/doc/refman/5.1/en/ssl-options.html
>> Note that use of --ssl does not require an SSL connection. For
>> example, if the server or client is compiled without SSL support, a
>> normal unencrypted connection is used.
>
> What's that supposed to mean? If there's no way to force the connection
> into SSL, it is entirely useless. Anyone on the wire could simply
> pretend that the server doesn't support SSL and so deny the encryption
> and the client wouldn't even care...
>
> I don't want to use REQUIRE SSL for an account that is regularly used
> locally and doesn't need SSL. SSL should really be selected by the
> client per connection when connecting from some other untrusted network.
> The whole SSL thing looks pretty unfinished like that.
>

If you don't want to require SSL on the local connections then don't set
the flag on the @localhost account.

If you want the SSL required on the other connections, then set it on
the @'...' version of the account that the remote users login through.

All MySQL accounts are tripartate. They consist of: 1) a login (user),
2) a host designation (or wildcard pattern), and 3) a password. Use that
host portion of the account to make the distinction between local and
remote logins.

More about how the MySQL authentication works is available in the manual:
http://dev.mysql.com/doc/refman/5.1/en/user-account-manageme nt.html

--
Shawn Green
MySQL Principal Technical Support Engineer
Oracle USA, Inc.
Office: Blountville, TN

--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/mysql?unsub=gcdmg-mysql-2@m.gmane.org

Re: How to use SSL? (SSL is enabled but not used)

On Wed, 2010-08-11 at 14:23 -0400, Shawn Green (MySQL) wrote:
> On 8/9/2010 5:27 PM, Yves Goergen wrote:
> > What's that supposed to mean? If there's no way to force the connection
> > into SSL, it is entirely useless. Anyone on the wire could simply
> > pretend that the server doesn't support SSL and so deny the encryption
> > and the client wouldn't even care...
>
> If you don't want to require SSL on the local connections then don't
> set the flag on the @localhost account.
>
> If you want the SSL required on the other connections, then set it on
> the @'...' version of the account that the remote users login through.

Excuse me, but isn’t Yves exactly right here?

None of the client-side options (I tried --ssl, --ssl-ca=…,
--ssl-verify-server-cert, --ssl-key=…, --ssl-cipher=…) can currently be
used to force an SSL connection to be used. And requiring SSL from the
server side does nothing to stop man-in-the-middle attacks.

(Suppose Bob the SQL server grants some privileges to Alice the user
with SSL required. Now Alice can log in with her password over SSL and
gets denied over non-SSL. Great.

But now Mallory comes along and intercepts a connection from Alice
intended for Bob. Even if Bob would have claimed that he requires SSL,
nothing stops Mallory from claiming that she doesn’t require SSL.
Because Alice cannot force the use of SSL from the client side, Alice
will make a successful unencrypted connection to Mallory. Then Mallory
can accept the connection, ignoring Alice’s authentication, and steal
Alice’s data; or Mallory can make a separate SSL connection to Bob,
forward Alice’s authentication over it, then take over and issue evil
commands to Bob.)

This same issue was reported back in 2004 and ignored:
http://bugs.mysql.com/bug.php?id=3138

I think this is a serious security problem that demands more attention
than dismissal as documented behavior. To solve it, there needs to be a
way to force the use of SSL from the client side.

Anders



--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/mysql?unsub=gcdmg-mysql-2@m.gmane.org

Re: How to use SSL? (SSL is enabled but not used)

On 18.08.2010 00:02 CE(S)T, Anders Kaseorg wrote:
> This same issue was reported back in 2004 and ignored:
> http://bugs.mysql.com/bug.php?id=3138

Oh dear, 2004...

> I think this is a serious security problem that demands more attention
> than dismissal as documented behavior. To solve it, there needs to be a
> way to force the use of SSL from the client side.

I have another suggestion: remove SSL support from MySQL alltogether and
declare the protocol as unsafe and only use it over secure networks like
VPN.

Since MySQL is now Oracle and it's not Oracle's main business, regarding
recent bad news about Oracle, we can imagine what will happen this time.
Exactly! Nothing.

(Oh look, the "MySQL" guy already has an oracle.com e-mail address...)

--
Yves Goergen "LonelyPixel"
Visit my web laboratory at http://beta.unclassified.de

--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/mysql?unsub=gcdmg-mysql-2@m.gmane.org

Re: How to use SSL? (SSL is enabled but not used)

On Wed, 18 Aug 2010, Yves Goergen wrote:
> Since MySQL is now Oracle [â€=A6]

Yves, I think we should be treating this security issue seriously, and=20
working with Shawn and the MySQL team towards solving it constructively,=20
instead of just taking potshots at their new company.

Anders

--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/mysql?unsub=3Dgcdmg-mysql-2@m.gmane.o rg

Re: How to use SSL? (SSL is enabled but not used)

On 8/17/2010 6:02 PM, Anders Kaseorg wrote:
> On Wed, 2010-08-11 at 14:23 -0400, Shawn Green (MySQL) wrote:
>> On 8/9/2010 5:27 PM, Yves Goergen wrote:
>>> What's that supposed to mean? If there's no way to force the connection
>>> into SSL, it is entirely useless. Anyone on the wire could simply
>>> pretend that the server doesn't support SSL and so deny the encryption
>>> and the client wouldn't even care...
>> If you don't want to require SSL on the local connections then don't
>> set the flag on the @localhost account.
>>
>> If you want the SSL required on the other connections, then set it on
>> the @'...' version of the account that the remote users login through.
>
> Excuse me, but isn’t Yves exactly right here?
>
> None of the client-side options (I tried --ssl, --ssl-ca=…,
> --ssl-verify-server-cert, --ssl-key=…, --ssl-cipher=…) can currently be
> used to force an SSL connection to be used. And requiring SSL from the
> server side does nothing to stop man-in-the-middle attacks.
>
> (Suppose Bob the SQL server grants some privileges to Alice the user
> with SSL required. Now Alice can log in with her password over SSL and
> gets denied over non-SSL. Great.
>
> But now Mallory comes along and intercepts a connection from Alice
> intended for Bob. Even if Bob would have claimed that he requires SSL,
> nothing stops Mallory from claiming that she doesn’t require SSL.
> Because Alice cannot force the use of SSL from the client side, Alice
> will make a successful unencrypted connection to Mallory. Then Mallory
> can accept the connection, ignoring Alice’s authentication, and steal
> Alice’s data; or Mallory can make a separate SSL connection to Bob,
> forward Alice’s authentication over it, then take over and issue evil
> commands to Bob.)
>
> This same issue was reported back in 2004 and ignored:
> http://bugs.mysql.com/bug.php?id=3138
>
> I think this is a serious security problem that demands more attention
> than dismissal as documented behavior. To solve it, there needs to be a
> way to force the use of SSL from the client side.
>
> Anders
>
>
If the server specifies REQUIRES SSL then that client cannot connect
without going through the full SSL validation process. This means that
Mallory would need to present the same security credentials that Alice
has in order to qualify as a secure user (the same certs, same password,
login from the correct host, etc).

Your redirect has pointed out to me what I missed in Yves's first post.
In order for the client to require an SSL connection, you have to
designate a certificate for it to use for the connection.

From the same page but a few lines above the line he quoted
##
This option is not sufficient in itself to cause an SSL connection to be
used. You must also specify the --ssl-ca option, and possibly the
--ssl-cert and --ssl-key options.
##

So you can see that using just the --ssl option by itself is not
specific enough to designate which certificate a client is designated to
use. You can specify these options either on the command line or in the
configuration file used by the client (put them in the [mysql] section).

In your simulated MITM attack, if Alice was using the specific --ssl-*
options on her connection attempt, then Mallory would need to hold the
server-side equivalents in order to pose as the server. Since the
likelihood of this is small (except in the case of a physical hack of
the server's cert files which no amount of digital manipulation can
really avoid) then Mallory would be unable to pose as Bob and the
intercept would fail.

Does this help close the security hole you perceived in our SSL
implementation?

--
Shawn Green
MySQL Principal Technical Support Engineer
Oracle USA, Inc.
Office: Blountville, TN

--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/mysql?unsub=gcdmg-mysql-2@m.gmane.org

Re: How to use SSL? (SSL is enabled but not used)

On 8/17/2010 6:13 PM, Yves Goergen wrote:
> ... snip ...
>
> (Oh look, the "MySQL" guy already has an oracle.com e-mail address...)
>

And for a for about two years before that, I had a sun.com email
address, too. MySQL has not been an independent company for quite a
while. Google it if you don't believe me. Sun made many headlines when
they bought MySQL for one billion (1000000000) US Dollars.

I still work for MySQL (the combined products) even if there no longer
is a MySQL, Inc. (the company).
--
Shawn Green
MySQL Principal Technical Support Engineer
Oracle USA, Inc.
Office: Blountville, TN

--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/mysql?unsub=gcdmg-mysql-2@m.gmane.org

Re: How to use SSL? (SSL is enabled but not used)

On Wed, 18 Aug 2010, Shawn Green (MySQL) wrote:
> If the server specifies REQUIRES SSL then that client cannot connect=20
> without going through the full SSL validation process. This means that=20
> Mallory would need to present the same security credentials that Alice=20
> has in order to qualify as a secure user (the same certs, same password,=
=20
> login from the correct host, etc).

Mallory got the username and hashed password from Alice over the=20
unencrypted connection, and we assume that Mallory, like any good MITM,=20
has the ability to intercept and forge traffic for arbitrary hosts. So=20
this attack goes through against anyone using passwords over SSL. This=20
already constitutes a vulnerability.

Setting up client certificates does help to prevent this form of attack=20
where Mallory tries to issue evil commands to Bob. It does not, however,=
=20
prevent the attack where Mallory ignores Bob, and uses only the=20
unencrypted connection to steal data from Alice or poison her with false=20
data. This also constitutes a vulnerability, which, as far as I can see,=
=20
cannot be prevented in any way with the current MySQL software.

> Your redirect has pointed out to me what I missed in Yves's first post.=
=20
> In order for the client to require an SSL connection, you have to=20
> designate a certificate for it to use for the connection.

No, that doesnâ€=99t work either! Against a server with SSL disabled:

$ mysql --ssl --ssl-verify-server-cert \
--ssl-ca=3D/etc/ssl/certs/ca-certificates.crt \
--ssl-cert=3DPrivate/andersk.pem \
--ssl-key=3DPrivate/andersk.pem \
-h MY-SERVER
Welcome to the MySQL monitor. Commands end with ; or \g.
â€=A6
mysql> \s
--------------
mysql Ver 14.14 Distrib 5.1.49, for debian-linux-gnu (x86_64) using readli=
ne 6.1
â€=A6
SSL: =09Not in use

> From the same page but a few lines above the line he quoted
> ##
> This option is not sufficient in itself to cause an SSL connection to be =
used.
> You must also specify the --ssl-ca option, and possibly the --ssl-cert an=
d
> --ssl-key options.
> ##

This documentation appears to be wrong.

Anders

--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/mysql?unsub=3Dgcdmg-mysql-2@m.gmane.o rg

Re: How to use SSL? (SSL is enabled but not used)

On 8/18/2010 2:22 PM, Anders Kaseorg wrote:
> On Wed, 18 Aug 2010, Shawn Green (MySQL) wrote:
>> If the server specifies REQUIRES SSL then that client cannot connect
>> without going through the full SSL validation process. This means that
>> Mallory would need to present the same security credentials that Alice
>> has in order to qualify as a secure user (the same certs, same password,
>> login from the correct host, etc).
>
> Mallory got the username and hashed password from Alice over the
> unencrypted connection, and we assume that Mallory, like any good MITM,
> has the ability to intercept and forge traffic for arbitrary hosts. So
> this attack goes through against anyone using passwords over SSL. This
> already constitutes a vulnerability.
>
> Setting up client certificates does help to prevent this form of attack
> where Mallory tries to issue evil commands to Bob. It does not, however,
> prevent the attack where Mallory ignores Bob, and uses only the
> unencrypted connection to steal data from Alice or poison her with false
> data. This also constitutes a vulnerability, which, as far as I can see,
> cannot be prevented in any way with the current MySQL software.
>
>> Your redirect has pointed out to me what I missed in Yves's first post.
>> In order for the client to require an SSL connection, you have to
>> designate a certificate for it to use for the connection.
>
> No, that doesn’t work either! Against a server with SSL disabled:
>
> $ mysql --ssl --ssl-verify-server-cert \
> --ssl-ca=/etc/ssl/certs/ca-certificates.crt \
> --ssl-cert=Private/andersk.pem \
> --ssl-key=Private/andersk.pem \
> -h MY-SERVER
> Welcome to the MySQL monitor. Commands end with ; or \g.
> …
> mysql> \s
> --------------
> mysql Ver 14.14 Distrib 5.1.49, for debian-linux-gnu (x86_64) using readline 6.1
> …
> SSL: Not in use
>
>> From the same page but a few lines above the line he quoted
>> ##
>> This option is not sufficient in itself to cause an SSL connection to be used.
>> You must also specify the --ssl-ca option, and possibly the --ssl-cert and
>> --ssl-key options.
>> ##
>
> This documentation appears to be wrong.
>
> Anders

Excellent logic.

I have updated bug #3138 with a private comment to explain your
presentation of the vulnerability.
http://bugs.mysql.com/bug.php?id=3138

--
Shawn Green
MySQL Principal Technical Support Engineer
Oracle USA, Inc.
Office: Blountville, TN

--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/mysql?unsub=gcdmg-mysql-2@m.gmane.org

Re: How to use SSL? (SSL is enabled but not used)

On Aug 18, 2010, at 1:34 PM, Shawn Green (MySQL) wrote:

> On 8/18/2010 2:22 PM, Anders Kaseorg wrote:
>> On Wed, 18 Aug 2010, Shawn Green (MySQL) wrote:
>>> If the server specifies REQUIRES SSL then that client cannot connect =
without going through the full SSL validation process. This means that =
Mallory would need to present the same security credentials that Alice =
has in order to qualify as a secure user (the same certs, same password, =
login from the correct host, etc).
>> Mallory got the username and hashed password from Alice over the =
unencrypted connection, and we assume that Mallory, like any good MITM, =
has the ability to intercept and forge traffic for arbitrary hosts. So =
this attack goes through against anyone using passwords over SSL. This =
already constitutes a vulnerability.
>> Setting up client certificates does help to prevent this form of =
attack where Mallory tries to issue evil commands to Bob. It does not, =
however, prevent the attack where Mallory ignores Bob, and uses only the =
unencrypted connection to steal data from Alice or poison her with false =
data. This also constitutes a vulnerability, which, as far as I can =
see, cannot be prevented in any way with the current MySQL software.
>>> Your redirect has pointed out to me what I missed in Yves's first =
post. In order for the client to require an SSL connection, you have to =
designate a certificate for it to use for the connection.
>> No, that doesn=92t work either! Against a server with SSL disabled:
>> $ mysql --ssl --ssl-verify-server-cert \
>> --ssl-ca=3D/etc/ssl/certs/ca-certificates.crt \
>> --ssl-cert=3DPrivate/andersk.pem \
>> --ssl-key=3DPrivate/andersk.pem \
>> -h MY-SERVER
>> Welcome to the MySQL monitor. Commands end with ; or \g.
>> =85
>> mysql> \s
>> --------------
>> mysql Ver 14.14 Distrib 5.1.49, for debian-linux-gnu (x86_64) using =
readline 6.1
>> =85
>> SSL: Not in use
>>> =46rom the same page but a few lines above the line he quoted
>>> ##
>>> This option is not sufficient in itself to cause an SSL connection =
to be used.
>>> You must also specify the --ssl-ca option, and possibly the =
--ssl-cert and
>>> --ssl-key options.
>>> ##
>> This documentation appears to be wrong.
>> Anders
>=20
> Excellent logic.
>=20
> I have updated bug #3138 with a private comment to explain your =
presentation of the vulnerability.
> http://bugs.mysql.com/bug.php?id=3D3138

Shawn, Anders, Yves,

For what it's worth, the MySQL JDBC driver has had client-side SSL =
require (i.e. "requireSSL=3Dtrue") since 2003 and the ADO.Net driver has =
had "SSL Mode=3DRequired" since 2009.

-Mark
--=20
Mark Matthews
Principal Software Developer - MySQL Enterprise Tools
Oracle
http://www.mysql.com/products/enterprise/monitor.html








--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/mysql?unsub=3Dgcdmg-mysql-2@m.gmane.o rg

Re: How to use SSL? (SSL is enabled but not used)

On 18.08.2010 20:42 CE(S)T, Mark Matthews wrote:
> For what it's worth, the MySQL JDBC driver has had client-side SSL
> require (i.e. "requireSSL=true") since 2003 and the ADO.Net driver
> has had "SSL Mode=Required" since 2009.

Cool, so would it be possible to also have this in the MySQL Workbench
client which seems to be .NET-based?

--
Yves Goergen "LonelyPixel"
Visit my web laboratory at http://beta.unclassified.de

--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/mysql?unsub=gcdmg-mysql-2@m.gmane.org