search

mysql-net / MySqlConnector

MySQL Connector for .NET
https://mysqlconnector.net
MIT License
1.39k stars 337 forks source link

Support SSL Request V2 packet #1342

Open bgrainger opened 1 year ago

bgrainger commented 1 year ago

If https://github.com/mariadb-corporation/mariadb-connector-c/pull/227 is accepted, then MySqlConnector should also support the new TLS handshake.

Exact details are in that case and subject to change, but at a high level:

dlenski commented 1 year ago

Thanks for creating this!

As I just noted in https://github.com/mariadb-corporation/mariadb-connector-c/pull/227#issuecomment-1631431897

I also moved the CLIENT_CAN_SSL_V2 capability bit from the MariaDB extensions (1ULL << 37) to the shared MySQL/MariaDB capability bits (1ULL << 28).

MySQL is affected by these vulnerabilities as well, and if we want to enable a better TLS handshake for all client/server combinations, this capability bit needs to be sent between all client/server combinations.

I believe this will be necessary for non-MariaDB-specific clients like yours to receive the appropriate capability bit from the server (Server exposes "supports SSL Request V2" bit ).

dlenski commented 1 year ago
  • Client sends handshake response with "supports SSL Request V2" bit set

As it's currently implemented in https://github.com/mariadb-corporation/mariadb-connector-c/pull/227 and https://github.com/MariaDB/server/pull/2684, the client's initial (plaintext) packet will contain only the CLIENT_SSL bit.

However, in the post-TLS packet, the client should send the CLIENT_CAN_SSL_V2 bit, because this will allow the server to detect a downgrade attack in which a MITM has forced the client not to use the SSL V2 handshake.

https://github.com/MariaDB/server/pull/2684/files#diff-df544694418bef1c4bc6cdc5211ca133e7ad4d31901f16d0fdee8df6e4debe89R12792-R12813

bgrainger commented 1 year ago
  • Client sends handshake response with "supports SSL Request V2" bit set

However, in the post-TLS packet, the client should send the CLIENT_CAN_SSL_V2 bit

Yes, that's what I meant in my issue. The handshake packet is now only sent after TLS is negotiated (because what would have been the first "handshake response" is now replaced with "SSL Request V2").