LP #1462856: Newest RHEL/CentOS openssl update breaks mysql DHE

**Reported in Launchpad by Jacques Grove last update 20-07-2015 20:33:33

This is a problem in upstream as well, I am pretty sure:

The newest RHEL/CentOS/SL 6.6 openssl package (1.0.1e-30.el6_6.9 ; published around 6/4/2015) contains a fix for CVE-2015-4000 . RedHat's fix for this was to limit the use of any SSL DH key sizes to a minimum of 768 bits. This breaks any DHE SSL ciphers for MySQL clients as soon as you install the openssl update, since in vio/viosslfactories.c , the default DHPARAM is a 512 bit one. As far as I can tell this cannot be changed in configuration/runtime; and needs a recompile.

We should probably include and/or upstream this patch:

https://lists.fedoraproject.org/pipermail/scm-commits/2012-December/910767.html

Example:

If a user in a Percona 5.6.23-72.1-log server is setup with grant "require SSL", and the client (using the updated openssl package) executes:

1. mysql -u user -h serverhostname --ssl --ssl-cipher=DHE-RSA-AES256-SHA -p
   Enter password:
   ERROR 2026 (HY000): SSL connection error: error:00000001:lib(0):func(0):reason(1)

This will occur for any DHE cipher. Using a non-DHE cipher will work as expected.

Workaround:

• Downgrade the client openssl package to any version before 1.0.1e-30.el6_6.9; e.g. 0:1.0.1e-30.el6_6.8

• Alternatively, do not use DH ciphers. This is not acceptable because the supported non-DH ciphers do not afford any PFS protection.

Solution is for the server to present a 1024 bit DH param. This would:

• Avoid the problem with "fixed" client libraries.

• Still be small enough to avoid problems with some clients (e.g. older Java versions do not like DH params > 1024 bit)

• Improve security in general.