[Ubuntu-ha] [Bug 1841936] Re: Rebuild haproxy with openssl 1.1.1 will change features (bionic)

[Christian Ehrhardt ]

PPA: https://launchpad.net/~paelzer/+archive/ubuntu/bug-1841936-haproxy-
openssl

Tested:
a) load dh params from file
b) Test default (without config) size
c) Test config with higher size

Remember, even the broken default config said in the log:
WARNING] 295/095512 (19391) : Setting tune.ssl.default-dh-param to 1024 by 
default, if your workload permits it you should set it to at least 2048. Please 
set a value >= 1024 to make this warning disappear
But that was wrong (as you see above) and even setting so didn't change 
anything at all.

Pre-Fix:
 1024 Warning is shown
 DH group offered:            RFC5114/2048-bit DSA group with 224-bit prime 
order subgroup (2048 bits)

With Fix:
a) load dh params from file
 NO 1024 Warning is shown
 DH group offered:            Unknown DH group (1024 bits)
 That matches my custom key that I have set
b) Test default (without config) size
 1024 Warning is shown
 DH group offered:            HAProxy (1024 bits)
c) Test config with higher size
 NO 1024 Warning is shown
 DH group offered:            HAProxy (2048 bits)

That finally is as one would expect.
This allows us to fix Disco-Focal and to rebuild the one in Bionic without 
regressing.

I need to modify the SRU Template as it has different regression
statements for those than for Bionic.

And per policy Focal has to be done before the SRUs.
Marking bug tasks accordingly.


** Also affects: haproxy (Ubuntu Eoan)
   Importance: Undecided
       Status: New

** Also affects: haproxy (Ubuntu Focal)
   Importance: Medium
       Status: Fix Released

** Also affects: haproxy (Ubuntu Disco)
   Importance: Undecided
       Status: New

** Changed in: haproxy (Ubuntu Eoan)
       Status: New => Triaged

** Changed in: haproxy (Ubuntu Focal)
       Status: Fix Released => Triaged

** Changed in: haproxy (Ubuntu Disco)
       Status: New => Triaged

** Changed in: haproxy (Ubuntu Bionic)
       Status: In Progress => Triaged

** Changed in: haproxy (Ubuntu Disco)
     Assignee: (unassigned) => Christian Ehrhardt  (paelzer)

** Changed in: haproxy (Ubuntu Eoan)
     Assignee: (unassigned) => Christian Ehrhardt  (paelzer)

** Changed in: haproxy (Ubuntu Focal)
     Assignee: (unassigned) => Christian Ehrhardt  (paelzer)

** Summary changed:

- Rebuild haproxy with openssl 1.1.1 will change features (bionic)
+ Rebuild openssl 1.1.1 to pickup TLSv1.3 (bionic) and unbreak existing builds 
against 1.1.1 (dh key size)

-- 
You received this bug notification because you are a member of Ubuntu
High Availability Team, which is subscribed to haproxy in Ubuntu.
https://bugs.launchpad.net/bugs/1841936

Title:
  Rebuild openssl 1.1.1 to pickup TLSv1.3 (bionic) and unbreak existing
  builds against 1.1.1 (dh key size)

Status in HAProxy:
  Fix Released
Status in haproxy package in Ubuntu:
  Triaged
Status in haproxy source package in Bionic:
  Triaged
Status in haproxy source package in Disco:
  Triaged
Status in haproxy source package in Eoan:
  Triaged
Status in haproxy source package in Focal:
  Triaged

Bug description:
  [Impact]

   * openssl 1.1.1 has been backported to Bionic for its longer
     support upstream period

   * That would allow the extra feature of TLSv1.3 in some consuming
     packages what seems "for free". Just with a no change rebuild it would
     pick that up.

  [Test Case]

   * run "haproxy -vv" and check the reported TLS versions to include
  1.3

  [Regression Potential]

   * This should be low, the code already runs against the .so of the newer
     openssl library. This would only make it recognize the newer TLS
     support.
     i'd expect more trouble as-is with the somewhat big delta between what
     it was built against vs what it runs with than afterwards.
   * [1] and [2]  indicate that any config that would have been made for
     TLSv1.2 [1] would not apply to the v1.3 as it would be configured in
     [2].
     It is good to have no entry for [2] yet as following the defaults of
     openssl is the safest as that would be updated if new insights/CVEs are
     known.
     But this could IMHO be the "regression that I'd expect", one explcitly
     configured the v1.2 things and once both ends support v1.3 that might
     be auto-negotiated. One can then set "force-tlsv12" but that is an
     administrative action [3]
   * Yet AFAIK this fine grained control [2] for TLSv1.3 only exists in
     >=1.8.15 [4] and Bionic is on haproxy 1.8.8. So any user of TLSv1.3 in
     Bionic haproxy would have to stay without that. There are further 
     changes to TLS v1.3 handling enhancements [5] but also fixes [6] which 
     aren't in 1.8.8 in Bionic.
     So one could say enabling this will enable an inferior TLSv1.3 and one
     might better not enable it, for an SRU the bar to not break old 
     behavior is intentionally high - I tried to provide as much as possible 
     background, the decision is up to the SRU team.

  [1]: 
https://cbonte.github.io/haproxy-dconv/1.8/configuration.html#3.1-ssl-default-bind-ciphers
  [2]: 
https://cbonte.github.io/haproxy-dconv/1.8/configuration.html#3.1-ssl-default-bind-ciphersuites
  [3]: 
https://www.haproxy.com/documentation/hapee/1-8r2/traffic-management/tls/#define-bind-directives-on-the-frontend
  [4]: https://github.com/haproxy/haproxy/blob/master/CHANGELOG#L2131
  [5]: 
https://github.com/haproxy/haproxy/commit/526894ff3925d272c13e57926aa6b5d9d8ed5ee3
  [6]: 
https://github.com/haproxy/haproxy/commit/bc34cd1de2ee80de63b5c4d319a501fc0d4ea2f5

  [Other Info]

   * If this is nack'ed we will need an upload that prevents to enable
     TLSv1.3 to avoid enabling it by accident on e.g. a security update.

  ---

  haproxy needs to be rebuilt after #1797386 to take advantage of
  TLSv1.3.

  (If that's not desirable for some reason, then maybe TLSv1.3 should be
  actively disabled to avoid any surprises in case of a future bug fix
  release.)

  ---

  Output of haproxy -vv with stock package:

  Built with OpenSSL version : OpenSSL 1.1.0g  2 Nov 2017
  Running on OpenSSL version : OpenSSL 1.1.1  11 Sep 2018 (VERSIONS DIFFER!)
  OpenSSL library supports TLS extensions : yes
  OpenSSL library supports SNI : yes
  OpenSSL library supports : TLSv1.0 TLSv1.1 TLSv1.2

  ---

  Output after rebuilding the package from source:

  Built with OpenSSL version : OpenSSL 1.1.1  11 Sep 2018
  Running on OpenSSL version : OpenSSL 1.1.1  11 Sep 2018
  OpenSSL library supports TLS extensions : yes
  OpenSSL library supports SNI : yes
  OpenSSL library supports : TLSv1.0 TLSv1.1 TLSv1.2 TLSv1.3

To manage notifications about this bug go to:
https://bugs.launchpad.net/haproxy/+bug/1841936/+subscriptions

_______________________________________________
Mailing list: https://launchpad.net/~ubuntu-ha
Post to     : ubuntu-ha@lists.launchpad.net
Unsubscribe : https://launchpad.net/~ubuntu-ha
More help   : https://help.launchpad.net/ListHelp