Skip to content

tls: remove deprecated cipher suites from client defaults.#13850

Merged
mattklein123 merged 4 commits intoenvoyproxy:masterfrom
PiotrSikora:tls_client
Nov 2, 2020
Merged

tls: remove deprecated cipher suites from client defaults.#13850
mattklein123 merged 4 commits intoenvoyproxy:masterfrom
PiotrSikora:tls_client

Conversation

@PiotrSikora
Copy link
Copy Markdown
Contributor

@PiotrSikora PiotrSikora commented Nov 1, 2020

Fixes #5396, #5397.

Signed-off-by: Piotr Sikora [email protected]

mattklein123
mattklein123 requested changes Nov 1, 2020
View reviewed changes
Copy link
Copy Markdown
Member

@mattklein123 mattklein123 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for keeping is up to date. Should this have a release note?

/wait

@mattklein123 mattklein123 self-assigned this Nov 1, 2020
mattklein123
mattklein123 reviewed Nov 2, 2020
View reviewed changes
test/extensions/transport_sockets/tls/ssl_socket_test.cc
client.mutable_common_tls_context()->mutable_tls_params();

// Note: There aren't any valid TLSv1.0 or TLSv1.1 cipher suites enabled by default,
// so enable them to avoid false positives.
Copy link
Copy Markdown
Member

@mattklein123 mattklein123 Nov 2, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry what do you mean false positives? Do you just mean the test requires the use of non-default ciphers? Should we actually verify somehow that we don't negotiate with the new removed ciphers?

/wait

Copy link
Copy Markdown
Contributor Author

@PiotrSikora PiotrSikora Nov 2, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This particular test (ProtocolVersions) verifies that we always negotiate the correct protocol version, and it enables/disables the non-default protocol versions in order to cover all variants.

However, now that we disabled all deprecated cipher suites, enabling TLSv1.0 or TLSv1.1 is no longer sufficient, since none of the new default cipher suites work for those older protocol versions, so the list of available cipher suites for them is effectively empty, and we need to enable older cipher suites in order to successfully negotiate those older protocol versions.

By "false positives" I mean that enabling those cipher suites let's us verify that those older protocol versions are rejected because of the protocol version negotiation, and not because no cipher suites can be negotiated.

I can add few cases to verify that we don't negotiate removed ciphers when using default config in a bit.

Copy link
Copy Markdown
Contributor Author

@PiotrSikora PiotrSikora Nov 2, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added, PTAL

Copy link
Copy Markdown
Member

@mattklein123 mattklein123 Nov 2, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

OK I see. Would it be better to split this out into multiple tests, one for each protocol version? It's kind of confusing that this is all mixed together? WDYT?

/wait-any

Copy link
Copy Markdown
Contributor Author

@PiotrSikora PiotrSikora Nov 2, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There are 16 cases in the ProtocolVersions test that are well commented and very readable, IMHO:

envoy/test/extensions/transport_sockets/tls/ssl_socket_test.cc

Lines 3692 to 3864 in 0922233

// Connection using defaults (client & server) succeeds, negotiating TLSv1.2.
TestUtilOptionsV2 tls_v1_2_test_options =
createProtocolTestOptions(listener, client, GetParam(), "TLSv1.2");
testUtilV2(tls_v1_2_test_options);
// Connection using defaults (client & server) succeeds, negotiating TLSv1.2,
// even with client renegotiation.
client.set_allow_renegotiation(true);
testUtilV2(tls_v1_2_test_options);
client.set_allow_renegotiation(false);
// Connection using TLSv1.0 (client) and defaults (server) succeeds.
client_params->set_tls_minimum_protocol_version(
envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLSv1_0);
client_params->set_tls_maximum_protocol_version(
envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLSv1_0);
TestUtilOptionsV2 tls_v1_test_options =
createProtocolTestOptions(listener, client, GetParam(), "TLSv1");
testUtilV2(tls_v1_test_options);
client_params->clear_tls_minimum_protocol_version();
client_params->clear_tls_maximum_protocol_version();
// Connection using TLSv1.1 (client) and defaults (server) succeeds.
client_params->set_tls_minimum_protocol_version(
envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLSv1_1);
client_params->set_tls_maximum_protocol_version(
envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLSv1_1);
TestUtilOptionsV2 tls_v1_1_test_options =
createProtocolTestOptions(listener, client, GetParam(), "TLSv1.1");
testUtilV2(tls_v1_1_test_options);
client_params->clear_tls_minimum_protocol_version();
client_params->clear_tls_maximum_protocol_version();
// Connection using TLSv1.2 (client) and defaults (server) succeeds.
client_params->set_tls_minimum_protocol_version(
envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLSv1_2);
client_params->set_tls_maximum_protocol_version(
envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLSv1_2);
testUtilV2(tls_v1_2_test_options);
client_params->clear_tls_minimum_protocol_version();
client_params->clear_tls_maximum_protocol_version();
// Connection using TLSv1.3 (client) and defaults (server) succeeds.
client_params->set_tls_minimum_protocol_version(
envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLSv1_3);
client_params->set_tls_maximum_protocol_version(
envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLSv1_3);
TestUtilOptionsV2 tls_v1_3_test_options =
createProtocolTestOptions(listener, client, GetParam(), "TLSv1.3");
TestUtilOptionsV2 error_test_options(listener, client, false, GetParam());
error_test_options.setExpectedServerStats("ssl.connection_error")
.setExpectedTransportFailureReasonContains("TLSV1_ALERT_PROTOCOL_VERSION");
testUtilV2(tls_v1_3_test_options);
client_params->clear_tls_minimum_protocol_version();
client_params->clear_tls_maximum_protocol_version();
// Connection using TLSv1.0-1.3 (client) and defaults (server) succeeds.
client_params->set_tls_minimum_protocol_version(
envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLSv1_0);
client_params->set_tls_maximum_protocol_version(
envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLSv1_3);
testUtilV2(tls_v1_3_test_options);
client_params->clear_tls_minimum_protocol_version();
client_params->clear_tls_maximum_protocol_version();
// Connection using TLSv1.0 (client) and TLSv1.0-1.3 (server) succeeds.
client_params->set_tls_minimum_protocol_version(
envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLSv1_0);
client_params->set_tls_maximum_protocol_version(
envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLSv1_0);
server_params->set_tls_minimum_protocol_version(
envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLSv1_0);
server_params->set_tls_maximum_protocol_version(
envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLSv1_3);
testUtilV2(tls_v1_test_options);
client_params->clear_tls_minimum_protocol_version();
client_params->clear_tls_maximum_protocol_version();
server_params->clear_tls_minimum_protocol_version();
server_params->clear_tls_maximum_protocol_version();
// Connection using TLSv1.3 (client) and TLSv1.0-1.3 (server) succeeds.
client_params->set_tls_minimum_protocol_version(
envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLSv1_3);
client_params->set_tls_maximum_protocol_version(
envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLSv1_3);
server_params->set_tls_minimum_protocol_version(
envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLSv1_0);
server_params->set_tls_maximum_protocol_version(
envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLSv1_3);
testUtilV2(tls_v1_3_test_options);
client_params->clear_tls_minimum_protocol_version();
client_params->clear_tls_maximum_protocol_version();
server_params->clear_tls_minimum_protocol_version();
server_params->clear_tls_maximum_protocol_version();
TestUtilOptionsV2 unsupported_protocol_test_options(listener, client, false, GetParam());
unsupported_protocol_test_options.setExpectedServerStats("ssl.connection_error")
.setExpectedTransportFailureReasonContains("UNSUPPORTED_PROTOCOL");
// Connection using defaults (client) and TLSv1.0 (server) fails.
server_params->set_tls_minimum_protocol_version(
envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLSv1_0);
server_params->set_tls_maximum_protocol_version(
envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLSv1_0);
testUtilV2(unsupported_protocol_test_options);
server_params->clear_tls_minimum_protocol_version();
server_params->clear_tls_maximum_protocol_version();
// Connection using defaults (client) and TLSv1.1 (server) fails.
server_params->set_tls_minimum_protocol_version(
envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLSv1_1);
server_params->set_tls_maximum_protocol_version(
envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLSv1_1);
testUtilV2(unsupported_protocol_test_options);
server_params->clear_tls_minimum_protocol_version();
server_params->clear_tls_maximum_protocol_version();
// Connection using defaults (client) and TLSv1.2 (server) succeeds.
server_params->set_tls_minimum_protocol_version(
envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLSv1_2);
server_params->set_tls_maximum_protocol_version(
envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLSv1_2);
testUtilV2(tls_v1_2_test_options);
server_params->clear_tls_minimum_protocol_version();
server_params->clear_tls_maximum_protocol_version();
// Connection using defaults (client) and TLSv1.3 (server) fails.
server_params->set_tls_minimum_protocol_version(
envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLSv1_3);
server_params->set_tls_maximum_protocol_version(
envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLSv1_3);
testUtilV2(error_test_options);
server_params->clear_tls_minimum_protocol_version();
server_params->clear_tls_maximum_protocol_version();
// Connection using defaults (client) and TLSv1.0-1.3 (server) succeeds.
server_params->set_tls_minimum_protocol_version(
envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLSv1_0);
server_params->set_tls_maximum_protocol_version(
envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLSv1_3);
testUtilV2(tls_v1_2_test_options);
server_params->clear_tls_minimum_protocol_version();
server_params->clear_tls_maximum_protocol_version();
// Connection using TLSv1.0-TLSv1.3 (client) and TLSv1.0 (server) succeeds.
client_params->set_tls_minimum_protocol_version(
envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLSv1_0);
client_params->set_tls_maximum_protocol_version(
envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLSv1_3);
server_params->set_tls_minimum_protocol_version(
envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLSv1_0);
server_params->set_tls_maximum_protocol_version(
envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLSv1_0);
testUtilV2(tls_v1_test_options);
client_params->clear_tls_minimum_protocol_version();
client_params->clear_tls_maximum_protocol_version();
server_params->clear_tls_minimum_protocol_version();
server_params->clear_tls_maximum_protocol_version();
// Connection using TLSv1.0-TLSv1.3 (client) and TLSv1.3 (server) succeeds.
client_params->set_tls_minimum_protocol_version(
envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLSv1_0);
client_params->set_tls_maximum_protocol_version(
envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLSv1_3);
server_params->set_tls_minimum_protocol_version(
envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLSv1_3);
server_params->set_tls_maximum_protocol_version(
envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLSv1_3);
testUtilV2(tls_v1_3_test_options);
client_params->clear_tls_minimum_protocol_version();
client_params->clear_tls_maximum_protocol_version();
server_params->clear_tls_minimum_protocol_version();
server_params->clear_tls_maximum_protocol_version();

I don't think that splitting this test into 16 tiny tests with a ton of boilerplate would improve readability. We'd also need to do the same for other tests that follow this pattern.

If your issue is with the older cipher suite being enabled for all 16 tests cases ahead of time, then I could potentially set and unset them in each case that enables TLSv1.0 or TLSv1.1 and needs it, but that's more error-prone, and since we don't test negotiated cipher suites in this test, I'm not sure it's worth the noise.

Copy link
Copy Markdown
Member

@mattklein123 mattklein123 Nov 2, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If your issue is with the older cipher suite being enabled for all 16 tests cases ahead of time, then I could potentially set and unset them in each case that enables TLSv1.0 or TLSv1.1 and needs it, but that's more error-prone, and since we don't test negotiated cipher suites in this test, I'm not sure it's worth the noise.

Yes this was my concern. I trust your judgement on this so if you think this is best fine with me! Thank you for looking.

@mattklein123 mattklein123 merged commit 06f6351 into envoyproxy:master Nov 2, 2020
This was referenced May 12, 2021
Closed
Closed
@jameshbarton jameshbarton mentioned this pull request Jun 16, 2021
Merged
@jforce jforce mentioned this pull request Jun 22, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mattklein123 mattklein123 mattklein123 approved these changes

@asraa asraa Awaiting requested review from asraa

@lizan lizan Awaiting requested review from lizan

Assignees

@mattklein123 mattklein123

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Remove RSA key transport from the defaults on the client-side

2 participants

@PiotrSikora @mattklein123