Include TLSv1.3 suites in some Tomcat configurations #253
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
janbrasna
added
P2
This comment was marked as resolved.
This comment was marked as resolved.
|
Besides splitting the linting commit to a separate PR, the Tomcat changes here LGTM. |
janbrasna
force-pushed
the
fix/tomcat-tls13
branch
from
473670d
to
9df3e19
Compare
|
Thanks. Please submit the removed commit with linting changes and removing defaults to another PR. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
To support not only OpenSSL, but also JSSE fully, whenever ciphers are configured, TLSv1.3 suites must be included, otherwise TLSv1.3–only clients won't be able to connect if not using OpenSSL.
Fixes mozilla/server-side-tls#280
(similar to #226, but with more possible implementations treating the config different ways)
Rationale
The output template doesn't set any Connector details, so the config works for whatever implementation the consumers use (JSSE Java SSL or OpenSSL, depending on tcnative or APR/native lib):
https://tomcat.apache.org/tomcat-9.0-doc/config/http.html#SSL_Support
We kinda imply OpenSSL due to naming in the configs, but thanks to how the value is parsed JSSE will accept
opensslnaming instead of itsianaand happily apply that — so we can use one cipherstring for both and not limit what library can be used.Currently works over OpenSSL but fails for JSSE unless RFC 8446 suites are also defined with the rest, given the API differences when using different crypto connectors. (APR won't configure TLSv1.3 at all and apply defaults, while JSSE will adhere to the cipher list for all protocols, needing the TLSv1.3 defaults explicitly enumerated in the allowed cipherstring.)
Significant changes and points to review
It is slightly complicated as the cipherstring is parsed first, checking allowlists, env configs etc., comparing the suites set with some internal list first, and raising warnings for mismatches — so it has to first pass internal checks before being set by the connector/library.
The addition is necessary for JSSE that treats the list as exhaustive (applied to all TLS versions) and won't configure anything what's not on it on its own, but it won't bother OpenSSL as it won't configure what it doesn't have in allowlists (for ≤TLSv1.2, and using defaults for TLSv1.3); so this can be safely used with both implementations.
Only the three explicit TLSv1.3 suites we have defined
["TLS_AES_128_GCM_SHA256", "TLS_AES_256_GCM_SHA384", "TLS_CHACHA20_POLY1305_SHA256"]will be configured and allowed.The defaults will be applied for TLSv1.3 connections, so e.g. any CCM suites enabled on the system will also be allowed (or any other disabled elsewhere not changed etc.), so the TLSv1.3–related part of the cipherstring will have no impact.
Testing
https://fix-tomcat-tls13--mozsslconf-dev.netlify.app/#server=tomcat