Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:101237 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 79329 invoked from network); 5 Dec 2017 00:20:03 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 5 Dec 2017 00:20:03 -0000 Authentication-Results: pb1.pair.com header.from=walterp@gmail.com; sender-id=pass Authentication-Results: pb1.pair.com smtp.mail=walterp@gmail.com; spf=pass; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.216.170 as permitted sender) X-PHP-List-Original-Sender: walterp@gmail.com X-Host-Fingerprint: 209.85.216.170 mail-qt0-f170.google.com Received: from [209.85.216.170] ([209.85.216.170:45597] helo=mail-qt0-f170.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 38/36-28358-036E52A5 for ; Mon, 04 Dec 2017 19:20:01 -0500 Received: by mail-qt0-f170.google.com with SMTP id g10so25281434qtj.12 for ; Mon, 04 Dec 2017 16:20:00 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=hPd+30zZBs5daNGMjehnGverYdKos7oT4hYf6vrKhzk=; b=czyWseRSpgGa2naH9GIAFuK8LNmHfe5QivurX955bTLj2VDWB/bHe/vp8DXlojFOOc czeO+yIT2UEQZsQqVzBcVCpVIyBsPp5s2PlIW/I9KqSWB6ohCrphfBwmxZqNF/4hmdhO EEvj6xCBlnoYr6fa2uwnh44WRppdy4hhnbULdfvAvg2DFh+1bpnPdnnglbcI+2VIa7oU lBwGL4t0MCkH18/r4m88iRpomPjgNJGO25VGaATRg2nn/8E+TTXo7Me+mEFaabruWI8A 66wfR/aYQQjZoqXQLlqWP3yz9/5rL3Q1dhxbAClrBzBMFAKVxbn7sZtV1xiQzcJKDfv6 27lg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=hPd+30zZBs5daNGMjehnGverYdKos7oT4hYf6vrKhzk=; b=EMoGaTEF0RvDIv0+gzOOhlmNURFHDW/RZ1z/zz6zGjY+I07UCiCSYYTAkIAavbdmdu AQuoXAcwFCCWpfrGaU29L6a09A4mh2hPOl+E7Qgu6UtJLfiGd3ATh8xFv0IxI7dvXtDw S1zNdo9nTqJjEUvkEvyGcwMLsXwOvOlriAvNMI/spVPLz+GlcRkB0Jt1SXG96mYIaNGv JKcZtdCd4KSlkyatkCx1SHVawf7mB6b+rGGNkLHK/yXfN5BQn304fPGf2mW+HQg2Xcw1 nASEeyS3+U+2Z6uDTHLkWXcic3O/zvlcrFF0r//NykviT33mLa59J3qyyAqHAbfTmUDw ehbQ== X-Gm-Message-State: AKGB3mJ0076nLr+da3AoiaHirwY6+rshx+0OByjZMsGBdOOIU1HQ355j ifsj/bc8aqNzFIFCixYXa0Vkw+dL2UGZuFrEVQQ= X-Google-Smtp-Source: AGs4zMa5NVKF5hja0mPydtc0VfKUzjOpMf14jmxbqHhyOW+ZthcZN0DhEupJfH6bztcfTWDUYo0XvCqW0gb5ggp4rGw= X-Received: by 10.200.49.166 with SMTP id h35mr370947qte.293.1512433197294; Mon, 04 Dec 2017 16:19:57 -0800 (PST) MIME-Version: 1.0 Received: by 10.12.154.68 with HTTP; Mon, 4 Dec 2017 16:19:56 -0800 (PST) In-Reply-To: <10a39b35-57e2-d6c4-ea3a-75b47d8df514@rhsoft.net> References: <41630a4e-8772-bdfb-e859-831a36dc67ea@rhsoft.net> <9f3d28e1-cc6d-d5dc-da04-7e3791070be8@rhsoft.net> <35e8f8c5-8fe0-702b-f304-890cf902b390@rhsoft.net> <10a39b35-57e2-d6c4-ea3a-75b47d8df514@rhsoft.net> Date: Mon, 4 Dec 2017 16:19:56 -0800 Message-ID: To: "lists@rhsoft.net" Cc: PHP Internals Content-Type: multipart/alternative; boundary="001a11c1342878ad35055f8ccb48" Subject: Re: [PHP-DEV] PHP 7.2.0 Released From: walterp@gmail.com (Walter Parker) --001a11c1342878ad35055f8ccb48 Content-Type: text/plain; charset="UTF-8" On Mon, Dec 4, 2017 at 2:21 PM, lists@rhsoft.net wrote: > > > Am 04.12.2017 um 22:53 schrieb Walter Parker: > >> On Mon, Dec 4, 2017 at 1:43 PM, Niklas Keller wrote: >> >>> and to be clear here: >>>> >>>> a client when connecting to a server configured like below has to >>>> respect >>>> the cipher order of the server while >>>> https://www.ssllabs.com/ssltest/ exists for years to give dministrators >>>> of the server some help and which clients are using which cipher >>>> >>>> >>> Just minor nitpicking to get the facts right: A client does never respect >>> the used cipher order of the server. A client offers a number of ciphers >>> and the server chooses one of those, either based on its own order >>> (preferred) or based on the client-preferred order. >>> >>> If you know other programs doing it better, research how they do it and >>> propose a change to PHP please. >>> >> > accepted, so PHP did only send a subset of the from openssl supported > ciphers to the server not containing the modern ones > > That's good news. Given that openssl 1.1.0 only shipped late last year, I >> fail to see how this has been an failure in PHP for many years for not >> using a recent feature in openssl. >> Looking at the sources for ab.c, it appears to do things like PHP. The >> protocol level is hard coded to one value (SSL_METHOD >> *SSLv23_method(void);) >> There is a command line override (-Z protocol) that allows the protocol >> selection to be changed to TLS1, TLS1.1, TLS1.2, or TLS1+TLS1.1+TLS1.2. >> >> Lists, could you please clarify what PHP should learn from how ab does >> TLS? >> > as you can see in the ssllabs tests openssl 1.0.1 shipped years ago was > able to use ECDHE/ECDSA with AES-GCM which is the recommended cipher, PHP > until recent was only able to use "DHE-RSA-AES128-SHA", the first part is > slow and the second part SHA1 is deprecated long ago for TLS > > PHP 7.1 even with openssl 1.1.x against MariaDB 10.2: ECDHE-RSA-AES128-SHA > > PHP 7.2 on the same environment: ECDHE-RSA-AES128-GCM-SHA256 > this was and is technically supported by openssl 1.0.x > > ssl-cipher = ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RS > A-AES128-SHA" > > if you restrict mysqld to "ssl-cipher = ECDHE-RSA-AES128-GCM-SHA256" > nothing before PHP 7.2.0 is able to connect at all > > at the same time "ab" which is a small 50 KB binary supports ECDHE and > AES-GCM ciphers for years and is also using openssl - it pretty sure gives > a NULL as cipher to openssl which means openssl sends all it's supported > ciphers to the server and the server then prefers the best one from his > ordering due the handshake > > finally that means without touching the code around openssl from the > moment on the openssl on the client side and the server supports and > perefers a new cipher it will get used without touch "ab" and my question > is why PHP is here completly differnt > > > -- > PHP Internals - PHP Runtime Development Mailing List > To unsubscribe, visit: http://www.php.net/unsub.php > > Oh, I see, this not about the actual change (the protocol version). This is about when using PHP on the client side, it does not support all/enough of the modern cipher suite list. Now that we have identified the problem in question, this should help you when you create your RFC to fix issues with the cipher suite list. FYI, the client and server send lists of ciphers that they support to each other, the server does an AND and picks the highest cipher in on the list. If the client sends only NULL, then NULL is the only valid cipher. OpenSSL has default list which includes weak ciphers (such as DES), so using the default list is bad idea. You keep using ab as your golden standard because it is small. I'd suggest picking an application well known to be secure and not one based on the fact that it is a small C program. I expect that ab gets the newer cipher list by sending the large default list (which has both the strong items with ECDHE & AES-GCM as well as DES and RC4). Server side, that would be a major security issue. Walter -- The greatest dangers to liberty lurk in insidious encroachment by men of zeal, well-meaning but without understanding. -- Justice Louis D. Brandeis --001a11c1342878ad35055f8ccb48--