IBM Support

In IBM InfoSphere Information Server, how do I select the OpenSSL version to be used by the Progress DataDirect ODBC drivers

Troubleshooting


Problem

DataDirect ODBC Drivers now installs the following versions of the OpenSSL library, listed in order of most secure to least secure: 1.1.1n (libVMtls00.so file version 08.02.0216) and - 1.0.2d (libVMssl00.so file version 08.02.0244). By default, the drivers are configured to use the OpenSSL library version 1.1.1n. However, some characteristics of the library 1.1.1n can cause connections to certain databases to fail.

Symptom

The ODBC connection fails.

Cause

The minimum required length for the Diffie-Hellman key exchange was increased to 1024 bits.
When accessing databases that have not been fixed to address the "Logjam" vulnerability, this change can cause connections to fail.

Resolving The Problem

In an effort to reduce the risk associated with upgrading to 1.1.1n, the driver set also installs earlier version of the library.

After the installation, you can use OpenSSL library version 1.0.2d until your environment is ready to migrate to latest OpenSSL version installed.

IMPORTANT: OpenSSL declared that version 1.0.2* was supported only until 31st Dec, 2019 and IBM will stop providing this version in the future versions of the driver set. Users must start using the OpenSSL 1.1.1*, which is their current Long Term Support release. For more information, please refer to: https://www.openssl.org/policies/releasestrat.html

To select libraries use the AllowedOpenSSLVersions, CryptoLibName and SSLLibName connection options.

Advantages and Risks involved with different versions of library

The following table involves the advantages and risks involved with the different versions of the library:
 
Library Version Advantages Risks
1.0.2d
  • - Supports TLS 1.1 and 1.2
    - Includes fixes for the Logjam vulnerability (CVE-2015-4000)
    - Supports OpenSSL beyond December 31st, 2015
- To resolve the Logjam vulnerability, the minimum required length for the Diffie-Hellman key exchange was increased to 768 bits. This can cause connections to some databases such as MySQL 5.5, build 45 or earlier to fail.
- Alterations to the SSL handshake resulting from TLS 1.1 and 1.2 support can cause connections to certain databases such as Oracle 11g R2 (11.2.0.1) to fail.
1.0.2h Upgrading to 1.0.2h provides the following advantages, in addition to the advantages of 1.0.2d:
- Padding oracle in AES-NI CBC MAC check (CVE-2016-2107)
- EVP_EncodeUpdate overflow (CVE-2016-2105)
- EVP_EncryptUpdate overflow (CVE-2016-2106)
- ASN.1 BIO excessive memory allocation (CVE-2016-2109)
- EBCDIC overread (CVE-2016-2176)
- Provides stronger cryptographic assurance against the "Logjam" vulnerability (CVE-2015-4000)
- Fixes the "DH small subgroups" vulnerability (CVE-2016-0701)
- Fixes the "SSLv2 doesn't block disabled ciphers" vulnerability (CVE-2015-3197)
- Fixes the "BN_mod_exp may produce incorrect results on x86_64" vulnerability (CVE-2015-3193)
- Fixes the "Certificate verify crash with missing PSS parameter" vulnerability (CVE-2015-3194)
- Fixes the "X509_ATTRIBUTE memory leak" vulnerability (CVE-2015-3195)
- Fixes the "missing Memory allocation success checks in doapr_outch function in crypto/bio/b_print.c" (CVE-2016-2842)
- Fixes the "Cross-protocol attack on TLS using SSLv2 (DROWN)" (CVE-2016-0800)
- Fixes the "memory issues in BIO_*printf functions" (CVE-2016-0799)
- Fixes the "Memory leak in SRP database lookups" (CVE-2016-0798)
- Fixes the "Double-free in DSA code" (CVE-2016-0705)
- Fixes the "Side channel attack on modular exponentiation" (CVE-2016-0702)
In addition to the risks associated with 1.0.2d, upgrading to version 1.0.2h includes the following risk:
- To improve protection against the "Logjam" vulnerability, the minimum required length for the Diffie-Hellman key exchange was increased to 1024 bits.
When accessing databases that have not been fixed to address the "Logjam" vulnerability, this change can cause connections to fail.
You can work around this issue by disabling Diffie-Hellman cipher suites.
1.0.2j Upgrading to 1.0.2j provides the following advantages, in addition to the advantages of 1.0.2h and 1.0.2d:

- Fixes pointer arithmetic for heap-buffer boundary checks (CVE-2016-2177)
- Fixes improper use of constant-time operations (CVE-2016-2178)
- Fixes out-of-bounds read in the TS_OBJ_print_bio function (CVE-2016-2180)
- Fixes an out of bounds write in BN_bn2dec() function (CVE-2016-2182)
- Fixes an out of bounds write in MDC2_Update() function (CVE-2016-6303)
- Fixes an out of bounds message reads (CVE-2016-6306)
In addition to the risks associated with 1.0.2h and 1.0.2d, upgrading to version 1.0.2j includes the following risk:
CVE-2016-2183 - SWEET32 Mitigation
- This flaw is related to the design of the DES/3DES cipher and is not an implementation flaw. To avoid this vulnerability, it is advised to disable the DES/3DES and consider is bad as "RC4".
- To disable them from client, users can use hidden connection option "CipherList".
If users are currently not using this option, they should add "DEFAULT:-DES:-3DES" to their DSN.
If users are already using this option, they can just add ":-DES:-3DES" to the existing list.
1.0.2k - Truncated packet could crash via OOB read (CVE-2017-3731)
- BN_mod_exp may produce incorrect results on x86_64 (CVE-2017-3732)
- Montgomery multiplication may produce incorrect results (CVE-2016-7055)
No new risks.
1.0.2n - Malformed X.509 IPAddressFamily could cause OOB read (CVE-2017-3735)

- bn_sqrx8x_internal carry bug on x86_64 (CVE-2017-3736)

- rsaz_1024_mul_avx2 overflow bug on x86_64 (CVE-2017-3738)
No new risks.
1.0.2r
 - Client DoS due to large DH parameter (CVE-2018-0732)

 - Timing vulnerability in DSA signature generation (CVE-2018-0734)

 - Microarchitecture timing vulnerability in ECC scalar multiplication (CVE-2018-5407)
CVE-2018-0732 – Turn off use of DHE cipher suites, either in the driver or on the server.

CVE-2018-0734 – Turn off use of DSA cipher suites, either in the driver or on the server.
CVE-2018-5407 – Turn off use of ECDSA and ECDH cipher suites, either in the driver or on the server.
  1.1.1d  
 Upgrading to OpenSSL 1.1.1d has the following advantages in addition to the ones that are already supported.
 
 - Windows builds with insecure path defaults (CVE-2019-1552)
 - ECDSA remote timing attack  (CVE-2019-1549)
Additionally, it has the following new features: Complete rewrite of the OpenSSL random number generator to introduce the following capabilities, Support for various new cryptographic algorithms
 - SSLv2 support is discontinued
 - Few ciphers have been deprecated. Check the Progress KB article for more details: Support for OpenSSL 1.1.1
1.1.1g
  Upgrading to OpenSSL 1.1.1g has the following advantages in addition to the ones that are already supported.
 - Overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli (CVE-2019-1551)
 CVE-2019-1551 – Turn off use of DHE cipher suites, either in the driver or on the server.
1.1.1k
Upgrading to OpenSSL 1.1.1k has the following advantages in addition to the ones that are already supported.
 - OpenSSL is vulnerable to a denial of service, caused by an integer overflow in CipherUpdate. By sending an overly long argument, an attacker could exploit this vulnerability to cause the application to crash. (CVE-2021-23840)

 - OpenSSL could allow a remote attacker to bypass security restrictions, caused by a missing check in the validation logic of X.509 certificate chains by the X509_V_FLAG_X509_STRICT flag. By using any valid certificate or certificate chain to sign a specially crafted certificate, an attacker could bypass the check that non-CA certificates must not be able to issue other certificates and override the default purpose (CVE-2021-3450)
1.1.1l
Upgrading to OpenSSL 1.1.1l has the following advantages in addition to the ones that are already supported.
 - Fix to SM2 Decryption Buffer Overflow (CVE-2021-3711)
1.1.1n
Upgrading to OpenSSL 1.1.1n has the following advantages in addition to the ones that are already supported.
 - OpenSSL infinite loop vulnerability when parsing an invalid certificate and can result in a Denial-of-Service (DoS) to the application ( CVE-2022-0778 )

For more information, refer to the ODBCREADME.TXT/ODBC64README.TXT shipped with the product.

Selecting different versions of OpenSSL libraries

OpenSSL 1.1.1 will now be the default version of SSL loaded by the drivers; user can force usage of 1.1.1 or 1.0.2 by the connection parameter: AllowedOpenSSLVersions. For more details on this upgrade, please refer to: Support for OpenSSL 1.1.1
Use the CryptoLibName and SSLLibName connection options to designate OpenSSL libraries used when SSL is enabled.

On Linux / Unix platforms:
Add CryptoLibName and SSLLibName attributes to the DSN in $DSHOME/.odbc.ini file. For example:

CryptoLibName=/opt/IBM/InformationServer/Server/branded_odbc/lib/openssl/1.0.2d/libVMssl00.so
SSLLibName=/opt/IBM/InformationServer/Server/branded_odbc/lib/openssl/1.0.2d/libVMssl00.so

On Windows platform:
For Windows, the value for this option is specified as an option-value pair in the Extended Options field on the Advanced tab. For example:

SSLLibName=C:\IBM\ODBCdrivers\OpenSSL\1.0.2d\vmssl00.dll;

Notes:
1. The OpenSSL library files provided by Progress combines the cryptographic and SSL libraries into a single file. Therefore, when your drivers are using a Progress library file, the values specified for the CryptoLibName and SSLLibName options must be the same.
For non-Progress library files, the libraries may use separate files, which would require unique values to be specified.
2. This option can be used to designate OpenSSL libraries not installed by the product. However, the drivers are certified only against libraries provided by Progress.

Change History:
07 February 2017 Published updated drivers for OpenSSL versions 1.0.2j, 1.0.2d, 1.0.0r
24 February 2017 No further updates will be provided for OpenSSL version 1.0.0r

26 May 2017 OpenSSL drivers upgrade to 1.0.2k version

20 April 2018 OpenSSL drivers upgrade to 1.0.2n version

08 May 2019 OpenSSL drivers upgrade to 1.0.2r version

13 Jan 2020 OpenSSL drivers upgrade to 1.1.1d version

02 Nov 2020 OpenSSL drivers upgrade to 1.1.1g version

22 July 2021 OpenSSL drivers upgrade to 1.1.1k version

12 November 2021 OpenSSL drivers upgrade to 1.1.1l version

01 June 2022 OpenSSL drivers upgrade to 1.1.1n version

[{"Type":"MASTER","Line of Business":{"code":"LOB10","label":"Data and AI"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSVSEF","label":"IBM InfoSphere DataStage"},"ARM Category":[{"code":"a8m500000008gobAAA","label":"DataStage-\u003EOEM - 3rd Party Products-\u003EDataDirect ODBC-\u003EODBC Driver Issues"}],"ARM Case Number":"","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF016","label":"Linux"},{"code":"PF033","label":"Windows"},{"code":"PF035","label":"z\/OS"}],"Version":"11.7.0;11.7.1"},{"Product":{"code":"SSVSEF","label":"IBM InfoSphere DataStage"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":" ","Platform":[{"code":"","label":""}],"Version":"","Edition":"","Line of Business":{"code":"LOB10","label":"Data and AI"}}]

Document Information

Modified date:
10 June 2022

UID

swg21980217