WL#13392: Support for TLS 1.3 in Asynchronous Replication

Affects: Server-8.0 — Status: Complete

Description
Requirements
High Level Architecture
Low Level Design

EXECUTIVE SUMMARY
=================

WL#12361: "Support TLS 1.3 in the server and libmysql" implemented
support for TLS 1.3 in the connections between MySQL clients and
servers. It includes the connections established through
asynchronous replication, which use the same library - libmysql,
that is, a slave server can establish its connection to a master
using TLS 1.3. Though the TLS 1.3 configuration was not implemented
on replication connections, there is no user interface to a DBA set
the allowed ciphersuites.

The DBA can now restrict the master server's TLS configuration to
TLS 1.3 and a single TLS 1.3 ciphersuite that is not enabled by
default, e.g., --tls-version=TLSv1.3 and
--tls-ciphersuites=TLS_AES_128_CCM_8_SHA256[1]. Replication slaves
cannot connect to the master with such configurations.
This also breaks Group Replication incremental recovery since it
uses a asynchronous replication channel.

To allow such configuration this worklog will implement:
 1. MASTER_TLS_CIPHERSUITES option on CHANGE MASTER command;
 2. group_replication_recovery_tls_version plugin option;
 3. group_replication_recovery_tls_ciphersuites plugin option.


USER STORIES
============

- As a system developer using MySQL I want to be able to specify
  which ciphersuites are allowed when I configure a replication
  slave to use TLS 1.3 encrypted connection.

- As a system developer using MySQL I want to be able to specify
  which ciphersuites are allowed when I configure a Group
  Replication member to use TLS 1.3 encrypted connections.


[1] https://dev.mysql.com/doc/refman/8.0/en/encrypted-connection-protocols-ciphers.html

Functional requirements
=======================
FR1: It must be possible to configure TLS 1.3 ciphersuites on
     asynchronous replication connections, through option
     MASTER_TLS_CIPHERSUITES on CHANGE MASTER command.

FR2: It must be possible to configure the TLS version used to
     encrypt Group Replication incremental recovery connections,
     through option group_replication_recovery_tls_version.

FR3: It must be possible to configure TLS 1.3 ciphersuites on
     Group Replication members incremental recovery connections,
     through option group_replication_recovery_tls_ciphersuites.

FR4: Options MASTER_TLS_CIPHERSUITES on CHANGE MASTER and
     group_replication_recovery_tls_ciphersuites have the same
     behaviour of MySQL clients tls_ciphersuites option[1].

FR5: Option group_replication_recovery_tls_version has the same
     behaviour of MySQL clients tls_version option[2].

[1] https://dev.mysql.com/doc/refman/8.0/en/connection-options.html#option_general_tls-ciphersuites
[2] https://dev.mysql.com/doc/refman/8.0/en/connection-options.html#option_general_tls-version


Non-functional requirements
===========================
  None.

SUMMARY OF THE APPROACH
=======================
The DBA can configure the which TLS version is used to encrypt
replication asynchronous connections through MASTER_TLS_VERSION
option on CHANGE MASTER command. A new option
MASTER_TLS_CIPHERSUITES will be added to configure the allowed
ciphersuites when TLS 1.3 is used.

On Group Replication plugin, two new options will be add:
group_replication_recovery_tls_version and
group_replication_recovery_tls_ciphersuites so that DBA can
configure the TLS version and TLS 1.3 allowed ciphersuites on
incremental recovery connections.


USER INTERFACE
==============

Asynchronous replication
------------------------
The DBA can specify the behaviour by setting the following option on
CHANGE MASTER command:
 - MASTER_TLS_CIPHERSUITES
 - values: see https://dev.mysql.com/doc/refman/8.0/en/encrypted-connection-protocols-ciphers.html
 - default: NULL

Regarding the option value, please note the meaning of:
 NULL: TLS 1.3 default ciphersuites allowed
 "":   no TLS 1.3 ciphersuites allowed

Example:
 CHANGE MASTER TO MASTER_TLS_CIPHERSUITES='TLS_AES_128_CCM_8_SHA256' FOR CHANNEL 'channel';


Group Replication
-----------------
The DBA can specify the behaviour by setting the options:
 - name: group_replication_recovery_tls_version
 - values: {"TLSv1", "TLSv1.1" ,"TLSv1.2", "TLSv1.3"}
 - default: "TLSv1,TLSv1.1,TLSv1.2,TLSv1.3"
 - scope: global
 - dynamic: yes
 - replicated: no
 - persistable: PERSIST, PERSIST_ONLY
 - credentials: SYSTEM_VARIABLES_ADMIN
 - description: Which protocols the member permits for incremental
                recovery encrypted connections.

 - name: group_replication_recovery_tls_ciphersuites
 - values: see https://dev.mysql.com/doc/refman/8.0/en/encrypted-connection-protocols-ciphers.html
 - default: NULL
 - scope: global
 - dynamic: yes
 - replicated: no
 - persistable: PERSIST, PERSIST_ONLY
 - credentials: SYSTEM_VARIABLES_ADMIN
 - description: Which ciphersuites the member permits when TLS 1.3
                is used for incremental recovery encrypted
                connections.

Regarding the option value, please note the meaning of:
  NULL: TLS 1.3 default ciphersuites allowed
  "":   no TLS 1.3 ciphersuites allowed


SECURITY CONTEXT
================
SYSTEM_VARIABLES_ADMIN privilege is required to change the options
group_replication_recovery_tls_version and
group_replication_recovery_tls_ciphersuites.

REPLICATION_SLAVE_ADMIN privilege is required to execute CHANGE
MASTER command.


UPGRADE/DOWNGRADE
=================
System table `mysql`.`slave_master_info` will be extended with the
column `Tls_ciphersuites`.
The server implicit upgrade procedure will be extended to handle it.

CROSS-VERSION REPLICATION
=========================
A slave or member will only be able to connect to a previous version
server if that server supports a compatible TLS version, that is, a
a slave with TLS 1.3 only will not be able to connect to a TLS 1.2
only master.
They need to have at least one compatible version, example:
  master: "TLSv1,TLSv1.1,TLSv1.2"
  slave:  "TLSv1,TLSv1.1,TLSv1.2,TLSv1.3"
TLSv1.2 will be used on the connection.

The same principle applies to TLS ciphersuites.


OBSERVABILITY
=============
Table `performance_schema`.`replication_connection_configuration`
will be extended with the column TLS_CIPHERSUITES.


DEPLOYMENT AND INSTALLATION
===========================
There are no repercussions, since the implicit server upgrade will
take care of the need actions.


PROTOCOL
========
There are no repercussions, this worklog only does extend user
interface and monitoring.


FAILURE MODEL SPECIFICATION
===========================
The failure model remains unchanged.
Please note that servers must have compatible TLS version and
ciphersuites in order to establish connections between them.

SUMMARY OF CHANGES
==================

Server core changes
-------------------
- Add column `Tls_ciphersuites` to `mysql`.`slave_master_info`
  table.
  ```
  Tls_ciphersuites TEXT CHARACTER SET utf8 COLLATE utf8_bin DEFAULT NULL COMMENT
  'Ciphersuites used for TLS 1.3 communication with the master server.'
  ```
- Add column `TLS_CIPHERSUITES` to
  `performance_schema`.`replication_connection_configuration` table.
  ```
  TLS_CIPHERSUITES TEXT CHARACTER SET utf8 COLLATE utf8_bin NULL
  ```
- Add option MASTER_TLS_CIPHERSUITES to CHANGE MASTER command.
- Add tls_ciphersuites attribute to Master_info class.
- Add tls_ciphersuites parameter to rpl_channel_service_interface.
- Set the tls_ciphersuites to the connection established from
  the slave to the master.

Group Replication changes
-------------------------
- Add option group_replication_recovery_tls_version.
- Add option group_replication_recovery_tls_ciphersuites.