Dovecot 2.1.7 still accepting SSLv3 though disabled?
Thomas Preissler
thomas at preissler.co.uk
Sun Mar 15 09:35:56 UTC 2015
Hello,
I came across a strange problem with my Dovecot 2.1.7 installation
(updated Debian Wheezy) in regards to SSL/TLS connections.
My configuration is as follows:
$ dovecot -n | grep ssl
service imap-login {
ssl = yes
...
}
ssl_cert = <......
ssl_cipher_list =
EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA
ssl_key = <......
ssl_protocols = !SSLv3 !SSLv2
This cipherstring has been taken from
https://bettercrypto.org/static/applied-crypto-hardening.pdf. But this
is not the problem, when I comment it out, Dovecot still behaves the
same way.
When I enable verbose_ssl I get this:
2015-03-15 08:27:39 imap-login: Warning: SSL: where=0x10, ret=1: before/accept initialization [$CLIENTIP]
2015-03-15 08:27:39 imap-login: Warning: SSL: where=0x2001, ret=1: before/accept initialization [$CLIENTIP]
2015-03-15 08:27:39 imap-login: Warning: SSL: where=0x2002, ret=-1: unknown state [$CLIENTIP]
2015-03-15 08:27:39 imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 read client hello A [$CLIENTIP]
2015-03-15 08:27:39 imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write server hello A [$CLIENTIP]
2015-03-15 08:27:39 imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write certificate A [$CLIENTIP]
2015-03-15 08:27:39 imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write server done A [$CLIENTIP]
2015-03-15 08:27:39 imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 flush data [$CLIENTIP]
2015-03-15 08:27:39 imap-login: Warning: SSL: where=0x2002, ret=-1: SSLv3 read client certificate A [$CLIENTIP]
2015-03-15 08:27:39 imap-login: Warning: SSL: where=0x2002, ret=-1: SSLv3 read client certificate A [$CLIENTIP]
2015-03-15 08:27:39 imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 read client key exchange A [$CLIENTIP]
2015-03-15 08:27:39 imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 read finished A [$CLIENTIP]
2015-03-15 08:27:39 imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write change cipher spec A [$CLIENTIP]
2015-03-15 08:27:39 imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 write finished A [$CLIENTIP]
2015-03-15 08:27:39 imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 flush data [$CLIENTIP]
2015-03-15 08:27:39 imap-login: Warning: SSL: where=0x20, ret=1: SSL negotiation finished successfully [$CLIENTIP]
2015-03-15 08:27:39 imap-login: Warning: SSL: where=0x2002, ret=1: SSL negotiation finished successfully [$CLIENTIP]
Is this right? Is SSLv3 used on this connection?
But when I explicitely test for SSLv3 support I get
$ openssl s_client -connect $SERVERIP:993 -ssl3
CONNECTED(00000003)
140683835029160:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1260:SSL alert number 40
140683835029160:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:598:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 0 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : SSLv3
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1426411304
Timeout : 7200 (sec)
Verify return code: 0 (ok)
---
Where I got this from says "if you you get a handshake failure, then you don't
support SSLv3". But in my case the following output kinda says, that I do
support it - with a ciphers of (NONE)?
In regards to libraries
$ ldd /usr/lib/dovecot/imap-login | grep ssl
libssl.so.1.0.0 => /usr/lib/x86_64-linux-gnu/libssl.so.1.0.0 (0x00007f1f55025000)
$ dpkg -l | grep ssl
ii libcrypt-openssl-bignum-perl 0.04-3 amd64 Access OpenSSL multiprecision integer arithmetic libraries
ii libcrypt-openssl-dsa-perl 0.13-6 amd64 module which implements the DSA signature verification system
ii libcrypt-openssl-rsa-perl 0.28-1 amd64 module for RSA encryption using OpenSSL
ii libcrypt-ssleay-perl 0.58-1 amd64 OpenSSL support for LWP
ii libio-socket-ssl-perl 1.76-2 all Perl module implementing object oriented interface to SSL sockets
ii libnet-ssleay-perl 1.48-1+b1 amd64 Perl module for Secure Sockets Layer (SSL)
rc libssl0.9.8 0.9.8o-4squeeze14 amd64 SSL shared libraries
ii libssl1.0.0:amd64 1.0.1e-2+deb7u14 amd64 SSL shared libraries
ii openssl 1.0.1e-2+deb7u14 amd64 Secure Socket Layer (SSL) binary and related cryptographic tools
ii openssl-blacklist 0.5-3 all Blacklists for OpenSSL RSA keys and tools
ii python-openssl 0.13-2+deb7u1 amd64 Python 2 wrapper around the OpenSSL library
ii ssl-cert 1.0.32 all simple debconf wrapper for OpenSSL
ii ssl-cert-check 3.22-1 all proactively handling X.509 certificate expiration
ii sslmate 0.6.2-1 all Buy and manage SSL certificates from the command line
My NginX is using the same library, and this does indeed support TLSv2, so what
I am doing wrong in my Dovecot configuration?
Any clues?
Regards
Thomas
--
www.preissler.co.uk | Twitter: @module0x90 | PGP-Key: 75889415
GPG Fingerprint: CCBD 153A D257 CA7E A217 FDF7 5928 03D1 7588 9415
More information about the dovecot
mailing list