On 08 May 2020, at 09:43, Steve Egbert <s.egbert@sbcglobal.net> wrote:
I have an operational need to disable TLSv1.3 due to inadequate support to exclude certain ciphers.
There is no need to disable TLSv1.3 and attempts to do so will be flagged as “downgrade attacks”.
Much to my dismay, the
ssl_protocols
had been renamed and re-functionalized intossl_min_protocol
.Now, there is no way to exclude a specific group of one or more TLS versions.
There is no way to disable a more secure protocol, that is correct. This is how it should be and I am sure this decision was intentional to prevent many many different attack vectors.
I'm still being hammered with the following error with Thunderbird 76.0b3, Dovecot 2.3.4.1-5+deb10u1, Debian 11:
May 8 11:15:47 ns1 dovecot: imap-login: Debug: SSL: where=0x10, ret=1: before SSL initialization May 8 11:15:47 ns1 dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: before SSL initialization May 8 11:15:47 ns1 dovecot: imap-login: Debug: SSL: where=0x2002, ret=-1: before SSL initialization May 8 11:15:47 ns1 dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: before SSL initialization May 8 11:15:47 ns1 dovecot: imap-login: Debug: SSL alert: where=0x4008, ret=582: fatal protocol version May 8 11:15:47 ns1 dovecot: imap-login: Debug: SSL: where=0x2002, ret=-1: error May 8 11:15:47 ns1 dovecot: imap-login: Debug: SSL error: SSL_accept() failed: error:14209102:SSL routines:tls_early_post_process_client_hello:unsupported protocol May 8 11:15:47 ns1 dovecot: imap-login: Disconnected (disconnected before auth was ready, waited 0 secs): user=<>, rip=XX.XX.XX.XX, lip=XX.XX.XX.XX, TLS handshaking: SSL_accept() failed: error:14209102:SSL routines:tls_early_post_process_client_hello:unsupported protocol, session=<GN/GeCSlYuhEhl2U> May 8 11:15:47 ns1 dovecot: imap-login: Debug: SSL error: SSL_accept() syscall failed: Invalid argument
Thunderbird 76 works fine with dovecot 2.3.10 (I just checked). Not sure what you did to your config or if this was something fixed since 2.3.4
This occurred when specifying one TLSv1.3 cipher to be excluded in ssl_cipher via an exclamation mark.
If you disable a cipher that causes Tbird to drop from TLSv1.3 to TLSv1.2 this will probably be seen as a downgrade attack. What cipher are you disabling and why?
On a side note of IMAP client, Latest Mozilla Thunderbird had its pref setting security.tls.version.fallback-limit to 4 (TLSv1.3), of which I have adjusted it to 3 (TLSv1.2) and it .... works when Dovecot is set to TLSv1.2.
AFAIK you cannot force TLSv1.2 when you have TLSv1.3 available.
-- I WILL NOT EXPOSE THE IGNORANCE OF THE FACULTY Bart chalkboard Ep. 8F15