Ubuntu Precise packaged 2.9.1 & SSL 1.0.1

classic Classic list List threaded Threaded
10 messages Options
Reply | Threaded
Open this post in threaded view
|

Ubuntu Precise packaged 2.9.1 & SSL 1.0.1

Daniel L. Miller
After a recent Ubuntu server upgrade, the packaged versions of Postfix -
using Ubuntu's "Precise" version, as well as the "security", "updates",
and "backports" repositories - Postfix's TLS is broken with the known
SSL version issue:

warning: TLS library problem: 4425:error:1408F10B:SSL
routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:340:

I've tried a couple different main.cf settings, including:
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3

but the only option that has given me temporary functionality is:
smtpd_tls_security_level=none

Is there a way I can restore TLS functionality via configuration? Or is
an updated Postfix, possibly a self-compiled version, my only option?
--
Daniel
Reply | Threaded
Open this post in threaded view
|

Re: Ubuntu Precise packaged 2.9.1 & SSL 1.0.1

Robert Schetterer
Am 26.06.2012 20:04, schrieb Daniel L. Miller:

> After a recent Ubuntu server upgrade, the packaged versions of Postfix -
> using Ubuntu's "Precise" version, as well as the "security", "updates",
> and "backports" repositories - Postfix's TLS is broken with the known
> SSL version issue:
>
> warning: TLS library problem: 4425:error:1408F10B:SSL
> routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:340:
>
> I've tried a couple different main.cf settings, including:
> smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
>
> but the only option that has given me temporary functionality is:
> smtpd_tls_security_level=none
>
> Is there a way I can restore TLS functionality via configuration? Or is
> an updated Postfix, possibly a self-compiled version, my only option?

have you read
http://www.postfix.org/TLS_README.html ?


in quantal

http://packages.ubuntu.com/search?keywords=postfix&searchon=names&suite=quantal&section=all

postfix is
2.9.3-2: amd64 i386

there should be a lot of tls fixes

ftp://ftp.fu-berlin.de/unix/mail/postfix/official/postfix-2.9.3.HISTORY

i.e
--snip
20120422

        Bit-rot: OpenSSL 1.0.1 introduces new protocols. Update the
        known TLS protocol list so that protocols can be turned off
        selectively to work around implementation bugs.  Based on
        a patch by Victor Duchovni.  Files: proto/TLS_README.html,
        proto/postconf.proto, tls/tls.h, tls/tls_misc.c, tls/tls_client.c,
        tls/tls_server.c.
--snip



recompile it on oneric or wait till backport

there was a thread
http://comments.gmane.org/gmane.mail.postfix.user/229196

--snip
That will be a solution for Postfix 2.10.

Meanwhile, for earlier Postfix releases, how much of the problem
can be solved by changing from:

    mumble_tls_mandatory_protocols = SSLv3, TLSv1

(i.e. the current default) to:

    mumble_tls_mandatory_protocols = !SSLv2

I don't mind that the older Postfix versions would not be able to
turn on/off protocols that didn't exist at the time Postfix was
released.

        Wietse
--snipend

http://www.postfix.org/postconf.5.html

--snip

smtp_tls_mandatory_protocols (default: !SSLv2)

    List of SSL/TLS protocols that the Postfix SMTP client will use with
mandatory TLS encryption. In main.cf the values are separated by
whitespace, commas or colons. In the policy table "protocols" attribute
(see smtp_tls_policy_maps) the only valid separator is colon. An empty
value means allow all protocols. The valid protocol names, (see
SSL_get_version(3)), are "SSLv2", "SSLv3" and "TLSv1".

    Note: As of OpenSSL 1.0.1 two new protocols are defined, "TLSv1.1"
and "TLSv1.2". If an older Postfix version is linked against OpenSSL
1.0.1 or later, these, or any other new protocol versions, are
unconditionally enabled.

    With Postfix ≥ 2.5 the parameter syntax is expanded to support
protocol exclusions. One can now explicitly exclude SSLv2 by setting
"smtp_tls_mandatory_protocols = !SSLv2". To exclude both SSLv2 and SSLv3
set "smtp_tls_mandatory_protocols = !SSLv2, !SSLv3". Listing the
protocols to include, rather than protocols to exclude, is supported,
but not recommended. The exclusion form more closely matches the
behaviour when the OpenSSL library is newer than Postfix.

    Since SSL version 2 has known protocol weaknesses and is now
deprecated, the default setting excludes "SSLv2". This means that by
default, SSL version 2 will not be used at the "encrypt" security level
and higher.

    See the documentation of the smtp_tls_policy_maps parameter and
TLS_README for more information about security levels.

    Example:

    # Preferred form with Postfix ≥ 2.5:
    smtp_tls_mandatory_protocols = !SSLv2, !SSLv3
    # Alternative form.
    smtp_tls_mandatory_protocols = TLSv1

--snipend

but i am not really up2date with this issue

but i am sure others are and will answer
--
Best Regards
MfG Robert Schetterer


Reply | Threaded
Open this post in threaded view
|

Re: Ubuntu Precise packaged 2.9.1 & SSL 1.0.1

Scott Kitterman-4
In reply to this post by Daniel L. Miller
On Tuesday, June 26, 2012 11:04:16 AM Daniel L. Miller wrote:

> After a recent Ubuntu server upgrade, the packaged versions of Postfix -
> using Ubuntu's "Precise" version, as well as the "security", "updates",
> and "backports" repositories - Postfix's TLS is broken with the known
> SSL version issue:
>
> warning: TLS library problem: 4425:error:1408F10B:SSL
> routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:340:
>
> I've tried a couple different main.cf settings, including:
> smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
>
> but the only option that has given me temporary functionality is:
> smtpd_tls_security_level=none
>
> Is there a way I can restore TLS functionality via configuration? Or is
> an updated Postfix, possibly a self-compiled version, my only option?

I have it on my TODO list to do the testing to get the package updated to
2.9.3 on Ubuntu 12.04, but haven't gotten to it yet.  Since you're interested,
I went ahead and uploaded the package for test to my PPA at
https://launchpad.net/~kitterman/+archive/ppa - It won't be compiled there yet
since I just uploaded it, but it should be available later today or tomorrow.

Scott K
Reply | Threaded
Open this post in threaded view
|

Re: Ubuntu Precise packaged 2.9.1 & SSL 1.0.1

Christopher Stolzenberg
In reply to this post by Daniel L. Miller
2012/6/26 Daniel L. Miller <[hidden email]>:
> After a recent Ubuntu server upgrade, the packaged versions of Postfix -
> using Ubuntu's "Precise" version, as well as the "security", "updates", and
> "backports" repositories - Postfix's TLS is broken with the known SSL
> version issue:
>
> warning: TLS library problem: 4425:error:1408F10B:SSL
> routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:340:

A general question:
Why is only postfix affected and not sendmail or exim?

--
Chris
Reply | Threaded
Open this post in threaded view
|

Re: Ubuntu Precise packaged 2.9.1 & SSL 1.0.1

John Peach-2
In reply to this post by Daniel L. Miller
On Tue, 26 Jun 2012 11:04:16 -0700
"Daniel L. Miller" <[hidden email]> wrote:

> After a recent Ubuntu server upgrade, the packaged versions of Postfix -
> using Ubuntu's "Precise" version, as well as the "security", "updates",
> and "backports" repositories - Postfix's TLS is broken with the known
> SSL version issue:
>
> warning: TLS library problem: 4425:error:1408F10B:SSL
> routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:340:
>
> I've tried a couple different main.cf settings, including:
> smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
>
> but the only option that has given me temporary functionality is:
> smtpd_tls_security_level=none
>
> Is there a way I can restore TLS functionality via configuration? Or is
> an updated Postfix, possibly a self-compiled version, my only option?

I've not seen this at all, but I've always used:

smtpd_tls_security_level = may

This gives me TLS when the client wants to use it.....


--
John
Reply | Threaded
Open this post in threaded view
|

Re: Ubuntu Precise packaged 2.9.1 & SSL 1.0.1

Wietse Venema
In reply to this post by Christopher Stolzenberg
Chris:

> 2012/6/26 Daniel L. Miller <[hidden email]>:
> > After a recent Ubuntu server upgrade, the packaged versions of Postfix -
> > using Ubuntu's "Precise" version, as well as the "security", "updates", and
> > "backports" repositories - Postfix's TLS is broken with the known SSL
> > version issue:
> >
> > warning: TLS library problem: 4425:error:1408F10B:SSL
> > routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:340:
>
> A general question:
> Why is only postfix affected and not sendmail or exim?

Says who?

OpenSSL 1.0.1 introduces new protocols (TLSv1.2 and TLSv1.1) that
don't work with some other implementations of those new protocols.

Postfix 2.9.2 introduces support to turn off the new protocols,
so that Postfix falls back to the ones that work.

        Wietse
Reply | Threaded
Open this post in threaded view
|

Re: Ubuntu Precise packaged 2.9.1 & SSL 1.0.1

Christopher Stolzenberg
2012/6/27 Wietse Venema <[hidden email]>:

> Chris:
>> 2012/6/26 Daniel L. Miller <[hidden email]>:
>> > After a recent Ubuntu server upgrade, the packaged versions of Postfix -
>> > using Ubuntu's "Precise" version, as well as the "security", "updates", and
>> > "backports" repositories - Postfix's TLS is broken with the known SSL
>> > version issue:
>> >
>> > warning: TLS library problem: 4425:error:1408F10B:SSL
>> > routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:340:
>>
>> A general question:
>> Why is only postfix affected and not sendmail or exim?
>
> Says who?

Okay, I have seen nothing on the sendmail mailing list.

>
> OpenSSL 1.0.1 introduces new protocols (TLSv1.2 and TLSv1.1) that
> don't work with some other implementations of those new protocols.
>
> Postfix 2.9.2 introduces support to turn off the new protocols,
> so that Postfix falls back to the ones that work.

Turning off the new protocols is only an interim solution?

--
Chris
Reply | Threaded
Open this post in threaded view
|

Re: Ubuntu Precise packaged 2.9.1 & SSL 1.0.1

Wietse Venema
Wietse:
> Postfix 2.9.2 introduces support to turn off the new [TLSv1.2 and
> TLSv1.1] protocols, so that Postfix falls back to the ones that
> work.

Chris:
> Turning off the new protocols is only an interim solution?

No due date is given for global TLSv1.2 and TLSv1.1 inter-operability,
so you'll have to watch the news to find out when this has happened.

        Wietse
Reply | Threaded
Open this post in threaded view
|

Re: Ubuntu Precise packaged 2.9.1 & SSL 1.0.1

Viktor Dukhovni
In reply to this post by Daniel L. Miller
On Tue, Jun 26, 2012 at 11:04:16AM -0700, Daniel L. Miller wrote:

> After a recent Ubuntu server upgrade, the packaged versions of
> Postfix - using Ubuntu's "Precise" version, as well as the
> "security", "updates", and "backports" repositories - Postfix's TLS
> is broken with the known SSL version issue:
>
> warning: TLS library problem: 4425:error:1408F10B:SSL
> routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:340:

The issue is possibly related to session resumption, in which case
it may not be surprising if Sendmail does not run into it, since
Sendmail does not have a TLS session cache.

If anyone is able to reproduce the issue with TLSv1.2 enabled,
please send me logging for one failed connection with "smtpd_tls_loglevel
= 4" gathered after a "postfix stop; postfix start", so that the
TLS session cache is initially empty, and (if perhaps the failure
*is* related to session resumption and requires a non-empty cache)
also similar logging for a connection with a resumed TLS session.

Is the error in question observed primarily on clients, servers or
both?

--
        Viktor.
Reply | Threaded
Open this post in threaded view
|

Re: Ubuntu Precise packaged 2.9.1 & SSL 1.0.1

Viktor Dukhovni
On Thu, Jun 28, 2012 at 03:10:14PM +0000, Viktor Dukhovni wrote:

> If anyone is able to reproduce the issue with TLSv1.2 enabled,
> please send me logging for one failed connection with "smtpd_tls_loglevel
> = 4" gathered after a "postfix stop; postfix start", so that the
> TLS session cache is initially empty, and (if perhaps the failure
> *is* related to session resumption and requires a non-empty cache)
> also similar logging for a connection with a resumed TLS session.

If it makes any difference "smtpd_tls_loglevel = 3" may also
be sufficient if the error is seen during the handshake phase
of the SSL session.

> --
> Viktor.