tls stopped working after update from 3.1.14 to 3.4.8

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

tls stopped working after update from 3.1.14 to 3.4.8

Michael-5
hey,

after upgrading from debian stretch (providing postfix 3.1.14) to buster
(providing postfix 3.4.8), i just found out that no incoming mail was
received any longer. digging a little deeper showed me that turning of tls
resolved this issue. but then again, there was no tls...

i would appreciate a little help on why postfix doesn't like my old
settings any longer and what i have to change to get it working with 3.4.8.


i used the very same main.cf and master.cf file with the following tls
related settings:
smtpd_tls_security_level = may
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_tls_mandatory_protocols = !SSLv2,!SSLv3
smtpd_tls_protocols = !SSLv2,!SSLv3
smtpd_tls_ciphers = low
smtpd_tls_cert_file = /etc/letsencrypt/certs/fullchain.pem
smtpd_tls_key_file = /etc/letsencrypt/certs/privkey.pem
smtpd_tls_dh1024_param_file = /etc/postfix/dhparams/dh2048.pem
smtpd_tls_dh512_param_file = /etc/postfix/dhparams/dh512.pem
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_tls_ask_ccert = yes
relay_clientcerts = hash:/etc/postfix/relay_clientcerts
smtpd_client_restrictions = permit_tls_clientcerts, check_client_access
hash:/etc/postfix/client_access, reject_rbl_client zen.spamhaus.org
smtpd_relay_restrictions = permit_tls_clientcerts, permit_mynetworks,
defer_unauth_destination


here's what the log file says:
Feb 22 08:50:07 mail postfix/smtpd[12952]: initializing the server-side TLS
engine
Feb 22 08:50:07 mail postfix/smtpd[12952]: connect from
bendel.debian.org[82.195.75.100]
Feb 22 08:50:07 mail postfix/smtpd[12952]: setting up TLS connection from
bendel.debian.org[82.195.75.100]
Feb 22 08:50:07 mail postfix/smtpd[12952]:
bendel.debian.org[82.195.75.100]: TLS cipher list
"aNULL:-aNULL:HIGH:MEDIUM:LOW:+RC4:@STRENGTH:!aNULL"
Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:before SSL
initialization
Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:before SSL
initialization
Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:SSLv3/TLS read client
hello
Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:SSLv3/TLS write
server hello
Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:SSLv3/TLS write
change cipher spec
Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:TLSv1.3 write
encrypted extensions
Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:SSLv3/TLS write
certificate request
Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:SSLv3/TLS write
certificate
Feb 22 08:50:07 mail postfix/smtpd[12815]: SSL_accept error from
bendel.debian.org[82.195.75.100]: lost connection
Feb 22 08:50:07 mail postfix/smtpd[12816]: SSL_accept error from
bendel.debian.org[82.195.75.100]: lost connection
Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:TLSv1.3 write server
certificate verify
Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:SSLv3/TLS write
finished
Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:TLSv1.3 early data


greetings...

Reply | Threaded
Open this post in threaded view
|

Re: tls stopped working after update from 3.1.14 to 3.4.8

Viktor Dukhovni
On Sun, Feb 23, 2020 at 10:45:14PM +0100, Michael wrote:

> After upgrading from debian stretch (providing postfix 3.1.14) to
> buster (providing postfix 3.4.8), I just found out that no incoming
> mail was received any longer.  Digging a little deeper showed me that
> turning of tls resolved this issue. but then again, there was no
> tls...
>
> I would appreciate a little help on why postfix doesn't like my old
> settings any longer and what I have to change to get it working with
> 3.4.8.
>
>
> I used the very same main.cf and master.cf file with the following tls
> related settings:

> smtpd_tls_security_level = may
> smtpd_tls_loglevel = 1

That's fine, but not consistent with the verbose logging below, did you
temporarily set a higher log level?

> smtpd_tls_ciphers = low

These days, "medium" makes more sense, the "low" and "export"
ciphers are dead.

> here's what the log file says:
> Feb 22 08:50:07 mail postfix/smtpd[12952]: initializing the server-side TLS engine
> Feb 22 08:50:07 mail postfix/smtpd[12952]: connect from bendel.debian.org[82.195.75.100]

TLS library initialization was successful.

> Feb 22 08:50:07 mail postfix/smtpd[12952]: setting up TLS connection from bendel.debian.org[82.195.75.100]
> Feb 22 08:50:07 mail postfix/smtpd[12952]: bendel.debian.org[82.195.75.100]: TLS cipher list "aNULL:-aNULL:HIGH:MEDIUM:LOW:+RC4:@STRENGTH:!aNULL"

That's the "low" cipherlist, so far so good...

> Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:before SSL initialization
> Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:before SSL initialization
> Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:SSLv3/TLS read client hello
> Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:SSLv3/TLS write server hello
> Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:SSLv3/TLS write change cipher spec
> Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:TLSv1.3 write encrypted extensions

Based on the TLS ClientHello, the server believes the client supports
TLS 1.3.

> Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:SSLv3/TLS write certificate request

And is soliciting a client certificate.

> Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:SSLv3/TLS write certificate

And sends its own.

> Feb 22 08:50:07 mail postfix/smtpd[12815]: SSL_accept error from
> bendel.debian.org[82.195.75.100]: lost connection
> Feb 22 08:50:07 mail postfix/smtpd[12816]: SSL_accept error from
> bendel.debian.org[82.195.75.100]: lost connection

These two are from an unrelated concurrent session and should be ignored.

> Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:TLSv1.3 write server
> certificate verify

The server signs its certificate message.

> Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:SSLv3/TLS write finished
> Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:TLSv1.3 early data

And is now ready to hear back from the client, but what happened next?
This isn't the end of the logging from smtpd[12952]...

--
    Viktor.
Reply | Threaded
Open this post in threaded view
|

Re: tls stopped working after update from 3.1.14 to 3.4.8

Michael-5
hey,

first, let me thank you for your answer. i really appreciate this!


On Monday, February 24, 2020 12:20:27 AM CET, Viktor Dukhovni wrote:
>> smtpd_tls_security_level = may
>> smtpd_tls_lloglevel = 1
>
> That's fine, but not consistent with the verbose logging below, did you
> temporarily set a higher log level?

yes, i'm sorry. i posted the original settings from my working postfix
3.1.14 installation that didn't work with postfix 3.4.8.
i tried to get to the bottom of this problem by gradually increasing
"smtpd_tls_loglevel", but with level "3" i was overwhelmed with the output
and stopped understanding most of it.

>> smtpd_tls_ciphers = low
>
> These days, "medium" makes more sense, the "low" and "export"
> ciphers are dead.

i new that even back then, but i had to support an old android 4.1.x phone
which didn't support higher ciphers. but since that phone is gone now, i
will change it to "medium".

> And is now ready to hear back from the client, but what happened next?
> This isn't the end of the logging from smtpd[12952]...

i am sorry, seems like i was too tired after dealing with this problem the
whole weekend. here's the rest (along with all the previous lines for
context):

# grep -F 'smtpd[12952]' /var/log/mail.log.1
Feb 22 08:50:07 mail postfix/smtpd[12952]: initializing the server-side TLS
engine
Feb 22 08:50:07 mail postfix/smtpd[12952]: connect from
bendel.debian.org[82.195.75.100]
Feb 22 08:50:07 mail postfix/smtpd[12952]: setting up TLS connection from
bendel.debian.org[82.195.75.100]
Feb 22 08:50:07 mail postfix/smtpd[12952]:
bendel.debian.org[82.195.75.100]: TLS cipher list
"aNULL:-aNULL:HIGH:MEDIUM:LOW:+RC4:@STRENGTH:!aNULL"
Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:before SSL
initialization
Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:before SSL
initialization
Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:SSLv3/TLS read client
hello
Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:SSLv3/TLS write
server hello
Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:SSLv3/TLS write
change cipher spec
Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:TLSv1.3 write
encrypted extensions
Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:SSLv3/TLS write
certificate request
Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:SSLv3/TLS write
certificate
Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:TLSv1.3 write server
certificate verify
Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:SSLv3/TLS write
finished
Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:TLSv1.3 early data
Feb 22 08:55:07 mail postfix/smtpd[12952]: SSL_accept:error in TLSv1.3
early data
Feb 22 08:55:07 mail postfix/smtpd[12952]: SSL_accept error from
bendel.debian.org[82.195.75.100]: lost connection
Feb 22 08:55:08 mail postfix/smtpd[12952]: lost connection after STARTTLS
from bendel.debian.org[82.195.75.100]
Feb 22 08:55:08 mail postfix/smtpd[12952]: disconnect from
bendel.debian.org[82.195.75.100] ehlo=1 starttls=0/1 commands=1/2


if you need anything else, please let me know.

greetings...
Reply | Threaded
Open this post in threaded view
|

Re: tls stopped working after update from 3.1.14 to 3.4.8

Viktor Dukhovni
>
> On Feb 24, 2020, at 2:27 AM, Michael <[hidden email]> wrote:
>
> Feb 22 08:50:07 mail postfix/smtpd[12952]: connect from bendel.debian.org[82.195.75.100]
> Feb 22 08:50:07 mail postfix/smtpd[12952]: setting up TLS connection from bendel.debian.org[82.195.75.100]
> Feb 22 08:50:07 mail postfix/smtpd[12952]: bendel.debian.org[82.195.75.100]: TLS cipher list "aNULL:-aNULL:HIGH:MEDIUM:LOW:+RC4:@STRENGTH:!aNULL"
> Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:before SSL initialization
> Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:before SSL initialization
> Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:SSLv3/TLS read client hello
> Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:SSLv3/TLS write server hello
> Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:SSLv3/TLS write change cipher spec
> Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:TLSv1.3 write encrypted extensions
> Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:SSLv3/TLS write certificate request
> Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:SSLv3/TLS write certificate
> Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:TLSv1.3 write server certificate verify
> Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:SSLv3/TLS write finished
> Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:TLSv1.3 early data
> Feb 22 08:55:07 mail postfix/smtpd[12952]: SSL_accept:error in TLSv1.3 early data
> Feb 22 08:55:07 mail postfix/smtpd[12952]: SSL_accept error from bendel.debian.org[82.195.75.100]: lost connection
> Feb 22 08:55:08 mail postfix/smtpd[12952]: lost connection after STARTTLS from bendel.debian.org[82.195.75.100]
> Feb 22 08:55:08 mail postfix/smtpd[12952]: disconnect from bendel.debian.org[82.195.75.100] ehlo=1 starttls=0/1 commands=1/2

This looks like a client (or firewall, etc. in between) that does not
correctly support TLS 1.3.  What's new on your system is not Postfix 3.4,
but a sufficiently recent version of OpenSSL that has TLS 1.3 support.

The client appears to have just disconnected after the server's "finished"
message, with no TLS alert sent to indicate the nature of the problem.

You could try getting a PCAP file, and decode that, but with TLS 1.3,
a large fraction of the handshake is encrypted, debugging can be
more difficult.

Were TLS sessions failing from all senders or just particular systems?

--
--
        Viktor.

Reply | Threaded
Open this post in threaded view
|

Re: tls stopped working after update from 3.1.14 to 3.4.8

Michael-5
hey,

On Monday, February 24, 2020 9:47:49 AM CET, Viktor Dukhovni wrote:
> This looks like a client (or firewall, etc. in between) that does not
> correctly support TLS 1.3.  What's new on your system is not Postfix 3.4,
> but a sufficiently recent version of OpenSSL that has TLS 1.3 support.

i came to the same conclusion.
the thing is, if i do an "openssl s_client -starttls ..." from openssl
1.1.0l, there is only a tls1.2 connection established:
Feb 24 09:50:02 mail postfix/smtpd[8086]: connect from
reverse.hemathor.de[87.253.250.109]
Feb 24 09:50:02 mail postfix/smtpd[8086]: setting up TLS connection from
reverse.hemathor.de[87.253.250.109]
Feb 24 09:50:02 mail postfix/smtpd[8086]:
reverse.hemathor.de[87.253.250.109]: TLS cipher list
"aNULL:-aNULL:HIGH:MEDIUM:+RC4:@STRENGTH"
Feb 24 09:50:02 mail postfix/smtpd[8086]: SSL_accept:before SSL
initialization
Feb 24 09:50:02 mail postfix/smtpd[8086]: SSL_accept:before SSL
initialization
Feb 24 09:50:02 mail postfix/smtpd[8086]: SSL_accept:SSLv3/TLS read client
hello
Feb 24 09:50:02 mail postfix/smtpd[8086]: SSL_accept:SSLv3/TLS write server
hello
Feb 24 09:50:02 mail postfix/smtpd[8086]: SSL_accept:SSLv3/TLS write
certificate
Feb 24 09:50:02 mail postfix/smtpd[8086]: SSL_accept:SSLv3/TLS write key
exchange
Feb 24 09:50:02 mail postfix/smtpd[8086]: SSL_accept:SSLv3/TLS write server
done
Feb 24 09:50:02 mail postfix/smtpd[8086]: SSL_accept:SSLv3/TLS write server
done
Feb 24 09:50:02 mail postfix/smtpd[8086]: SSL_accept:SSLv3/TLS read client
key exchange
Feb 24 09:50:02 mail postfix/smtpd[8086]: SSL_accept:SSLv3/TLS read change
cipher spec
Feb 24 09:50:02 mail postfix/smtpd[8086]: SSL_accept:SSLv3/TLS read
finished
Feb 24 09:50:02 mail postfix/smtpd[8086]:
reverse.hemathor.de[87.253.250.109]: Issuing session ticket, key
expiration: 1582535905
Feb 24 09:50:02 mail postfix/smtpd[8086]: SSL_accept:SSLv3/TLS write
session ticket
Feb 24 09:50:02 mail postfix/smtpd[8086]: SSL_accept:SSLv3/TLS write change
cipher spec
Feb 24 09:50:02 mail postfix/smtpd[8086]: SSL_accept:SSLv3/TLS write
finished
Feb 24 09:50:02 mail postfix/smtpd[8086]: Anonymous TLS connection
established from reverse.hemathor.de[87.253.250.109]: TLSv1.2 with cipher
ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
Feb 24 09:50:14 mail postfix/smtpd[8086]: disconnect from
reverse.hemathor.de[87.253.250.109] ehlo=1 starttls=1 quit=1 commands=3

whereas from the same box where postfix 3.4.8 is running, providing openssl
1.1.1d, the starttls command fails to establish a tls1.3 connection with my
public ip address:
Feb 24 09:59:51 sunflower postfix/smtpd[8185]: initializing the server-side
TLS engine
Feb 24 09:59:51 sunflower postfix/smtpd[8185]: connect from
reverse.hemathor.de[87.253.250.109]
Feb 24 09:59:51 sunflower postfix/smtpd[8185]: setting up TLS connection
from reverse.hemathor.de[87.253.250.109]
Feb 24 09:59:51 sunflower postfix/smtpd[8185]:
reverse.hemathor.de[87.253.250.109]: TLS cipher list
"aNULL:-aNULL:HIGH:MEDIUM:+RC4:@STRENGTH"
Feb 24 09:59:51 sunflower postfix/smtpd[8185]: SSL_accept:before SSL
initialization
Feb 24 09:59:51 sunflower postfix/smtpd[8185]: SSL_accept:before SSL
initialization
Feb 24 09:59:51 sunflower postfix/smtpd[8185]: SSL_accept:SSLv3/TLS read
client hello
Feb 24 09:59:51 sunflower postfix/smtpd[8185]: SSL_accept:SSLv3/TLS write
server hello
Feb 24 09:59:51 sunflower postfix/smtpd[8185]: SSL_accept:SSLv3/TLS write
change cipher spec
Feb 24 09:59:51 sunflower postfix/smtpd[8185]: SSL_accept:TLSv1.3 write
encrypted extensions
Feb 24 09:59:51 sunflower postfix/smtpd[8185]: SSL_accept:SSLv3/TLS write
certificate
Feb 24 09:59:51 sunflower postfix/smtpd[8185]: SSL_accept:TLSv1.3 write
server certificate verify
Feb 24 09:59:51 sunflower postfix/smtpd[8185]: SSL_accept:SSLv3/TLS write
finished
Feb 24 09:59:51 sunflower postfix/smtpd[8185]: SSL_accept:TLSv1.3 early
data
Feb 24 09:59:56 sunflower postfix/smtpd[8185]: SSL_accept:error in TLSv1.3
early data
Feb 24 09:59:56 sunflower postfix/smtpd[8185]: SSL_accept error from
reverse.hemathor.de[87.253.250.109]: lost connection
Feb 24 09:59:56 sunflower postfix/smtpd[8185]: lost connection after
STARTTLS from reverse.hemathor.de[87.253.250.109]
Feb 24 09:59:56 sunflower postfix/smtpd[8185]: disconnect from
reverse.hemathor.de[87.253.250.109] ehlo=1 starttls=0/1 commands=1/2

if i do a "openssl s_client -starttls -connect localhost:25" everything
seems to work fine:
Feb 24 10:04:45 sunflower postfix/smtpd[8219]: initializing the server-side
TLS engine
Feb 24 10:04:45 sunflower postfix/smtpd[8219]: connect from
localhost.localdomain[127.0.0.1]
Feb 24 10:04:45 sunflower postfix/smtpd[8219]: setting up TLS connection
from localhost.localdomain[127.0.0.1]
Feb 24 10:04:45 sunflower postfix/smtpd[8219]:
localhost.localdomain[127.0.0.1]: TLS cipher list
"aNULL:-aNULL:HIGH:MEDIUM:+RC4:@STRENGTH"
Feb 24 10:04:45 sunflower postfix/smtpd[8219]: SSL_accept:before SSL
initialization
Feb 24 10:04:45 sunflower postfix/smtpd[8219]: SSL_accept:before SSL
initialization
Feb 24 10:04:45 sunflower postfix/smtpd[8219]: SSL_accept:SSLv3/TLS read
client hello
Feb 24 10:04:45 sunflower postfix/smtpd[8219]: SSL_accept:SSLv3/TLS write
server hello
Feb 24 10:04:45 sunflower postfix/smtpd[8219]: SSL_accept:SSLv3/TLS write
change cipher spec
Feb 24 10:04:45 sunflower postfix/smtpd[8219]: SSL_accept:TLSv1.3 write
encrypted extensions
Feb 24 10:04:45 sunflower postfix/smtpd[8219]: SSL_accept:SSLv3/TLS write
certificate
Feb 24 10:04:45 sunflower postfix/smtpd[8219]: SSL_accept:TLSv1.3 write
server certificate verify
Feb 24 10:04:45 sunflower postfix/smtpd[8219]: SSL_accept:SSLv3/TLS write
finished
Feb 24 10:04:45 sunflower postfix/smtpd[8219]: SSL_accept:TLSv1.3 early
data
Feb 24 10:04:45 sunflower postfix/smtpd[8219]: SSL_accept:TLSv1.3 early
data
Feb 24 10:04:45 sunflower postfix/smtpd[8219]: SSL_accept:SSLv3/TLS read
finished
Feb 24 10:04:45 sunflower postfix/smtpd[8219]:
localhost.localdomain[127.0.0.1]: Issuing session ticket, key expiration:
1582535905
Feb 24 10:04:45 sunflower postfix/smtpd[8219]:
localhost.localdomain[127.0.0.1]: save session
A6A541AFF676317F23373D25CA5DA4903AC8DEF759A0875054B0E67C6AABEA83&s=smtp&l=269488207
to smtpd cache
Feb 24 10:04:45 sunflower postfix/tlsmgr[8087]: put smtpd session
id=A6A541AFF676317F23373D25CA5DA4903AC8DEF759A0875054B0E67C6AABEA83&s=smtp&l=269488207
[data 136 bytes]
Feb 24 10:04:45 sunflower postfix/tlsmgr[8087]: write smtpd TLS cache entry
A6A541AFF676317F23373D25CA5DA4903AC8DEF759A0875054B0E67C6AABEA83&s=smtp&l=269488207:
time=1582535085 [data 136 bytes]
Feb 24 10:04:45 sunflower postfix/smtpd[8219]: SSL_accept:SSLv3/TLS write
session ticket
Feb 24 10:04:45 sunflower postfix/smtpd[8219]: Anonymous TLS connection
established from localhost.localdomain[127.0.0.1]: TLSv1.3 with cipher
TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature
RSA-PSS (4096 bits) server-digest SHA256
Feb 24 10:04:51 sunflower postfix/smtpd[8219]: disconnect from
localhost.localdomain[127.0.0.1] ehlo=1 starttls=1 quit=1 commands=3


so, do i have a mim (aka router, firewall) which prevents a tls1.3
connection to be established? and if so: why? my understanding is, that a
router/firewall is not interested in the content (tls level and/or
negotiation), but simply routes ip/tcp packet based on metadata, not
content. or am i missing something?

greetings...
Reply | Threaded
Open this post in threaded view
|

Re: tls stopped working after update from 3.1.14 to 3.4.8

Michael-5
In reply to this post by Viktor Dukhovni
i forgot:

On Monday, February 24, 2020 9:47:49 AM CET, Viktor Dukhovni wrote:
> Were TLS sessions failing from all senders or just particular systems?

it seemes to me, that all tls sessions failed, since no mail was delivered
at all after the switch.

greetings...

Reply | Threaded
Open this post in threaded view
|

Re: tls stopped working after update from 3.1.14 to 3.4.8

Scott Kitterman-4
In reply to this post by Viktor Dukhovni


On February 24, 2020 8:47:49 AM UTC, Viktor Dukhovni <[hidden email]> wrote:

>>
>> On Feb 24, 2020, at 2:27 AM, Michael <[hidden email]> wrote:
>>
>> Feb 22 08:50:07 mail postfix/smtpd[12952]: connect from
>bendel.debian.org[82.195.75.100]
>> Feb 22 08:50:07 mail postfix/smtpd[12952]: setting up TLS connection
>from bendel.debian.org[82.195.75.100]
>> Feb 22 08:50:07 mail postfix/smtpd[12952]:
>bendel.debian.org[82.195.75.100]: TLS cipher list
>"aNULL:-aNULL:HIGH:MEDIUM:LOW:+RC4:@STRENGTH:!aNULL"
>> Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:before SSL
>initialization
>> Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:before SSL
>initialization
>> Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:SSLv3/TLS read
>client hello
>> Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:SSLv3/TLS write
>server hello
>> Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:SSLv3/TLS write
>change cipher spec
>> Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:TLSv1.3 write
>encrypted extensions
>> Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:SSLv3/TLS write
>certificate request
>> Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:SSLv3/TLS write
>certificate
>> Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:TLSv1.3 write
>server certificate verify
>> Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:SSLv3/TLS write
>finished
>> Feb 22 08:50:07 mail postfix/smtpd[12952]: SSL_accept:TLSv1.3 early
>data
>> Feb 22 08:55:07 mail postfix/smtpd[12952]: SSL_accept:error in
>TLSv1.3 early data
>> Feb 22 08:55:07 mail postfix/smtpd[12952]: SSL_accept error from
>bendel.debian.org[82.195.75.100]: lost connection
>> Feb 22 08:55:08 mail postfix/smtpd[12952]: lost connection after
>STARTTLS from bendel.debian.org[82.195.75.100]
>> Feb 22 08:55:08 mail postfix/smtpd[12952]: disconnect from
>bendel.debian.org[82.195.75.100] ehlo=1 starttls=0/1 commands=1/2
>
>This looks like a client (or firewall, etc. in between) that does not
>correctly support TLS 1.3.  What's new on your system is not Postfix
>3.4,
>but a sufficiently recent version of OpenSSL that has TLS 1.3 support.
>
>The client appears to have just disconnected after the server's
>"finished"
>message, with no TLS alert sent to indicate the nature of the problem.
>
>You could try getting a PCAP file, and decode that, but with TLS 1.3,
>a large fraction of the handshake is encrypted, debugging can be
>more difficult.
>
>Were TLS sessions failing from all senders or just particular systems?

Since the host in the example is a Debian mail server (it hosts the project mailing lists), I checked.  It's running Debian 10 (same as the OP) using Postfix 3.4 (.6, .7, or .8 depending on when it was last updated), so it should support TLS 1.3 with no problem (I don't have access to the Postfix or Openssl configuration, so in theory it could have been manually disabled).  That points to your "or something in between" theory.  Since it appears to be all hosts, I'd guess something very nearby the OP's system.

Scott K