[openssl-dev] [openssl.org #3977] bug report : Ubutu 12.0.4 : Openssl 1.0.1p : allowing connections with EXP cipher

Mon Aug 3 12:03:26 UTC 2015

Hi,

I updated openssl version to 1.0.1p (to address logjam) and configured
sendmail.

To verify the logjam fix, I used openssl s_client and connected to the smtp
server.
---------------
Default log:
----------------
$ openssl s_client -starttls smtp -crlf -connect 127.0.0.1:25 -cipher EXP
CONNECTED(00000003)
140482363598496:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3
alert handshake failure:s23_clnt.c:757:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 443 bytes and written 108 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
---

$ openssl s_client -starttls smtp -crlf -connect 127.0.0.1:25 -cipher
EXP-EDH-RSA-DES-CBC-SHA
CONNECTED(00000003)
140483069028000:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3
alert handshake failure:s23_clnt.c:757:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 443 bytes and written 134 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
---

Now, I configured sendmail to set the CIPHER LIST as ALL

$cat /etc/mail/sendmail.cf
.....
.....
O DHParameters=5
O CipherList=ALL
$

Here, I observe that smtp is allowing connections with
EXP-EDH-RSA-DES-CBC-SHA ciphers
------
Log:
------
$ openssl s_client -starttls smtp -crlf -connect 127.0.0.1:25
CONNECTED(00000003)
depth=1 C = In, ST = Kar, L = Ban, O = IBM, CN = test
verify error:num=19:self signed certificate in certificate chain
verify return:0
140467858261664:error:14082174:SSL
routines:SSL3_CHECK_CERT_AND_ALGORITHM:dh key too small:s3_clnt.c:3366:
---
Certificate chain
 0 s:/C=In/ST=Kar/L=Ban/O=IBM/CN=test
   i:/C=In/ST=Kar/L=Ban/O=IBM/CN=test
 1 s:/C=In/ST=Kar/L=Ban/O=IBM/CN=test
   i:/C=In/ST=Kar/L=Ban/O=IBM/CN=test
---
Server certificate
-----BEGIN CERTIFICATE-----
MIICfTCCAeagAwIBAgIBATANBgkqhkiG9w0BAQUFADBGMQswCQYDVQQGEwJJbjEM
MAoGA1UECAwDS2FyMQwwCgYDVQQHDANCYW4xDDAKBgNVBAoMA0lCTTENMAsGA1UE
AwwEdGVzdDAeFw0xNTA4MDMxMDM0NDlaFw0xNjA4MDIxMDM0NDlaMEYxCzAJBgNV
BAYTAkluMQwwCgYDVQQIDANLYXIxDDAKBgNVBAcMA0JhbjEMMAoGA1UECgwDSUJN
MQ0wCwYDVQQDDAR0ZXN0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCvezpb
zeN3b246bSI240IO2SXjk1IQVCdFY88LDurJPUZ6ifkPXm4XD32HfpXYrCCBYPHz
fw5TjOIbAsyl7qSmeidKExapkvuWOhcnTfUIQabOJ6lJnDtWBRX31SXvP8TyuP7u
qD6sJsSFq2ZhHNqvXcmKlpKMKSPjikB7uatkyQIDAQABo3sweTAJBgNVHRMEAjAA
MCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAd
BgNVHQ4EFgQULHCyiorz14LsQKUYOpYP2UdtzE8wHwYDVR0jBBgwFoAUVw8ulnsu
iWYgrABr1o8JYlXXFJcwDQYJKoZIhvcNAQEFBQADgYEAj7oMBUwMaheaVo6VgS+r
QyBzfPfZG6npRf65cpn9k5zyEqgn/B+3zFRw3oODo8zkQu3pF3+mOFsdaxsQfuGg
u0aTWSs3EC8dNW4UxfNXIS82PH9cmVSi9go8+2w0InAQF+n13IT87nHDfgPjvZVO
yDjGIxDUqyRCmiWoh8g0LyA=
-----END CERTIFICATE-----
subject=/C=In/ST=Kar/L=Ban/O=IBM/CN=test
issuer=/C=In/ST=Kar/L=Ban/O=IBM/CN=test
---
No client certificate CA names sent
---
SSL handshake has read 2040 bytes and written 7 bytes
---
New, (NONE), Cipher is (NONE)
Server public key is 1024 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : 0000
    Session-ID:
    Session-ID-ctx:
    Master-Key:
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1438601133
    Timeout   : 300 (sec)
    Verify return code: 19 (self signed certificate in certificate chain)
---
$

$ openssl s_client -starttls smtp -crlf -connect 127.0.0.1:25 -cipher
EXP-EDH-RSA-DES-CBC-SHA
CONNECTED(00000003)
depth=1 C = In, ST = Kar, L = Ban, O = IBM, CN = test
verify error:num=19:self signed certificate in certificate chain
verify return:0
---
Certificate chain
 0 s:/C=In/ST=Kar/L=Ban/O=IBM/CN=test
   i:/C=In/ST=Kar/L=Ban/O=IBM/CN=test
 1 s:/C=In/ST=Kar/L=Ban/O=IBM/CN=test
   i:/C=In/ST=Kar/L=Ban/O=IBM/CN=test
---
Server certificate
-----BEGIN CERTIFICATE-----
MIICfTCCAeagAwIBAgIBATANBgkqhkiG9w0BAQUFADBGMQswCQYDVQQGEwJJbjEM
MAoGA1UECAwDS2FyMQwwCgYDVQQHDANCYW4xDDAKBgNVBAoMA0lCTTENMAsGA1UE
AwwEdGVzdDAeFw0xNTA4MDMxMDM0NDlaFw0xNjA4MDIxMDM0NDlaMEYxCzAJBgNV
BAYTAkluMQwwCgYDVQQIDANLYXIxDDAKBgNVBAcMA0JhbjEMMAoGA1UECgwDSUJN
MQ0wCwYDVQQDDAR0ZXN0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCvezpb
zeN3b246bSI240IO2SXjk1IQVCdFY88LDurJPUZ6ifkPXm4XD32HfpXYrCCBYPHz
fw5TjOIbAsyl7qSmeidKExapkvuWOhcnTfUIQabOJ6lJnDtWBRX31SXvP8TyuP7u
qD6sJsSFq2ZhHNqvXcmKlpKMKSPjikB7uatkyQIDAQABo3sweTAJBgNVHRMEAjAA
MCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAd
BgNVHQ4EFgQULHCyiorz14LsQKUYOpYP2UdtzE8wHwYDVR0jBBgwFoAUVw8ulnsu
iWYgrABr1o8JYlXXFJcwDQYJKoZIhvcNAQEFBQADgYEAj7oMBUwMaheaVo6VgS+r
QyBzfPfZG6npRf65cpn9k5zyEqgn/B+3zFRw3oODo8zkQu3pF3+mOFsdaxsQfuGg
u0aTWSs3EC8dNW4UxfNXIS82PH9cmVSi9go8+2w0InAQF+n13IT87nHDfgPjvZVO
yDjGIxDUqyRCmiWoh8g0LyA=
-----END CERTIFICATE-----
subject=/C=In/ST=Kar/L=Ban/O=IBM/CN=test
issuer=/C=In/ST=Kar/L=Ban/O=IBM/CN=test
---
Acceptable client certificate CA names
/C=In/ST=Kar/L=Ban/O=IBM/CN=test
---
SSL handshake has read 2401 bytes and written 280 bytes
---
New, TLSv1/SSLv3, Cipher is EXP-EDH-RSA-DES-CBC-SHA
Server public key is 1024 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : EXP-EDH-RSA-DES-CBC-SHA
    Session-ID:
94D8F8A53F856AEF7A2B48A68E16D23FBD30D0791E07C3CE32840DCB09F16396
    Session-ID-ctx:
    Master-Key:
B38ED908A44158B5AE012BDA921A2881AF0F43DABACC2C3DDBBF0E9D29D5CDB724E774455136772BBAF3DBBAFE67DE8A
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 1 (seconds)
    TLS session ticket:
    0000 - 7b 61 cf aa 7c 2c bd 5c-3f ce c3 5f 1e 80 59 19
{a..|,.\?.._..Y.
    0010 - 3d 38 e8 3e 9e 2b e0 73-8f 94 c6 f0 58 ed a6 ed
=8.>.+.s....X...
    0020 - c6 27 e2 98 cc f8 68 88-8f 50 d2 1d 19 fb dc 77
.'....h..P.....w
    0030 - 7c 8d 4b 4a 09 90 a4 88-0d 0f cf 98 da 9d f5 be
|.KJ............
    0040 - 65 37 db 30 fa d9 1c 27-52 75 ee 51 b8 6a c8 81
e7.0...'Ru.Q.j..
    0050 - 84 7c 7c 87 36 f4 21 2a-51 87 73 92 24 8d 1d 55
.||.6.!*Q.s.$..U
    0060 - 66 fa 7f 19 f9 9d b4 a6-4d 32 b7 aa e5 1a f3 a8
f.......M2......
    0070 - e3 07 ef 3d 62 db 3a 75-db 80 82 93 86 cc f1 55
...=b.:u.......U
    0080 - 26 8b f7 a2 af 04 eb 71-31 43 04 73 18 99 4d ea
&......q1C.s..M.
    0090 - 3b e0 63 4d d4 05 95 37-67 63 ce a7 33 a6 d7 e6
;.cM...7gc..3...

    Start Time: 1438601220
    Timeout   : 300 (sec)
    Verify return code: 19 (self signed certificate in certificate chain)
---
250 HELP

As seen above, smtp is allowing the connection when configured with
EXP-EDH-RSA-DES-CBC-SHA cipher

As per the statement in
https://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changes/
-
"Export cipher suites are disabled by default"
I was expecting that openssl will reject connection request with EXP cipher
which is not happening as seen above.
Could you please verify this? Thanks

Regards
Sandeep

-------------- next part --------------
_______________________________________________
openssl-bugs-mod mailing list
openssl-bugs-mod at openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod