TLS handshake fails ("SSL_accept:error in error") for server->server connection (smtp submit dovecot->postfix) if /etc/pki/tls/openssl.cnf "Options=" includes 'ServerPreference' ?

PGNet Dev pgnet.dev at gmail.com
Fri Sep 25 03:30:35 UTC 2020 

On 9/24/20 7:32 PM, Viktor Dukhovni wrote:
> On Thu, Sep 24, 2020 at 06:43:05PM -0700, PGNet Dev wrote:
> 
>> Been awhile since I 'de-noised' a comms dump; I'll dust off my notes, & work on getting a useful/relevant PCAP file ...
> 
>      # tcpdump -s0 -w /some/file tcp port 12345

thx, was already rattling around in the docs!

> for notes on using "tshark" to extract the detailed protocol
> diagnostics.  These can be somewhat disappointing with TLS 1.3,
> because privacy...(most of the handshake is encrypted).

useful read

> Looking at the upstream OpenSSL source, the first thing to note is that
> the prefer chacha setting has no effect at all, unless you also have
> server preference set (which you can do with Postfix settings, rather
> than globally in the config file).

i've tried with both

	tls_preempt_cipherlist = yes

enabling postfix's cipher-suite prefs

and with 
 
	tls_preempt_cipherlist = no


which iiuc uses the openssl.cnf 'global' setting

> Secondly, the effect of "prefer chacha" is to just synthesize a
> transient ordered list of server cipher preferences that moves any
> cha-cha ciphers to the top, cipher selection then continues as usual.

yup, that's one goal  ... use chacha whenever available.

> So your reported symptoms re protocol version mismatch look rather
> perplexing, don't know what the client is doing, and whether the client
> is even linked with OpenSSL?  Is dovecot using OpenSSL or GnuTLS?

dovecot's using openssl.  it's used by default,

	https://wiki2.dovecot.org/CompilingSource#SSL.2FTLS_Support

unclear if gnutls is supported still. in any case, the pkgs are built with openssl,

	https://src.fedoraproject.org/rpms/dovecot/blob/master/f/dovecot.spec#_155


now to the tcpdump ...

for this instance with

	dovecot --version
		2.3.10.1 (a3d0e1171)
	postconf mail_version
		mail_version = 3.5.7
	openssl version
		OpenSSL 1.1.1g FIPS  21 Apr 2020

	dovecot submission port == 60465
	postfix submission port == 465
	
&

	cat /etc/pki/tls/openssl.cnf
		openssl_conf = default_conf

		[default_conf]
		ssl_conf = ssl_sect

		[ssl_sect]
		system_default = system_default_sect

		[system_default_sect]
!!		Options = ServerPreference,PrioritizeChaCha


submitting the 'failed' (as above) message

	cat ~/test.eml | msmtp -a internal testrecipient at example.com

with this tshark cmd,

	tshark -n -V -i lo -d tcp.port==465,tls or -d tcp.port==60465,tls

which i think does the trick?, the dump of dissected tls packets from both submission ports, is here: https://is.gd/d5R67s

More information about the openssl-users mailing list