TLS handshake fails ("SSL_accept:error in error") for server->server connection (smtp submit dovecot->postfix) if /etc/pki/tls/openssl.cnf "Options=" includes 'ServerPreference' ?
pgnet.dev at gmail.com
Fri Sep 25 03:30:35 UTC 2020
On 9/24/20 7:32 PM, Viktor Dukhovni wrote:
> On Thu, Sep 24, 2020 at 06:43:05PM -0700, PGNet Dev wrote:
>> Been awhile since I 'de-noised' a comms dump; I'll dust off my notes, & work on getting a useful/relevant PCAP file ...
> # tcpdump -s0 -w /some/file tcp port 12345
thx, was already rattling around in the docs!
> for notes on using "tshark" to extract the detailed protocol
> diagnostics. These can be somewhat disappointing with TLS 1.3,
> because privacy...(most of the handshake is encrypted).
> Looking at the upstream OpenSSL source, the first thing to note is that
> the prefer chacha setting has no effect at all, unless you also have
> server preference set (which you can do with Postfix settings, rather
> than globally in the config file).
i've tried with both
tls_preempt_cipherlist = yes
enabling postfix's cipher-suite prefs
tls_preempt_cipherlist = no
which iiuc uses the openssl.cnf 'global' setting
> Secondly, the effect of "prefer chacha" is to just synthesize a
> transient ordered list of server cipher preferences that moves any
> cha-cha ciphers to the top, cipher selection then continues as usual.
yup, that's one goal ... use chacha whenever available.
> So your reported symptoms re protocol version mismatch look rather
> perplexing, don't know what the client is doing, and whether the client
> is even linked with OpenSSL? Is dovecot using OpenSSL or GnuTLS?
dovecot's using openssl. it's used by default,
unclear if gnutls is supported still. in any case, the pkgs are built with openssl,
now to the tcpdump ...
for this instance with
mail_version = 3.5.7
OpenSSL 1.1.1g FIPS 21 Apr 2020
dovecot submission port == 60465
postfix submission port == 465
openssl_conf = default_conf
ssl_conf = ssl_sect
system_default = system_default_sect
!! Options = ServerPreference,PrioritizeChaCha
submitting the 'failed' (as above) message
cat ~/test.eml | msmtp -a internal testrecipient at example.com
with this tshark cmd,
tshark -n -V -i lo -d tcp.port==465,tls or -d tcp.port==60465,tls
which i think does the trick?, the dump of dissected tls packets from both submission ports, is here: https://is.gd/d5R67s
More information about the openssl-users