TLS handshake fails ("SSL_accept:error in error") for server->server connection (smtp submit dovecot->postfix) if /etc/pki/tls/openssl.cnf "Options=" includes 'ServerPreference' ?

PGNet Dev at
Fri Sep 25 03:30:35 UTC 2020

On 9/24/20 7:32 PM, Viktor Dukhovni wrote:
> On Thu, Sep 24, 2020 at 06:43:05PM -0700, PGNet Dev wrote:
>> Been awhile since I 'de-noised' a comms dump; I'll dust off my notes, & work on getting a useful/relevant PCAP file ...
>      # tcpdump -s0 -w /some/file tcp port 12345

thx, was already rattling around in the docs!

> for notes on using "tshark" to extract the detailed protocol
> diagnostics.  These can be somewhat disappointing with TLS 1.3,
> because privacy...(most of the handshake is encrypted).

useful read

> Looking at the upstream OpenSSL source, the first thing to note is that
> the prefer chacha setting has no effect at all, unless you also have
> server preference set (which you can do with Postfix settings, rather
> than globally in the config file).

i've tried with both

	tls_preempt_cipherlist = yes

enabling postfix's cipher-suite prefs

and with 
	tls_preempt_cipherlist = no

which iiuc uses the openssl.cnf 'global' setting

> Secondly, the effect of "prefer chacha" is to just synthesize a
> transient ordered list of server cipher preferences that moves any
> cha-cha ciphers to the top, cipher selection then continues as usual.

yup, that's one goal  ... use chacha whenever available.

> So your reported symptoms re protocol version mismatch look rather
> perplexing, don't know what the client is doing, and whether the client
> is even linked with OpenSSL?  Is dovecot using OpenSSL or GnuTLS?

dovecot's using openssl.  it's used by default,

unclear if gnutls is supported still. in any case, the pkgs are built with openssl,

now to the tcpdump ...

for this instance with

	dovecot --version (a3d0e1171)
	postconf mail_version
		mail_version = 3.5.7
	openssl version
		OpenSSL 1.1.1g FIPS  21 Apr 2020

	dovecot submission port == 60465
	postfix submission port == 465

	cat /etc/pki/tls/openssl.cnf
		openssl_conf = default_conf

		ssl_conf = ssl_sect

		system_default = system_default_sect

!!		Options = ServerPreference,PrioritizeChaCha

submitting the 'failed' (as above) message

	cat ~/test.eml | msmtp -a internal testrecipient at

with this tshark cmd,

	tshark -n -V -i lo -d tcp.port==465,tls or -d tcp.port==60465,tls

which i think does the trick?, the dump of dissected tls packets from both submission ports, is here:

More information about the openssl-users mailing list