On Wed, Sep 18, 2024 at 21:29:07 +1000, Viktor Dukhovni via Postfix-users wrote:
> On Wed, Sep 18, 2024 at 01:04:58PM +0200, Geert Hendrickx wrote:
>
> > Specifically, this provider implements new Key Encapsulation Methods like
> > "x25519_kyber768", which I can use with `openssl s_server -groups`, or with
> > nginx as `ssl_ecdh_curve`, but not with Postfix in `tls_eecdh_auto_curves`.
> > Postfix keeps logging:
> >
> > > warning: ignoring unknown key exchange group "x25519_kyber768"
>
> What Postfix process is logging this?
smtpd, as soon as I connect to port 25 (ie., as soon as smtpd is started
and reads this config). It gets logged twice at the same time, strangely.
> You should initially test with "posttls-finger",
`posttls-finger -L ssl-debug` shows succesful TLS negotiation, but without
much detail on the TLS options. I can tell from wireshark that the client
(s_client) advertises x25519_kyber768, but the server doesn't select it (as
it already logged on startup that it doesn't know this "group").
> and ultimately make sure that your smtp(8) and/or smtpd(8) processes are
> not chrooted, lest that get in the way of loading the provider.
Not chrooted. Both strace and lsof confirm that the oqsprovider.so module
is being linked by smtpd (and later handed over to tlsmgr).
> > Looking at the code in src/tls/tls_dh.c, Postfix verifies each group name
> > in tls_eecdh_auto_curves and tls_ffdhe_auto_groups with OBJ_sn2nid(3),
>
> And then tries to use the group in a throw-away SSL_CTX, but I guess
> that would not log the above warning:
>
> int nid = EC_curve_nist2nid(group);
>
> if (nid == NID_undef)
> nid = OBJ_sn2nid(group);
> if (nid == NID_undef)
> nid = OBJ_ln2nid(group);
> if (nid == NID_undef) {
> msg_warn("ignoring unknown key exchange group \"%s\"", group);
> continue;
> }
Indeed it already fails at one of the *2nid calls. nginx uses only OBJ_sn2nid:
https://github.com/nginx/nginx/blob/master/src/event/ngx_event_openssl.c#L1540
with success on the exact same group list.
> Are your Postfix executables linked against the same OpenSSL library that
> has support for these new groups?
>
> > but so does nginx, which does accept that name.
>
> Must be linked with a different OpenSSL then.
No, both are linked to the system openssl 3.3.2 library, there is no other.
(openssl, postfix, nginx are all standard Arch Linux packages, only liboqs
and oqs-provider are installed manually)
So you also expect this should work out of the box?
Geert
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
