On Thu, Sep 19, 2024 at 02:39:11PM +0200, Geert Hendrickx via Postfix-users
wrote:
> On Thu, Sep 19, 2024 at 21:41:44 +1000, Viktor Dukhovni via Postfix-users
> wrote:
> > Can you build Postfix after running "makedefs" with "OPT='-g -ggdb3'",
> > and set a break-point in posttls-finger at line ~1054 of tls_misc.c:
> >
> > 1054 if (tls_get_peer_dh_pubkey(ssl, &dh_pkey)) {
>
>
> With a PQC KEM, this if evaluates to false, so the entire nid evaluation
> block is skipped. But in both scenarios, PQC and X25519, the key_share
> succeeds from first ClientHello, no HRR (as I'm consciously sending only
> one group in these tests).
Ah, this is in fact expected, a KEM is not an (EC)DH-like key exchange,
the client never receives a server public key, so there's no plausible
peer_dh_pubkey. However, as of OpenSSL 3.2, one can directly ask for
the negotiated group name.
So you should be able to apply the top-most commit at:
https://github.com/vdukhovni/postfix/commits/provider-kex/
to a Postfix 3.10-20240917 (or earlier, modulo the expected conflict in
the HISTORY file) snapshot, and have the group name also on the client
side. Your OpenSSL runtime will need to be 3.2 or later, or else you
still won't get the group name, but perhaps that's needed for KEM
support in any case...
--
Viktor.
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
