Viktor Dukhovni wrote:
> On Thu, Jul 11, 2013 at 01:47:09PM +0200, Stefan Jakobs wrote:
> > $ openssl s_client -no_ssl2 -reconnect -starttls smtp -state -cipher \
> >
> > "ALL:+RC4:@STRENGTH" -connect server.example.com:25
> >
> > 250 DSN
> > drop connection and then reconnect
> > SSL3 alert write:warning:close notify
> > CONNECTED(00000003)
> > SSL_connect:before/connect initialization
> > SSL_connect:SSLv3 write client hello A
> > SSL3 alert write:fatal:protocol version
> > SSL_connect:error in SSLv3 read server hello A
> > 13820:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version
>
> > number:s3_pkt.c:281:
> Unfortunately, the "reconnect" code in s_client (at least with
> 0.9.8j) forgets to do SMTP "STARTTLS", so this fails because
> "220 hostname" is not an SSL server HELO.
>
> A better diagnostic utility is available with the latest Postfix
> 2.11 snapshot. You don't need to install it (no need to upgrade
> to Postfix 2.11), just compile postfix-2.11-20130710 with TLS
> support and run:
>
> ./bin/posttls-finger -p "" -lmay -Lsummary,cache,debug -r 1 \
> "[server.example.com]"
>
> This will report more useful results.
$ posttls-finger -p "" -lmay -Lsummary,cache,debug -r 1 "[aa.bb.cc.dd]"
posttls-finger: initializing the client-side TLS engine
posttls-finger: Connected to aa.bb.cc.dd[aa.bb.cc.dd]:25
posttls-finger: < 220 server.example.com ESMTP Postfix (Ubuntu)
posttls-finger: > EHLO client.example.com
posttls-finger: < 250-server.example.com
posttls-finger: < 250-PIPELINING
posttls-finger: < 250-SIZE 10240000
posttls-finger: < 250-VRFY
posttls-finger: < 250-ETRN
posttls-finger: < 250-STARTTLS
posttls-finger: < 250-ENHANCEDSTATUSCODES
posttls-finger: < 250-8BITMIME
posttls-finger: < 250 DSN
posttls-finger: > STARTTLS
posttls-finger: < 220 2.0.0 Ready to start TLS
posttls-finger: setting up TLS connection to aa.bb.cc.dd[aa.bb.cc.dd]:25
posttls-finger: aa.bb.cc.dd[aa.bb.cc.dd]:25: TLS cipher list
"ALL:!EXPORT:!LOW:+RC4:@STRENGTH:!eNULL"
posttls-finger: looking for session
[aa.bb.cc.dd]:25&359DC42443D7E32ADDAA2AF86D3F2785D16016CAD85BB6B3103F285512451CF3
in memory cache
posttls-finger: SSL_connect:before/connect initialization
posttls-finger: SSL_connect:SSLv2/v3 write client hello A
posttls-finger: SSL_connect:SSLv3 read server hello A
posttls-finger: SSL_connect:SSLv3 read server key exchange A
posttls-finger: SSL_connect:SSLv3 read server done A
posttls-finger: SSL_connect:SSLv3 write client key exchange A
posttls-finger: SSL_connect:SSLv3 write change cipher spec A
posttls-finger: SSL_connect:SSLv3 write finished A
posttls-finger: SSL_connect:SSLv3 flush data
posttls-finger: SSL_connect:SSLv3 read finished A
posttls-finger: save session
[aa.bb.cc.dd]:25&359DC42443D7E32ADDAA2AF86D3F2785D16016CAD85BB6B3103F285512451CF3
to memory cache
posttls-finger: Untrusted TLS connection established to
aa.bb.cc.dd[aa.bb.cc.dd]:25: TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256
bits)
posttls-finger: > EHLO client.example.com
posttls-finger: < 250-server.example.com
posttls-finger: < 250-PIPELINING
posttls-finger: < 250-SIZE 10240000
posttls-finger: < 250-VRFY
posttls-finger: < 250-ETRN
posttls-finger: < 250-ENHANCEDSTATUSCODES
posttls-finger: < 250-8BITMIME
posttls-finger: < 250 DSN
posttls-finger: Server is anonymous
posttls-finger: > QUIT
posttls-finger: < 221 2.0.0 Bye
posttls-finger: Reconnecting after 1 seconds
posttls-finger: < 220 server.example.com ESMTP Postfix (Ubuntu)
posttls-finger: looking for session
[aa.bb.cc.dd]:25&359DC42443D7E32ADDAA2AF86D3F2785D16016CAD85BB6B3103F285512451CF3
in memory cache
posttls-finger: reloaded session
[aa.bb.cc.dd]:25&359DC42443D7E32ADDAA2AF86D3F2785D16016CAD85BB6B3103F285512451CF3
from memory cache
posttls-finger: SSL_connect:before/connect initialization
posttls-finger: SSL_connect:SSLv3 write client hello A
posttls-finger: SSL_connect:SSLv3 read server hello A
posttls-finger: SSL3 alert write:fatal:unexpected_message
posttls-finger: SSL_connect:error in SSLv3 read finished A
posttls-finger: SSL_connect error to aa.bb.cc.dd[aa.bb.cc.dd]:25: -1
posttls-finger: warning: TLS library problem: 18630:error:1408E0F4:SSL
routines:SSL3_GET_MESSAGE:unexpected message:s3_both.c:463:
posttls-finger: remove session
[aa.bb.cc.dd]:25&359DC42443D7E32ADDAA2AF86D3F2785D16016CAD85BB6B3103F285512451CF3
from client cache
[...]
> The simplest work-around for the problem is to disable TLSv1 on
> your 0.9.8j machine, since it seems to not handle the session
> ticket extension correctly. This is not a long-term fix, you
> really should upgrade to 0.9.8y or later, which likely does not
> have this problem.
>
> main.cf:
> # Disable SSLv2 and TLSv1, the latter until session ticket
> # support works in the local SSL library.
> #
> smtp_tls_protocols = !SSLv2, !TLSv1
> smtp_tls_mandatory_protocols = !SSLv2, !TLSv1
I would assume that I can test it with s_client:
$ openssl s_client -no_ssl2 -no_tls1 -starttls smtp -state \
-cipher "ALL:+RC4:@STRENGTH" -connect server.example.com:25
CONNECTED(00000003)
SSL_connect:before/connect initialization
SSL_connect:SSLv2/v3 write client hello A
SSL_connect:SSLv3 read server hello A
SSL_connect:SSLv3 read server key exchange A
SSL_connect:SSLv3 read server done A
SSL_connect:SSLv3 write client key exchange A
SSL_connect:SSLv3 write change cipher spec A
SSL_connect:SSLv3 write finished A
SSL_connect:SSLv3 flush data
SSL_connect:SSLv3 read finished A
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 678 bytes and written 367 bytes
---
New, TLSv1/SSLv3, Cipher is ADH-CAMELLIA256-SHA
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : SSLv3
Cipher : ADH-CAMELLIA256-SHA
Session-ID:
5571064B85701985126070CC097D5A60F6FBBD734A6F8F26615201AE0C814E1B
Session-ID-ctx:
Master-Key:
11CFEC1AD95BF4EA508C89E42147C9292F29F9E3630654818B99FADD349A6C9D64419A6802A09345A4008FA0F0180372
Key-Arg : None
Start Time: 1373554327
Timeout : 300 (sec)
Verify return code: 0 (ok)
---
250 DSN
quit
221 2.0.0 Bye
SSL3 alert read:warning:close notify
closed
SSL3 alert write:warning:close notify
$ openssl s_client -no_ssl2 -no_tls1 -reconnect -starttls smtp -state \
-cipher "ALL:+RC4:@STRENGTH" -connect server.example.com:25
CONNECTED(00000003)
SSL_connect:before/connect initialization
SSL_connect:SSLv2/v3 write client hello A
SSL_connect:SSLv3 read server hello A
SSL_connect:SSLv3 read server key exchange A
SSL_connect:SSLv3 read server done A
SSL_connect:SSLv3 write client key exchange A
SSL_connect:SSLv3 write change cipher spec A
SSL_connect:SSLv3 write finished A
SSL_connect:SSLv3 flush data
SSL_connect:SSLv3 read finished A
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 678 bytes and written 367 bytes
---
New, TLSv1/SSLv3, Cipher is ADH-CAMELLIA256-SHA
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : SSLv3
Cipher : ADH-CAMELLIA256-SHA
Session-ID:
5D7EA9F0C04B877E3AAFBEB75A12DAF4012693344BBBB5624DD3C1DC3836C34C
Session-ID-ctx:
Master-Key:
E6CF20A96E3C6C9800825897A09B06F37F03B06454A6BF8ADEE3935BE9FA0B1B2085EA919D07AFB167588FF042D70810
Key-Arg : None
Start Time: 1373554331
Timeout : 300 (sec)
Verify return code: 0 (ok)
---
250 DSN
drop connection and then reconnect
SSL3 alert write:warning:close notify
CONNECTED(00000003)
SSL_connect:before/connect initialization
SSL_connect:SSLv3 write client hello A
SSL3 alert write:fatal:handshake failure
SSL_connect:error in SSLv3 read server hello A
21731:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version
number:s3_pkt.c:281:
But, there's still the error.
Best regards
Stefan
