On Tue, Aug 01, 2017 at 04:11:45PM -0700, robg...@nospammail.net wrote: > For any given cipherlist in Postfix e.g. > > tls_medium_cipherlist = > !kDHE:CHACHA20:-CHACHA20:aNULL:-aNULL:HIGH:MEDIUM:@STRENGTH > > Is there a postfix command to display an order list, by preference, of > all the actually presented ciphers etc, *including* all the built-in > Postfix exclusions?
No, you use OpenSSL for that. > I know I can do > > openssl ciphers -V CHACHA20:-CHACHA20:aNULL:-aNULL:HIGH:MEDIUM:@STRENGTH > > (can't figure out how to get the "!kDHE" in there) Just put the cipherlist in single quotes, otherwise "bash" history substitution gets in the way: openssl ciphers -V '!kDHE:CHACHA20:-CHACHA20:aNULL:-aNULL:HIGH:MEDIUM:@STRENGTH' > but that lists the Openssl result obvioiusly. Including the SSL3 ciphers it > looks like. DO NOT confuse ciphers with protocol versions. The SSLv3 ciphers are also TLS 1.x ciphers, and are needed for interoperability with many TLS 1.0, TLS 1.1 and TLS 1.2 sites. TLS 1.2 uses many ciphers that date back to SSLv3, some that date back to TLS 1.0, and some that are new with TLS 1.2 (TLS 1.1 added no new ciphers). > IIUC those are excluded in Postfix by > > smtp_tls_protocols = !SSLv2, !SSLv3 > smtpd_tls_protocols = !SSLv2, !SSLv3 No, these are protocol version exclusions, not cipher exclusions. The configured cipherlist is dynamically filtered for compatibility with the negotiated TLS version. The input cipherlist is the one you see from the "ciphers -V" command. To see what you'd get for a particular protocol version: $ /opt/openssl/1.1.0/bin/openssl ciphers -s -tls1 -V 'CHACHA20:!aRSA:!aDSA:!PSK' $ /opt/openssl/1.1.0/bin/openssl ciphers -s -tls1_1 -V 'CHACHA20:!aRSA:!aDSA:!PSK' $ /opt/openssl/1.1.0/bin/openssl ciphers -s -tls1_2 -V 'CHACHA20:!aRSA:!aDSA:!PSK' 0xCC,0xA9 - ECDHE-ECDSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH Au=ECDSA Enc=CHACHA20/POLY1305(256) Mac=AEAD Which shows that if you want CHACHA20 without RSA or DSA certs you lose with TLS 1.0 and TLS 1.1, but scrape by with one compatible cipher with TLS 1.2. > Is there a way to get the Postfic-actual cipherlist, so MINUS the SSLv2, > SSLv3, and anything else Postfix auto-excludes? The low-level cipherlist interface is an OpenSSL interface, and you ask OpenSSL not Postfix to interpret the configuration. Postfix just passes the cipherlists to OpenSSL after appending any exclusions (automatic exclusions of eNULL and/or aNULL as appropriate plus the various explicit mumble_exclude_ciphers parameters). It is unfortunate that you're forced to scale this particular learning curve. The vast majority of users can stay blissfully unaware, and are better off for that. -- Viktor.