On Tue, Aug 01, 2017 at 04:11:45PM -0700, robg...@nospammail.net wrote:

> For any given cipherlist in Postfix e.g.
> 
>   tls_medium_cipherlist = 
> !kDHE:CHACHA20:-CHACHA20:aNULL:-aNULL:HIGH:MEDIUM:@STRENGTH
> 
> Is there a postfix command to display an order list, by preference, of
> all the actually presented ciphers etc, *including* all the built-in
> Postfix exclusions?

No, you use OpenSSL for that.

> I know I can do
> 
> openssl ciphers -V CHACHA20:-CHACHA20:aNULL:-aNULL:HIGH:MEDIUM:@STRENGTH
> 
> (can't figure out how to get the "!kDHE" in there)

Just put the cipherlist in single quotes, otherwise "bash" history
substitution gets in the way:

    openssl ciphers -V 
'!kDHE:CHACHA20:-CHACHA20:aNULL:-aNULL:HIGH:MEDIUM:@STRENGTH'

> but that lists the Openssl result obvioiusly.  Including the SSL3 ciphers it 
> looks like.

DO NOT confuse ciphers with protocol versions.  The SSLv3 ciphers
are also TLS 1.x ciphers, and are needed for interoperability with
many TLS 1.0, TLS 1.1 and TLS 1.2 sites.  TLS 1.2 uses many ciphers
that date back to SSLv3, some that date back to TLS 1.0, and some
that are new with TLS 1.2 (TLS 1.1 added no new ciphers).

> IIUC those are excluded in Postfix by
> 
>  smtp_tls_protocols               = !SSLv2, !SSLv3
>  smtpd_tls_protocols              = !SSLv2, !SSLv3

No, these are protocol version exclusions, not cipher exclusions.
The configured cipherlist is dynamically filtered for compatibility
with the negotiated TLS version.  The input cipherlist is the one
you see from the "ciphers -V" command.

To see what you'd get for a particular protocol version:

    $ /opt/openssl/1.1.0/bin/openssl ciphers -s -tls1 -V 
'CHACHA20:!aRSA:!aDSA:!PSK'
    $ /opt/openssl/1.1.0/bin/openssl ciphers -s -tls1_1 -V 
'CHACHA20:!aRSA:!aDSA:!PSK'
    $ /opt/openssl/1.1.0/bin/openssl ciphers -s -tls1_2 -V 
'CHACHA20:!aRSA:!aDSA:!PSK'
              0xCC,0xA9 - ECDHE-ECDSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH     
Au=ECDSA Enc=CHACHA20/POLY1305(256) Mac=AEAD

Which shows that if you want CHACHA20 without RSA or DSA certs you
lose with TLS 1.0 and TLS 1.1, but scrape by with one compatible
cipher with TLS 1.2.

> Is there a way to get the Postfic-actual cipherlist, so MINUS the SSLv2,
> SSLv3, and anything else Postfix auto-excludes?

The low-level cipherlist interface is an OpenSSL interface, and
you ask OpenSSL not Postfix to interpret the configuration.  Postfix
just passes the cipherlists to OpenSSL after appending any exclusions
(automatic exclusions of eNULL and/or aNULL as appropriate plus
the various explicit mumble_exclude_ciphers parameters).

It is unfortunate that you're forced to scale this particular
learning curve.  The vast majority of users can stay blissfully
unaware, and are better off for that.

-- 
        Viktor.

Reply via email to