TLS version 1.0 and 1.1

Discussion:

(too old to reply)

b***@gmail.com

2019-10-26 15:09:49 UTC

I would like to allow TLS 1.0 and TLS 1.1 when I generate sendmail 8.16.0.41
together with openssl 1.1.1d

However, it appears that this will allow TLS 1.2 and 1.3 only.

From the openssl documentation we have:

SSL_OP_NO_SSLv3, SSL_OP_NO_TLSv1, SSL_OP_NO_TLSv1_1, SSL_OP_NO_TLSv1_2,
SSL_OP_NO_TLSv1_3, SSL_OP_NO_DTLSv1, SSL_OP_NO_DTLSv1_2

These options turn off the SSLv3, TLSv1, TLSv1.1, TLSv1.2 or TLSv1.3 protocol
versions with TLS or the DTLSv1, DTLSv1.2 versions with DTLS, respectively.
As of OpenSSL 1.1.0, these options are deprecated, use
SSL_CTX_set_min_proto_version(3)
and SSL_CTX_set_max_proto_version(3) instead.

For this reason I have added:

SSL_CTX_set_min_proto_version(*ctx, TLS1_VERSION); /* TLSv1 minimum */

to sendmail/tls.c after line 1345. This will solve my problem.

Is there a better way to include TLS 1.0 and 1.1 ??

h***@gmail.com

2019-11-09 14:23:47 UTC

Permalink

Add the following on your .mc file then generate a .cf file. These provide the highest TLS support available and should avoid any known vulnerabilities. These SSL settings can be used pretty much everywhere, from Apache to Sendmail and Dovecot, for instance:

dnl# Use the following options to remove support of the below crypto modes:
dnl# SSLv2: +SSL_OP_NO_SSLv2
dnl# SSLv3: +SSL_OP_NO_SSLv3
dnl# TLSv1.0: +SSL_OP_NO_TLSv1
dnl# TLSv1.1: +SSL_OP_NO_TLSv1_1
dnl# TLSv1.2: +SSL_OP_NO_TLSv1_2
define(`confSERVER_SSL_OPTIONS',`+SSL_OP_NO_SSLv2 +SSL_OP_NO_SSLv3 +SSL_OP_NO_TL
Sv1 +SSL_OP_NO_TLSv1_1 +SSL_OP_CIPHER_SERVER_PREFERENCE -SSL_OP_LEGACY_SERVER_CO
NNECT -SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION')
define(`confCLIENT_SSL_OPTIONS',`+SSL_OP_NO_SSLv2 +SSL_OP_NO_SSLv3 +SSL_OP_NO_TL
Sv1 +SSL_OP_NO_TLSv1_1 +SSL_OP_CIPHER_SERVER_PREFERENCE -SSL_OP_LEGACY_SERVER_CO
NNECT -SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION')
define(`confCIPHER_LIST',`TLSv1.3:EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+ED
H:!DHE-RSA-AES256-CCM:!DHE-RSA-AES256-CCM8:!ECDHE-ECDSA-AES256-CCM:!ECDHE-ECDSA-
AES256-CCM8:!ECDHE-ECDSA-AES256-SHA384:!ECDHE-RSA-AES256-SHA384:!ECDHE-ECDSA-AES
256-SHA:!ECDHE-RSA-AES256-SHA:!DHE-RSA-AES256-SHA256:!DHE-RSA-AES256-SHA')

h***@gmail.com

2019-11-09 14:28:34 UTC

Permalink

For increased security, add the following on your .mc file then generate a .cf file. These provide the highest TLS support available and should avoid any known vulnerabilities. These SSL settings can be used pretty much everywhere, from Apache to Sendmail and Dovecot, for instance.

If you want to ADD support to an older protocol, negating the SSL_OP should do the trick.

define(`confCACERT_PATH', `/etc/ssl/certs')
define(`confCACERT', `/etc/ssl/certs/ca-certificates.crt')
define(`confSERVER_CERT', `/etc/ssl/private/cert.rsa.pem')
define(`confSERVER_KEY', `/etc/ssl/private/cert.rsa.key')
define(`confCLIENT_CERT', `/etc/ssl/private/cert.rsa.pem')
define(`confCLIENT_KEY', `/etc/ssl/private/cert.rsa.key')
define(`confTLS_SRV_OPTIONS', `V')
define(`confDH_PARAMETERS',`/etc/ssl/certs/dhparam.pem')

dnl# Use the following options to remove support of the below crypto modes:
dnl# SSLv2: +SSL_OP_NO_SSLv2
dnl# SSLv3: +SSL_OP_NO_SSLv3
dnl# TLSv1.0: +SSL_OP_NO_TLSv1
dnl# TLSv1.1: +SSL_OP_NO_TLSv1_1
dnl# TLSv1.2: +SSL_OP_NO_TLSv1_2
define(`confSERVER_SSL_OPTIONS',`+SSL_OP_NO_SSLv2 +SSL_OP_NO_SSLv3 +SSL_OP_NO_TLSv1 +SSL_OP_NO_TLSv1_1 +SSL_OP_CIPHER_SERVER_PREFERENCE -SSL_OP_LEGACY_SERVER_CONNECT -SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION')
define(`confCLIENT_SSL_OPTIONS',`+SSL_OP_NO_SSLv2 +SSL_OP_NO_SSLv3 +SSL_OP_NO_TLSv1 +SSL_OP_NO_TLSv1_1 +SSL_OP_CIPHER_SERVER_PREFERENCE -SSL_OP_LEGACY_SERVER_CONNECT -SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION')
define(`confCIPHER_LIST',`TLSv1.3:EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH:!DHE-RSA-AES256-CCM:!DHE-RSA-AES256-CCM8:!ECDHE-ECDSA-AES256-CCM:!ECDHE-ECDSA-AES256-CCM8:!ECDHE-ECDSA-AES256-SHA384:!ECDHE-RSA-AES256-SHA384:!ECDHE-ECDSA-AES256-SHA:!ECDHE-RSA-AES256-SHA:!DHE-RSA-AES256-SHA256:!DHE-RSA-AES256-SHA')

b***@gmail.com

2019-11-09 14:37:51 UTC

Permalink

I want to include TLS 1.0 and 1.1

h***@gmail.com

2019-11-09 14:59:22 UTC

Permalink

Post by b***@gmail.com
I want to include TLS 1.0 and 1.1

So take the above configuration and do it backwards as you see fit.

b***@gmail.com

2019-11-09 15:02:34 UTC

Permalink

Already tried long time ago, did not work.

Claus Aßmann

2019-11-10 19:31:31 UTC

Permalink

Post by b***@gmail.com
I would like to allow TLS 1.0 and TLS 1.1 when I generate sendmail 8.16.0.41
together with openssl 1.1.1d
However, it appears that this will allow TLS 1.2 and 1.3 only.

how did you test that?

and what are your compile time options
for openssl and sendmail?

a default setup for both does work fine with TLS 1.0
in a brief test with openssl s_client -tls1 ...

--
Note: please read the netiquette before posting. I will almost never
reply to top-postings which include a full copy of the previous
article(s) at the end because it's annoying, shows that the poster
is too lazy to trim his article, and it's wasting the time of all readers.

b***@gmail.com

2019-11-11 14:34:18 UTC

Permalink

Centos 8

OpenSSL generated without any options (just default)

Sendmail generated with:

APPENDDEF(`confINCDIRS', `-I/usr/local/include/openssl')
APPENDDEF(`confINCDIRS', `-I/usr/local/BerkeleyDB.5.3/include')
APPENDDEF(`confLIBDIRS', `-L/usr/local/lib64')
APPENDDEF(`confLIBDIRS', `-L/usr/local/BerkeleyDB.5.3/lib')
APPENDDEF(`confENVDEF', `-DNETINET6 -DMILTER -DSTARTTLS')
APPENDDEF(`confMAPDEF', `-DNEWDB -DMAP_REGEX')
APPENDDEF(`confLIBS', `-lresolv -lpthread -lssl -lcrypto')
APPENDDEF(`conf_sendmail_ENVDEF', `-DTLS_EC')
APPENDDEF(`conf_sendmail_ENVDEF', `-D_FFR_TLSA_DANE2')

Here DANE2 is specified because a patch from www.five-ten-sg.com is used.

Sendmail.cf generated with options -SSL_OP_NO_TLSv1 -SSL_OP_NO_TLSv1_1

Anyway these options are deprecated, so I am quite happy with my current setup.

b***@gmail.com

2019-11-11 14:35:37 UTC

Permalink

My test was done with:

https://www.immuniweb.com/ssl/

Claus Aßmann

2019-11-11 14:49:40 UTC

Permalink

Since you only answered at best 1/3rd of the questions, I can't
help you.

You need to you provide all information for others to reproduce a
problem.

b***@gmail.com

2019-11-15 14:27:23 UTC

Permalink

Use of the new functions:

SSL_CTX_get_max_proto_version(*ctx)
SSL_CTX_get_min_proto_version(*ctx)

before and after:

SSL_CTX_set_options(*ctx, (long) options)

in sendmail/tls.c will always return 0x0 and 0x0303 respectively.

The use of -SSL_OP_NO_TLSv1, -SSL_OP_NO_TLSv1_1 and so on, in sendmail.cf
will never change these values. Thus TLS1 and TLS1_1 will not work.

To recover TLS1 and TLS1_1 the new function:

SSL_CTX_set_min_proto_version(*ctx, TLS1_VERSION)

must be used. This is no surprise since the OpenSSL documentation says:

As of OpenSSL 1.1.0, these options are deprecated

Claus Aßmann

2019-11-15 16:56:18 UTC

Permalink

[[...]]

Post by b***@gmail.com
will never change these values. Thus TLS1 and TLS1_1 will not work.

I posted a reply (it seems you are only replying to yourself) where
I asked for a reproducible case. You aren't providing any useful
information that could help to track down why it is not working for
you but others...

b***@gmail.com

2019-11-16 15:49:01 UTC

Permalink

It turns out that the TLS minimum version 0x0303 comes from the
OpenSSL Package openssl-1:1.1.1-8.el8.x86_64 included in Centos 8.
A local build of Sendmail will take this value as default.
Thus TLS1 and TLS1_1 will not work.

A local build of OpenSSL 1.1.1d on Centos 8 will set the TLS
minimum version to 0x0, and allow TLS1 and TLS1_1 in Sendmail.

So

SSL_CTX_set_min_proto_version(*ctx, TLS1_VERSION); /* TLSv1 minimum */

is needed in sendmail/tls.c for Centos 8 unless OpenSSL is rebuild.