Cipher order and Courier pop/imap SSL

[takenek]

Can You add support for Cipher order in Courier POP/IMAP SSL?

[svarshavchik]

You'll have to be more specific: whether you are referring to the OpenSSL or the GnuTLS configuration, and what specific functionality is missing that you cannot already do by setting TLS_CIPHER_LIST and/or TLS_PRIORITY.

[takenek]

hey, TLS_CIPHER_LIST="-ALL:!TLSv1:!SSLv2:!ADH:!aNULL:!eNULL:!EXPORT:!DSS:!DES:!RC4-SHA:RC4-MD5:ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS:!DHE-RSA-AES256-SHA256:!DHE-RSA-AES128-SHA256:!DHE-RSA-AES128-GCM-SHA256:!DHE-RSA-AES256-GCM-SHA384:!DHE-RSA-AES256-SHA:!EDH-RSA-DES-CBC3-SHA:!DHE-RSA-AES128-SHA:!DHE-RSA-AES128-SHA"

When i use testssl.sh i got it: root@zabbix:~/testssl.sh-2.8# ./testssl.sh something.pl:995 Got: Testing server preferences

Has server cipher order? nope (NOT ok) Negotiated protocol TLSv1.2 Negotiated cipher AES256-GCM-SHA384 (limited sense as client will pick) Negotiated cipher per proto (limited sense as client will pick) AES256-GCM-SHA384: TLSv1.2 No further cipher order check has been done as order is determined by the client So the question is how to enable cipher order in Courier?

I use version: 0.73.1

Best Regards TaKeN

[svarshavchik]

Exactly that way, by using the TLS_CIPHER_LIST setting. There's nothing else to enable.

[takenek]

But this is what i got in my configuration and got error about no cipher order....... So this is false alarm from testssl.sh?

[svarshavchik]

I have no idea what this "testssl.sh" is, what it does, or what it means.

[takenek]

Hey https://testssl.sh - is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more.

Best Regards

[svarshavchik]

That's a 1600 line shell script, mostly unreadable, and which doesn't really explain anything. Unless the missing functionality is explicitly identified and described, with a bit more specificity than some vague, opaque reference to a "server cipher order" of some kind, from some random shell script from some random web site, I have very little to go on.

[andrejpodzimek]

Getting back to this bug report from the Silurian: I think it has been an issue throughout the Jurassic and the Paleogene up to present days. :elephant:

There's a mail server test at internet.nl, which reports the following issue for my mail server:

The link at the bottom of the screenshot, for completeness…

There doesn't seem to be a way to turn cipher order enforcement on. I'm (still :sob:) using a reasonably vanilla version of the ArchLinux AUR package of Courier-MTA. My TLS_CIPHER_LIST is taken from here (the "Broad Compatibility" list) and it doesn't use any of the wildcards or aliases:

TLS_CIPHER_LIST="TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256"

When I use the default (i.e., when I don't set TLS_CIPHER_LIST at all), I'm getting the same report plus lots of rants about "phase-out" ciphers being still supported (e.g. CAMELLIA256-SHA256, CAMELLIA128-SHA256 and others). (Also, the default doesn't seem to ban TLSv1 and TLSv1.1 in general, which, according to general web wisdom, shouldn't be supported any more.)

There are ~2 more errors related to TLS that internet.nl reports, but those may be off-topic here.

[andrejpodzimek]

Just a side note and reference: I've discovered this issue while checking my Courier-MTA mail server with the internet.nl online utility. This is related to #23 and #24, problems that I haven't found in this project's history, so I opened new issues for them.

[phansen2002]

You need a change in 'libs/tcpd/libcouriertls.c':

{ "TLSv1.2++", &SSLv23_method, SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3|SSL_OP_NO_TLSv1|SSL_OP_NO_TLSv1_1|SSL_OP_NO_RENEGOTIATION|SSL_OP_CIPHER_SERVER_PREFERENCE },

Source: https://wiki.openssl.org/index.php/List_of_SSL_OP_Flags#SSL_OP_CIPHER_SERVER_PREFERENCE