[Bug 197028] port mail/dovecot - patch to disable SSLv2 and SSLv3 (POODLE)
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Fri Jan 23 11:12:58 UTC 2015
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=197028
Bug ID: 197028
Summary: port mail/dovecot - patch to disable SSLv2 and SSLv3
(POODLE)
Product: Ports & Packages
Version: Latest
Hardware: Any
OS: Any
Status: New
Severity: Affects Many People
Priority: ---
Component: Individual Port(s)
Assignee: bdrewery at FreeBSD.org
Reporter: k at free.de
Assignee: bdrewery at FreeBSD.org
Flags: maintainer-feedback?(bdrewery at FreeBSD.org)
Here is a patch for the port mail/dovecot against version 1.2.17 to disable
SSLv2 and SSLv3 encryption protocols, making dovecot immune to POODLE
(CVE-2014-3566).
In theory it should be possible to also achieve this through adapting your
dovecot.conf (ssl_cipher_list), but my tests [1] show, that disabling SSLv2 and
SSLv3 in the dovecot.conf also disables TLSv1 and TLSv1.1 - leaving only
TLSv1.2 as a last and only resort for protocol negotiation between client and
server.. This then effectively blocks many mail clients that still cannot make
use of TLSv1.2. So this is not an option.
I have good results[2] by using this patch and using the following option in
dovecot.conf
ssl_cipher_list = HIGH:!SSLv2:!aNULL:!MD5!DES:!3DES
I verified my tests by using the publicly available script from
https://testssl.sh/
You can use this script to test for protocol security like this: "./testssl.sh
my.pop-ssl-server.domain:995"
My opinion: This patch should become default a port option to secure dovecot 1
by default against POODLE.
Regards,
Kai Gallasch.
[1] Test results, with disabled SSLv2/3 in dovecot.conf: -> No TLSv1 and
TLSv1.1 support.
./testssl.sh my.pop-ssl-server.domain:995
#########################################################
testssl.sh v2.2 (https://testssl.sh)
($Id: testssl.sh,v 1.151 2014/12/08 09:32:50 dirkw Exp $)
This program is free software. Redistribution +
modification under GPLv2 is permitted.
USAGE w/o ANY WARRANTY. USE IT AT YOUR OWN RISK!
Note: you can only check the server with what is
available (ciphers/protocols) locally on your machine!
#########################################################
Using "OpenSSL 1.0.1f 6 Jan 2014" from
orwell:/usr/bin/openssl
(built: "Jan 9 17:52:48 2015", platform: "debian-amd64")
Testing now (2015-01-23 00:12) ---> 10.10.10.1:995 (my.pop-ssl-server.domain)
<---
rDNS (10.10.10.1): my.pop-ssl-server.domain
Couldn't determine what's running on port 995, assuming not HTTP
--> Testing Protocols
SSLv2 Local problem: /usr/bin/openssl doesn't support "s_client -ssl2"
SSLv3 not offered (OK)
TLSv1 not offered
TLSv1.1 not offered
TLSv1.2 offered (OK)
SPDY/NPN not offered
--> Testing standard cipher lists
Null Cipher not offered (OK)
Anonymous NULL Cipher not offered (OK)
Anonymous DH Cipher not offered (OK)
40 Bit encryption not offered (OK)
56 Bit encryption Local problem: No 56 Bit encryption configured in
/usr/bin/openssl
Export Cipher (general) not offered (OK)
Low (<=64 Bit) not offered (OK)
DES Cipher not offered (OK)
Triple DES Cipher not offered
Medium grade encryption not offered
High grade encryption offered (OK)
--> Testing server defaults (Server Hello)
Negotiated protocol TLSv1.2
Negotiated cipher DHE-RSA-AES256-GCM-SHA384
Server key size 4096 bit
TLS server extensions renegotiation info, session ticket, heartbeat
Session Tickets RFC 5077 300 seconds
OCSP stapling not offered
--> Testing specific vulnerabilities
Heartbleed (CVE-2014-0160), experimental not vulnerable (OK)
CCS (CVE-2014-0224), experimental not vulnerable (OK)
Renegotiation (CVE 2009-3555) not vulnerable (OK)
CRIME, TLS (CVE-2012-4929) Local Problem: Your /usr/bin/openssl
lacks zlib support
POODLE (CVE-2014-3566), experimental not vulnerable (OK)
--> Checking RC4 Ciphers
no RC4 ciphers detected (OK)
--> Testing (Perfect) Forward Secrecy (P)FS) -- omitting 3DES, RC4 and Null
Encryption here
PFS seems generally available. Now testing specific ciphers ...
Hexcode Cipher Suite Name (OpenSSL) KeyExch. Encryption Bits
-------------------------------------------------------------------------
x9f DHE-RSA-AES256-GCM-SHA384 DH AESGCM 256
x6b DHE-RSA-AES256-SHA256 DH AES 256
x9e DHE-RSA-AES128-GCM-SHA256 DH AESGCM 128
x67 DHE-RSA-AES128-SHA256 DH AES 128
Please note: detected PFS ciphers don't necessarily mean any client/browser
will use them
[2] Test results, with applied patch and dovecot.conf option "ssl_cipher_list =
HIGH:!SSLv2:!aNULL:!MD5!DES:!3DES"
./testssl.sh my.pop-ssl-server.domain:995
#########################################################
testssl.sh v2.2 (https://testssl.sh)
($Id: testssl.sh,v 1.151 2014/12/08 09:32:50 dirkw Exp $)
This program is free software. Redistribution +
modification under GPLv2 is permitted.
USAGE w/o ANY WARRANTY. USE IT AT YOUR OWN RISK!
Note: you can only check the server with what is
available (ciphers/protocols) locally on your machine!
#########################################################
Using "OpenSSL 1.0.1f 6 Jan 2014" from
orwell:/usr/bin/openssl
(built: "Jan 9 17:52:48 2015", platform: "debian-amd64")
Testing now (2015-01-23 00:56) ---> 10.10.10.1:995 (my.pop-ssl-server.domain)
<---
rDNS (10.10.10.1): my.pop-ssl-server.domain
Couldn't determine what's running on port 995, assuming not HTTP
--> Testing Protocols
SSLv2 Local problem: /usr/bin/openssl doesn't support "s_client -ssl2"
SSLv3 not offered (OK)
TLSv1 offered (OK)
TLSv1.1 offered (OK)
TLSv1.2 offered (OK)
SPDY/NPN not offered
--> Testing standard cipher lists
Null Cipher not offered (OK)
Anonymous NULL Cipher not offered (OK)
Anonymous DH Cipher not offered (OK)
40 Bit encryption not offered (OK)
56 Bit encryption Local problem: No 56 Bit encryption configured in
/usr/bin/openssl
Export Cipher (general) not offered (OK)
Low (<=64 Bit) not offered (OK)
DES Cipher not offered (OK)
Triple DES Cipher not offered
Medium grade encryption not offered
High grade encryption offered (OK)
--> Testing server defaults (Server Hello)
Negotiated protocol TLSv1.2
Negotiated cipher DHE-RSA-AES256-GCM-SHA384
Server key size 4096 bit
TLS server extensions renegotiation info, session ticket, heartbeat
Session Tickets RFC 5077 300 seconds
OCSP stapling not offered
--> Testing specific vulnerabilities
Heartbleed (CVE-2014-0160), experimental not vulnerable (OK) (timed out)
CCS (CVE-2014-0224), experimental not vulnerable (OK)
Renegotiation (CVE 2009-3555) not vulnerable (OK)
CRIME, TLS (CVE-2012-4929) Local Problem: Your /usr/bin/openssl
lacks zlib support
POODLE (CVE-2014-3566), experimental not vulnerable (OK)
--> Checking RC4 Ciphers
no RC4 ciphers detected (OK)
--> Testing (Perfect) Forward Secrecy (P)FS) -- omitting 3DES, RC4 and Null
Encryption here
PFS seems generally available. Now testing specific ciphers ...
Hexcode Cipher Suite Name (OpenSSL) KeyExch. Encryption Bits
-------------------------------------------------------------------------
x9f DHE-RSA-AES256-GCM-SHA384 DH AESGCM 256
x6b DHE-RSA-AES256-SHA256 DH AES 256
x39 DHE-RSA-AES256-SHA DH AES 256
x88 DHE-RSA-CAMELLIA256-SHA DH Camellia 256
x9e DHE-RSA-AES128-GCM-SHA256 DH AESGCM 128
x67 DHE-RSA-AES128-SHA256 DH AES 128
x33 DHE-RSA-AES128-SHA DH AES 128
x45 DHE-RSA-CAMELLIA128-SHA DH Camellia 128
Please note: detected PFS ciphers don't necessarily mean any client/browser
will use them
--- Comment #1 from Bugzilla Automation <bugzilla at FreeBSD.org> ---
Auto-assigned to maintainer bdrewery at FreeBSD.org
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-ports-bugs
mailing list