On Mon, Oct 03, 2022 at 06:08:58PM +0100, Jeremy Harris via Exim-users wrote:
> > Presumably it'll work for you if you connect to: > > > > [dnssec-stats.ant.isi.edu]:25 > > It does. Ok, so the client side is not the problem... > > So the barrier is some interaction between Exim and OpenSSL that makes > > TLS 1.0 and 1.1 unavailable. > > Yes, or the system my test server is running on forcing no TLSv1.1 support > (do/can they do that?) Yes, in the "openssl.cnf" file located in the directory reported by $ openssl version -d OPENSSLDIR: "/etc/pki/tls" On my Fedora 36 system this has: [ ssl_module ] system_default = crypto_policy [ crypto_policy ] .include = /etc/crypto-policies/back-ends/opensslcnf.config Which in turn has: CipherString = @SECLEVEL=2:kEECDH:kRSA:kEDH:kPSK:kDHEPSK:kECDHEPSK:kRSAPSK:-aDSS:-3DES:!DES:!RC4:!RC2:!IDEA:-SEED:!eNULL:!aNULL:!MD5:-SHA384:-CAMELLIA:-ARIA:-AESCCM8 Ciphersuites = TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:TLS_AES_128_CCM_SHA256 TLS.MinProtocol = TLSv1.2 TLS.MaxProtocol = TLSv1.3 DTLS.MinProtocol = DTLSv1.2 DTLS.MaxProtocol = DTLSv1.2 SignatureAlgorithms = ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:ed25519:ed448:rsa_pss_pss_sha256:rsa_pss_pss_sha384:rsa_pss_pss_sha512:rsa_pss_rsae_sha256:rsa_pss_rsae_sha384:rsa_pss_rsae_sha512:RSA+SHA256:RSA+SHA384:RSA+SHA512:ECDSA+SHA224:RSA+SHA224 [openssl_init] alg_section = evp_properties [evp_properties] rh-allow-sha1-signatures = yes The default configuration of Postfix 3.6 explicitly overrides the TLS minimum version: $ postconf -d smtpd_tls_protocols smtpd_tls_protocols = >=TLSv1 Perhaps Exim has no such facility, or does not use it by default. https://github.com/vdukhovni/postfix/blob/ae9d7a6a631f4b164702a55c7674c50afc610f75/postfix/src/tls/tls_server.c#L572-L577 https://github.com/vdukhovni/postfix/blob/ae9d7a6a631f4b164702a55c7674c50afc610f75/postfix/src/tls/tls_server.c#L422-L428 > Could the min/max protocol stuff mentioned in > https://www.openssl.org/docs/man1.1.1/man3/SSL_CONF_cmd.html > be affecting it? Yes. > Exim has no SSL_CONF_* calls currently; probably never has in it's > history. Right, but the openssl.cnf file does set various parameters. You don't have to support the "stringy" SSL_CONF API, you can set the min/max protocol versions directly if that's preferred. One option is to allow the administrator to specify a non-default configuration file, and perform explicit library initialisation early, before doing anything with OpenSSL. That config file can be more liberal than what's found in the default system-wide file. > I'm not sure how to debug. Does OpenSSL offer detailed internal > debug the way that GnuTLS does? You can enable protocol message debugging, but support for debugging internal configuration actions is mostly not there. In particular, SSL_CONF command processing is silent. -- Viktor. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/