Re: Extra intermediate certificate when using ssl_alt_cert

2018-03-13 Thread Aki Tuomi 


On 10.03.2018 17:11, Aki Tuomi wrote:
>> On 10 March 2018 at 16:53 Aki Tuomi  wrote:
>>
>>
>>
>>> On 10 March 2018 at 16:05 Aki Tuomi  wrote:
>>>
>>>
>>>
 On 10 March 2018 at 15:20 John Fawcett  wrote:


 On 10/03/18 14:06, Aki Tuomi wrote:
>> On 10 March 2018 at 14:49 John Fawcett < j...@voipsupport.it
>> > wrote:
>>
>>
>> On 08/03/18 18:43, Peter Linss wrote:
>>> I just added an ECDSA certificate to my mail server using
>>> ssl_alt_cert (the RSA certificate is specified by ssl_cert), both
>>> certificate files contain the certificate and a single intermediate
>>> (which currently happens to be the same intermediate from Let’s
>>> Encrypt).
>>> When connecting to the server using either RSA or ECDSA ciphers, the
>>> server sends the proper certificate, but also sends two
>>> intermediates. Apparently it’s reading the intermediate from both
>>> files and using both for all situations, rather than using only the
>>> intermediate in the RSA file for RSA certificates, and the
>>> intermediate in the ECDSA file for ECDSA certificates. I expect this
>>> will be a bigger problem when Let’s Encrypt starts using ECDSA
>>> intermediates.
>>> Removing the intermediate from the ssl_alt_cert file solves the
>>> problem (but then doesn’t allow an ECDSA intermediate to be specified).
>> I believe that supplying multiple unrelated intermediate certificates is
>> an incorrect behaviour, though I don't know if this is a problem that
>> can be solved in Dovecot or has to be addressed in openssl itself.
>>
>> Do you get any issue in certificate validation in the client?
>>
>> John
> You sure your cert file does not contain unrelated certificates?
> ---
> Aki Tuomi
 Aki

 I'll leave Peter to respond about his cert files, but in the test I did,
 each the ssl_cert and ssl_alt_cert each contained the server cert and
 the next cert in the chain. However, both intermediates were supplied
 whether using RSA or ECDSA.

 John

>>> I can confirm this behaviour. We'll look into it.
>>>
>>> Aki
>> This appears to be slightly too difficult to fix for OpenSSL 1.0.0, but we 
>> can fix this for 1.0.2 and later on next release.
>>
>> Aki
> Sorry, target release 2.3.2, not 2.3.1.
>
> Aki

Fixed with
https://github.com/dovecot/core/commit/98794428c6805fb82d4d650f46a635226862c4f0.patch

Aki

Re: Extra intermediate certificate when using ssl_alt_cert

2018-03-10 Thread Aki Tuomi 

> On 10 March 2018 at 16:53 Aki Tuomi  wrote:
> 
> 
> 
> > On 10 March 2018 at 16:05 Aki Tuomi  wrote:
> > 
> > 
> > 
> > > On 10 March 2018 at 15:20 John Fawcett  wrote:
> > > 
> > > 
> > > On 10/03/18 14:06, Aki Tuomi wrote:
> > > >
> > > >> On 10 March 2018 at 14:49 John Fawcett < j...@voipsupport.it
> > > >> > wrote:
> > > >>
> > > >>
> > > >> On 08/03/18 18:43, Peter Linss wrote:
> > > >>> I just added an ECDSA certificate to my mail server using
> > > >>> ssl_alt_cert (the RSA certificate is specified by ssl_cert), both
> > > >>> certificate files contain the certificate and a single intermediate
> > > >>> (which currently happens to be the same intermediate from Let’s
> > > >>> Encrypt).
> > > >>> When connecting to the server using either RSA or ECDSA ciphers, the
> > > >>> server sends the proper certificate, but also sends two
> > > >>> intermediates. Apparently it’s reading the intermediate from both
> > > >>> files and using both for all situations, rather than using only the
> > > >>> intermediate in the RSA file for RSA certificates, and the
> > > >>> intermediate in the ECDSA file for ECDSA certificates. I expect this
> > > >>> will be a bigger problem when Let’s Encrypt starts using ECDSA
> > > >>> intermediates.
> > > >>> Removing the intermediate from the ssl_alt_cert file solves the
> > > >>> problem (but then doesn’t allow an ECDSA intermediate to be 
> > > >>> specified).
> > > >> I believe that supplying multiple unrelated intermediate certificates 
> > > >> is
> > > >> an incorrect behaviour, though I don't know if this is a problem that
> > > >> can be solved in Dovecot or has to be addressed in openssl itself.
> > > >>
> > > >> Do you get any issue in certificate validation in the client?
> > > >>
> > > >> John
> > > >
> > > > You sure your cert file does not contain unrelated certificates?
> > > > ---
> > > > Aki Tuomi
> > > 
> > > Aki
> > > 
> > > I'll leave Peter to respond about his cert files, but in the test I did,
> > > each the ssl_cert and ssl_alt_cert each contained the server cert and
> > > the next cert in the chain. However, both intermediates were supplied
> > > whether using RSA or ECDSA.
> > > 
> > > John
> > >
> > 
> > I can confirm this behaviour. We'll look into it.
> > 
> > Aki
> 
> This appears to be slightly too difficult to fix for OpenSSL 1.0.0, but we 
> can fix this for 1.0.2 and later on next release.
> 
> Aki

Sorry, target release 2.3.2, not 2.3.1.

Aki

Re: Extra intermediate certificate when using ssl_alt_cert

2018-03-10 Thread Aki Tuomi 

> On 10 March 2018 at 16:05 Aki Tuomi  wrote:
> 
> 
> 
> > On 10 March 2018 at 15:20 John Fawcett  wrote:
> > 
> > 
> > On 10/03/18 14:06, Aki Tuomi wrote:
> > >
> > >> On 10 March 2018 at 14:49 John Fawcett < j...@voipsupport.it
> > >> > wrote:
> > >>
> > >>
> > >> On 08/03/18 18:43, Peter Linss wrote:
> > >>> I just added an ECDSA certificate to my mail server using
> > >>> ssl_alt_cert (the RSA certificate is specified by ssl_cert), both
> > >>> certificate files contain the certificate and a single intermediate
> > >>> (which currently happens to be the same intermediate from Let’s
> > >>> Encrypt).
> > >>> When connecting to the server using either RSA or ECDSA ciphers, the
> > >>> server sends the proper certificate, but also sends two
> > >>> intermediates. Apparently it’s reading the intermediate from both
> > >>> files and using both for all situations, rather than using only the
> > >>> intermediate in the RSA file for RSA certificates, and the
> > >>> intermediate in the ECDSA file for ECDSA certificates. I expect this
> > >>> will be a bigger problem when Let’s Encrypt starts using ECDSA
> > >>> intermediates.
> > >>> Removing the intermediate from the ssl_alt_cert file solves the
> > >>> problem (but then doesn’t allow an ECDSA intermediate to be specified).
> > >> I believe that supplying multiple unrelated intermediate certificates is
> > >> an incorrect behaviour, though I don't know if this is a problem that
> > >> can be solved in Dovecot or has to be addressed in openssl itself.
> > >>
> > >> Do you get any issue in certificate validation in the client?
> > >>
> > >> John
> > >
> > > You sure your cert file does not contain unrelated certificates?
> > > ---
> > > Aki Tuomi
> > 
> > Aki
> > 
> > I'll leave Peter to respond about his cert files, but in the test I did,
> > each the ssl_cert and ssl_alt_cert each contained the server cert and
> > the next cert in the chain. However, both intermediates were supplied
> > whether using RSA or ECDSA.
> > 
> > John
> >
> 
> I can confirm this behaviour. We'll look into it.
> 
> Aki

This appears to be slightly too difficult to fix for OpenSSL 1.0.0, but we can 
fix this for 1.0.2 and later on next release.

Aki

Re: Extra intermediate certificate when using ssl_alt_cert

2018-03-10 Thread Aki Tuomi 

> On 10 March 2018 at 15:20 John Fawcett  wrote:
> 
> 
> On 10/03/18 14:06, Aki Tuomi wrote:
> >
> >> On 10 March 2018 at 14:49 John Fawcett < j...@voipsupport.it
> >> > wrote:
> >>
> >>
> >> On 08/03/18 18:43, Peter Linss wrote:
> >>> I just added an ECDSA certificate to my mail server using
> >>> ssl_alt_cert (the RSA certificate is specified by ssl_cert), both
> >>> certificate files contain the certificate and a single intermediate
> >>> (which currently happens to be the same intermediate from Let’s
> >>> Encrypt).
> >>> When connecting to the server using either RSA or ECDSA ciphers, the
> >>> server sends the proper certificate, but also sends two
> >>> intermediates. Apparently it’s reading the intermediate from both
> >>> files and using both for all situations, rather than using only the
> >>> intermediate in the RSA file for RSA certificates, and the
> >>> intermediate in the ECDSA file for ECDSA certificates. I expect this
> >>> will be a bigger problem when Let’s Encrypt starts using ECDSA
> >>> intermediates.
> >>> Removing the intermediate from the ssl_alt_cert file solves the
> >>> problem (but then doesn’t allow an ECDSA intermediate to be specified).
> >> I believe that supplying multiple unrelated intermediate certificates is
> >> an incorrect behaviour, though I don't know if this is a problem that
> >> can be solved in Dovecot or has to be addressed in openssl itself.
> >>
> >> Do you get any issue in certificate validation in the client?
> >>
> >> John
> >
> > You sure your cert file does not contain unrelated certificates?
> > ---
> > Aki Tuomi
> 
> Aki
> 
> I'll leave Peter to respond about his cert files, but in the test I did,
> each the ssl_cert and ssl_alt_cert each contained the server cert and
> the next cert in the chain. However, both intermediates were supplied
> whether using RSA or ECDSA.
> 
> John
>

I can confirm this behaviour. We'll look into it.

Aki

Re: Extra intermediate certificate when using ssl_alt_cert

2018-03-10 Thread John Fawcett 
On 10/03/18 14:20, John Fawcett wrote:
> On 10/03/18 14:06, Aki Tuomi wrote:
>>
>>> On 10 March 2018 at 14:49 John Fawcett < j...@voipsupport.it
>>> > wrote:
>>>
>>>
>>> On 08/03/18 18:43, Peter Linss wrote:
 I just added an ECDSA certificate to my mail server using
 ssl_alt_cert (the RSA certificate is specified by ssl_cert), both
 certificate files contain the certificate and a single intermediate
 (which currently happens to be the same intermediate from Let’s
 Encrypt).
 When connecting to the server using either RSA or ECDSA ciphers,
 the server sends the proper certificate, but also sends two
 intermediates. Apparently it’s reading the intermediate from both
 files and using both for all situations, rather than using only the
 intermediate in the RSA file for RSA certificates, and the
 intermediate in the ECDSA file for ECDSA certificates. I expect
 this will be a bigger problem when Let’s Encrypt starts using ECDSA
 intermediates.
 Removing the intermediate from the ssl_alt_cert file solves the
 problem (but then doesn’t allow an ECDSA intermediate to be
 specified).
>>> I believe that supplying multiple unrelated intermediate
>>> certificates is
>>> an incorrect behaviour, though I don't know if this is a problem that
>>> can be solved in Dovecot or has to be addressed in openssl itself.
>>>
>>> Do you get any issue in certificate validation in the client?
>>>
>>> John
>>
>> You sure your cert file does not contain unrelated certificates?
>> ---
>> Aki Tuomi
>
> Aki
>
> I'll leave Peter to respond about his cert files, but in the test I
> did, each the ssl_cert and ssl_alt_cert each contained the server cert
> and the next cert in the chain. However, both intermediates were
> supplied whether using RSA or ECDSA.
>
> John
>
May need to look into using SSL_CTX_add1_chain_cert() instead of
SSL_CTX_add_extra_chain_cert()

John

Re: Extra intermediate certificate when using ssl_alt_cert

2018-03-10 Thread John Fawcett 
On 10/03/18 14:06, Aki Tuomi wrote:
>
>> On 10 March 2018 at 14:49 John Fawcett < j...@voipsupport.it
>> > wrote:
>>
>>
>> On 08/03/18 18:43, Peter Linss wrote:
>>> I just added an ECDSA certificate to my mail server using
>>> ssl_alt_cert (the RSA certificate is specified by ssl_cert), both
>>> certificate files contain the certificate and a single intermediate
>>> (which currently happens to be the same intermediate from Let’s
>>> Encrypt).
>>> When connecting to the server using either RSA or ECDSA ciphers, the
>>> server sends the proper certificate, but also sends two
>>> intermediates. Apparently it’s reading the intermediate from both
>>> files and using both for all situations, rather than using only the
>>> intermediate in the RSA file for RSA certificates, and the
>>> intermediate in the ECDSA file for ECDSA certificates. I expect this
>>> will be a bigger problem when Let’s Encrypt starts using ECDSA
>>> intermediates.
>>> Removing the intermediate from the ssl_alt_cert file solves the
>>> problem (but then doesn’t allow an ECDSA intermediate to be specified).
>> I believe that supplying multiple unrelated intermediate certificates is
>> an incorrect behaviour, though I don't know if this is a problem that
>> can be solved in Dovecot or has to be addressed in openssl itself.
>>
>> Do you get any issue in certificate validation in the client?
>>
>> John
>
> You sure your cert file does not contain unrelated certificates?
> ---
> Aki Tuomi

Aki

I'll leave Peter to respond about his cert files, but in the test I did,
each the ssl_cert and ssl_alt_cert each contained the server cert and
the next cert in the chain. However, both intermediates were supplied
whether using RSA or ECDSA.

John

Re: Extra intermediate certificate when using ssl_alt_cert

2018-03-10 Thread Aki Tuomi 


 
 
  
   
  
  
   
On 10 March 2018 at 14:49 John Fawcett <
j...@voipsupport.it> wrote:
   
   

   
   

   
   
On 08/03/18 18:43, Peter Linss wrote:
   
   

 I just added an ECDSA certificate to my mail server using ssl_alt_cert (the RSA certificate is specified by ssl_cert), both certificate files contain the certificate and a single intermediate (which currently happens to be the same intermediate from Let’s Encrypt).

   
   

 When connecting to the server using either RSA or ECDSA ciphers, the server sends the proper certificate, but also sends two intermediates. Apparently it’s reading the intermediate from both files and using both for all situations, rather than using only the intermediate in the RSA file for RSA certificates, and the intermediate in the ECDSA file for ECDSA certificates. I expect this will be a bigger problem when Let’s Encrypt starts using ECDSA intermediates.

   
   

 Removing the intermediate from the ssl_alt_cert file solves the problem (but then doesn’t allow an ECDSA intermediate to be specified).

   
   
I believe that supplying multiple unrelated intermediate certificates is
   
   
an incorrect behaviour, though I don't know if this is a problem that
   
   
can be solved in Dovecot or has to be addressed in openssl itself.
   
   

   
   
Do you get any issue in certificate validation in the client?
   
   

   
   
John
   
  
  
   
  
  
   You sure your cert file does not contain unrelated certificates?
  
  
   ---
   Aki Tuomi

Re: Extra intermediate certificate when using ssl_alt_cert

2018-03-10 Thread John Fawcett 
On 08/03/18 18:43, Peter Linss wrote:
> I just added an ECDSA certificate to my mail server using ssl_alt_cert (the 
> RSA certificate is specified by ssl_cert), both certificate files contain the 
> certificate and a single intermediate (which currently happens to be the same 
> intermediate from Let’s Encrypt).
>
> When connecting to the server using either RSA or ECDSA ciphers, the server 
> sends the proper certificate, but also sends two intermediates. Apparently 
> it’s reading the intermediate from both files and using both for all 
> situations, rather than using only the intermediate in the RSA file for RSA 
> certificates, and the intermediate in the ECDSA file for ECDSA certificates. 
> I expect this will be a bigger problem when Let’s Encrypt starts using ECDSA 
> intermediates.
>
> Removing the intermediate from the ssl_alt_cert file solves the problem (but 
> then doesn’t allow an ECDSA intermediate to be specified).

I believe that supplying multiple unrelated intermediate certificates is
an incorrect behaviour, though I don't know if this is a problem that
can be solved in Dovecot or has to be addressed in openssl itself.

Do you get any issue in certificate validation in the client?

John

Extra intermediate certificate when using ssl_alt_cert

2018-03-08 Thread Peter Linss 
I just added an ECDSA certificate to my mail server using ssl_alt_cert (the RSA 
certificate is specified by ssl_cert), both certificate files contain the 
certificate and a single intermediate (which currently happens to be the same 
intermediate from Let’s Encrypt).

When connecting to the server using either RSA or ECDSA ciphers, the server 
sends the proper certificate, but also sends two intermediates. Apparently it’s 
reading the intermediate from both files and using both for all situations, 
rather than using only the intermediate in the RSA file for RSA certificates, 
and the intermediate in the ECDSA file for ECDSA certificates. I expect this 
will be a bigger problem when Let’s Encrypt starts using ECDSA intermediates.

Removing the intermediate from the ssl_alt_cert file solves the problem (but 
then doesn’t allow an ECDSA intermediate to be specified).

Configuration:
# 2.2.34 (874deae): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.22 (22940fb7)
# OS: Linux 4.14.17-x86_64-linode99 x86_64 Debian 9.3 ext4
# Hostname: [redacted]
auth_mechanisms = plain login
listen = [ipv4 redacted], [ipv6 redacted]
mail_location = maildir:/var/mail/vhosts/%d/%n
mail_privileged_group = mail
namespace inbox {
  inbox = yes
  location = 
  mailbox Drafts {
special_use = \Drafts
  }
  mailbox Junk {
special_use = \Junk
  }
  mailbox Sent {
special_use = \Sent
  }
  mailbox "Sent Messages" {
special_use = \Sent
  }
  mailbox Trash {
special_use = \Trash
  }
  prefix = 
}
passdb {
  args = /etc/dovecot/dovecot-sql.conf.ext
  driver = sql
}
passdb {
  args = /etc/dovecot/dovecot-ldap.conf.ext
  driver = ldap
}
protocols = imap lmtp
service auth-worker {
  user = vmail
}
service auth {
  unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0666
user = postfix
  }
  unix_listener auth-userdb {
mode = 0600
user = vmail
  }
  user = dovecot
}
service imap-login {
  inet_listener imap {
port = 0
  }
  inet_listener imaps {
port = 993
ssl = yes
  }
}
service lmtp {
  unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0600
user = postfix
  }
}
ssl = required
ssl_alt_cert =