** Description changed: + [Impact] + + Applications using GnuTLS OpenSSL compat layer [1] are be unable to use + modern TLS versions (1.1 and 1.2) when relying on the + SSLv23_{client,server}_method functions. + + There is an industry-wide push to use modern TLS versions, see [2] and + [3] for example. + + The proposed fix changes the compat layer to use GnuTLS' "NORMAL" + priority [4] instead of hard-coding which protocol versions and ciphers + to enable. + + [Test Case] + + 1) Setup a mail submission server that uses StartTLS + 2) Setup sSMTP (uses GnuTLS OpenSSL compat layer) to relay + through the mail relay using StartTLS + 3) Send an email while capturing with tcpdump/tshark + 4) Inspect the submission connection (TCP/587) and look for the protocol + version negotiated by the client. + + Without the fix, you should see TLSv1.0. With the fix, it should be + TLSv1.2. + + Please see the original issue description for more details. + + [Regression Potential] + + Regression risk should be low since it's a backport of a simple fix that + landed in Debian in April 2017. + + [References] + + 1: $ apt-cache rdepends libgnutls-openssl27 + libgnutls-openssl27 + Reverse Depends: + libgnutls-dev + libgnutls-dev + zoneminder + yaskkserv + tf5 + ssmtp + snowdrop + sngrep + slrnpull + slrn + sipsak + macopix-gtk2 + gnss-sdr + gkrellm + freewheeling + boinctui + iputils-ping + + 2: https://lists.debian.org/debian-devel-announce/2017/08/msg00004.html + 3: https://blog.pcisecuritystandards.org/migrating-from-ssl-and-early-tls + 4: https://gnutls.org/manual/html_node/Priority-Strings.html + + + [Original issue description] + sSMTP is limited to using TLSv1.0 and the "old" ciphers that come with it. Here's a packet capture when ssmtp connects to smtp.sdeziel.info:587 that offers TLSv1.0 and higher: $ tshark -ta -Vr submission.pcap | sed -n '/^Frame 14:/,/^Frame 15:/ p' | grep -E '^[[:space:]]+(Version|Cipher|Handshake Protocol)' - Version: TLS 1.0 (0x0301) - Handshake Protocol: Client Hello - Version: TLS 1.0 (0x0301) - Cipher Suites Length: 30 - Cipher Suites (15 suites) - Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f) - Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035) - Cipher Suite: TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (0x0041) - Cipher Suite: TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0084) - Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a) - Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x0033) - Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x0039) - Cipher Suite: TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (0x0045) - Cipher Suite: TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0088) - Cipher Suite: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x0016) - Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x0032) - Cipher Suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA (0x0038) - Cipher Suite: TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA (0x0044) - Cipher Suite: TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA (0x0087) - Cipher Suite: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x0013) + Version: TLS 1.0 (0x0301) + Handshake Protocol: Client Hello + Version: TLS 1.0 (0x0301) + Cipher Suites Length: 30 + Cipher Suites (15 suites) + Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f) + Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035) + Cipher Suite: TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (0x0041) + Cipher Suite: TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0084) + Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a) + Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x0033) + Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x0039) + Cipher Suite: TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (0x0045) + Cipher Suite: TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0088) + Cipher Suite: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x0016) + Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x0032) + Cipher Suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA (0x0038) + Cipher Suite: TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA (0x0044) + Cipher Suite: TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA (0x0087) + Cipher Suite: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x0013) I would expect ssmtp to use TLSv1.2 and a recent cipher like the openssl s_client is able to do: $ echo | openssl s_client -connect smtp.sdeziel.info:587 -starttls smtp 2>/dev/null | grep -E '^[[:space:]]+(Protocol|Cipher)' - Protocol : TLSv1.2 - Cipher : ECDHE-RSA-AES128-GCM-SHA256 - + Protocol : TLSv1.2 + Cipher : ECDHE-RSA-AES128-GCM-SHA256 Additional information: $ lsb_release -rd Description: Ubuntu 16.04.3 LTS Release: 16.04 $ apt-cache policy ssmtp libgnutls-openssl27 ssmtp: - Installed: 2.64-8ubuntu1 - Candidate: 2.64-8ubuntu1 - Version table: - *** 2.64-8ubuntu1 500 - 500 http://archive.ubuntu.com/ubuntu xenial/universe amd64 Packages - 100 /var/lib/dpkg/status + Installed: 2.64-8ubuntu1 + Candidate: 2.64-8ubuntu1 + Version table: + *** 2.64-8ubuntu1 500 + 500 http://archive.ubuntu.com/ubuntu xenial/universe amd64 Packages + 100 /var/lib/dpkg/status libgnutls-openssl27: - Installed: 3.4.10-4ubuntu1.3 - Candidate: 3.4.10-4ubuntu1.3 - Version table: - *** 3.4.10-4ubuntu1.3 500 - 500 http://archive.ubuntu.com/ubuntu xenial-updates/main amd64 Packages - 500 http://security.ubuntu.com/ubuntu xenial-security/main amd64 Packages - 100 /var/lib/dpkg/status - 3.4.10-4ubuntu1 500 - 500 http://archive.ubuntu.com/ubuntu xenial/main amd64 Packages + Installed: 3.4.10-4ubuntu1.3 + Candidate: 3.4.10-4ubuntu1.3 + Version table: + *** 3.4.10-4ubuntu1.3 500 + 500 http://archive.ubuntu.com/ubuntu xenial-updates/main amd64 Packages + 500 http://security.ubuntu.com/ubuntu xenial-security/main amd64 Packages + 100 /var/lib/dpkg/status + 3.4.10-4ubuntu1 500 + 500 http://archive.ubuntu.com/ubuntu xenial/main amd64 Packages ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: ssmtp 2.64-8ubuntu1 [modified: etc/ssmtp/revaliases] ProcVersionSignature: Ubuntu 4.4.0-89.112-generic 4.4.76 Uname: Linux 4.4.0-89-generic x86_64 ApportVersion: 2.20.1-0ubuntu2.10 Architecture: amd64 Date: Mon Aug 7 18:13:33 2017 ProcEnviron: - TERM=xterm - PATH=(custom, no user) - LANG=en_US.UTF-8 - SHELL=/bin/bash + TERM=xterm + PATH=(custom, no user) + LANG=en_US.UTF-8 + SHELL=/bin/bash SourcePackage: ssmtp UpgradeStatus: No upgrade log present (probably fresh install) modified.conffile..etc.ssmtp.revaliases: [modified] mtime.conffile..etc.ssmtp.revaliases: 2017-08-05T13:44:06.274302
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1709193 Title: Unable to use TLSv1.1 or 1.2 with OpenSSL compat layer To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnutls26/+bug/1709193/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs