git.ipfire.org Git - thirdparty/postfix.git/log

]> git.ipfire.org Git - thirdparty/postfix.git/log

projects / thirdparty / postfix.git / log

commit | commitdiff | tree

Viktor Dukhovni [Fri, 9 Nov 2018 04:22:20 +0000 (23:22 -0500)]

DH parameter bitrot

commit | commitdiff | tree

Viktor Dukhovni [Sat, 20 Aug 2016 04:13:43 +0000 (00:13 -0400)]

Bitrot: More OpenSSL 1.1.0 API constification

The accessors for ASN1_STRING and X509 before/after dates have new
names and now return const data. Deal with the fallout.

commit | commitdiff | tree

Viktor Dukhovni [Sun, 24 Apr 2016 13:40:13 +0000 (09:40 -0400)]

Bitrot: X509_STORE_CTX opaque in OpenSSL 1.1.0

commit | commitdiff | tree

Viktor Dukhovni [Sun, 29 May 2016 17:30:14 +0000 (13:30 -0400)]

Disable reuse of ECDH ephemeral keys

commit | commitdiff | tree

Viktor Dukhovni [Thu, 17 Mar 2016 21:00:32 +0000 (17:00 -0400)]

Bitrot: OpenSSL 1.1.0 and later (de)initialization is implicit

commit | commitdiff | tree

Viktor Dukhovni [Mon, 15 Feb 2016 06:13:06 +0000 (01:13 -0500)]

Bitrot: auto-initialization of OpenSSL 1.1.0

The functions SSL_library_init(), SSL_load_error_strings() and
OpenSSL_add_ssl_algorithms() are deprecated in OpenSSL 1.1.0.

Instead the library auto-initializes. Though it is possible to
call OPENSSL_init_crypto() and OPENSSL_init_ssl() for explicit
control over initialization, for now there is no apparent reason
to do so. This may change, so explicit initialization might yet
become necessary.

commit | commitdiff | tree

Viktor Dukhovni [Fri, 13 Jun 2014 02:56:47 +0000 (22:56 -0400)]

Upcoming OpenSSL security levels disable "weak" crypto.

Bitrot:  OpenSSL 1.1.0-dev (aka the "master" branch) has new security
levels ranging from 0 to 5.

  * Level "0" is backwards compatible anything goes.

  * Level "1", the new default, is roughly 80-bit or greater security
    across the board (block ciphers, EDH parameters, EC curves, RSA
    bit lengths, ...).  It also disables anonymous ciphersuites,
    breaking "smtpd_tls_cert_file = none", and in is stronger than
    we want for opportunistic TLS.

  * The remaining levels are for now too strong even for mandatory
    authenticated TLS, they disable RC4, RSA keys shorter than 2048
    bits, and SSLv3.

Therefore, (subject to the presence of the feature detected via
macro recommended by Steve Henson), we revert the default security
level back to 0 in the application SSL context.  Users can if they
wish change this by appending ":@SECURITY=<n>" to the various tls
cipherlists.  TODO: we'll shold also add a main.cf parameter and
policy table overrides for this at some point, provided we can
figure out how to explain yet another "mumble_level" to the users.

When authentication is mandatory in either the SMTP client or in
the SMTP server (smtpd_tls_req_ccert = yes) we set the security
level to 1 to ensure adequately strong parameters.

When testing this, discovered that verification error reasons are
not logged in the SMTP server, cloned and tested corresponding code
from the client.

Sample logging (when client cert has wrong EKU):

    smtpd[63016]: certificate verification failed for localhost[127.0.0.1]: not designated for use as a client certificate
    smtpd[63016]: Untrusted TLS connection established from localhost[127.0.0.1]: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
    smtpd[63016]: NOQUEUE: abort: TLS from localhost[127.0.0.1]: Client certificate not trusted

commit | commitdiff | tree

Viktor Dukhovni [Thu, 4 Feb 2016 09:00:27 +0000 (04:00 -0500)]

Bitrot: session_id constification in callbacks

commit | commitdiff | tree

Viktor Dukhovni [Fri, 29 Jan 2016 08:31:53 +0000 (03:31 -0500)]

Bitrot: EVP_PKEY structure opaque in OpenSSL 1.1.0

EVP_PKEY finally joins X509 in OpenSSL 1.1.0-dev API cleanup march

commit | commitdiff | tree

Viktor Dukhovni [Sun, 10 Jan 2016 06:59:29 +0000 (01:59 -0500)]

Bitrot: OpenSSL 1.1.0 constification

commit | commitdiff | tree

Viktor Dukhovni [Sun, 6 Dec 2015 23:39:12 +0000 (18:39 -0500)]

Bitrot: OpenSSL 1.1.0-dev drops EXPORT ciphers and ephemeral RSA