Univention Bugzilla – Bug 38044
Postfix: Allow to disable the use of SSLv3 (Poodle-Bug)
Last modified: 2015-05-07 17:44:34 CEST
Hey there, On October 14th, 2014, a vulnerability called POODLE (Padding Oracle On Downgraded Legacy Encryption) in version 3 of the SSL encryption protocol was disclosed. This vulnerability allows an attacker to read information encrypted with this version of the protocol in plain text using a man-in-the-middle attack. The POODLE vulnerability affects any services or clients that make it possible to communicate using SSLv3. Because this is a flaw with the protocol design, and not an implementation issue, every piece of software that uses SSLv3 is vulnerable. --> Postfix SMTP In case of 'opportunistic SSL' (encryption policy not enforced and plain is acceptable too), there is no need to change anything. Even though it's unnecessary, SSLv3 can be disabled for opportunistic encryption as well. This settings are not recommended: smtpd_tls_protocols=!SSLv2,!SSLv3 smtp_tls_protocols=!SSLv2,!SSLv3 In case of 'mandatory SSL' add the smtpd_tls_mandatory_protocols setting for inbound connections and smtp_tls_mandatory_protocols for outbound connections and restart Postfix: smtpd_tls_mandatory_protocols=!SSLv2,!SSLv3 smtp_tls_mandatory_protocols=!SSLv2,!SSLv3 --> UCS (4.0-1 errata113) Situation All settings are "postfix defaults" and not changeable via ucr yet. # postconf |egrep 'smtp_tls_mandatory_protocols|smtpd_tls_mandatory_protocols|smtp_tls_protocols|smtpd_tls_protocols' smtp_tls_mandatory_protocols = !SSLv2 smtp_tls_protocols = !SSLv2 smtpd_tls_mandatory_protocols = !SSLv2 smtpd_tls_protocols = tlsproxy_tls_mandatory_protocols = $smtpd_tls_mandatory_protocols tlsproxy_tls_protocols = $smtpd_tls_protocols It would be useful to allow more configuration options. There's already a UCR template: /etc/univention/templates/files/etc/postfix/main.cf.d/60_tls I am going to write a patch for this issue. I filled this bugreport as an enhancement only, so feel free to rise the severity level ;) with best regards Lutz Willek
Created attachment 6762 [details] Patch allowing to disable the use of SSLv3 via ucr Patch allowing to configure the following postfix variables via ucr: smtpd_tls_mandatory_protocols smtpd_tls_protocols smtp_tls_mandatory_protocols smtp_tls_protocols The default config will not be altered by using this patch.
apply and test the patch: root@zarafa:~# apt-get install patch ## create a backup root@zarafa:~# cp /etc/postfix/main.cf /etc/postfix/main.cf.orig root@zarafa:~# postconf >postconf.orig root@zarafa:~# mkdir /etc/univention/templates/files/etc/postfix/main.cf.d_orig root@zarafa:~# cp -a /etc/univention/templates/files/etc/postfix/main.cf.d/60_tls \ /etc/univention/templates/files/etc/postfix/main.cf.d_orig/60_tls ## patch and commit root@zarafa:~# patch -p0 < postfix_tls_protocols.patch /etc/univention/templates/files/etc/postfix/main.cf.d/60_tls root@zarafa:~# ucr commit /etc/postfix/main.cf root@zarafa:~# service postfix restart ## diff to original main.cf and postconf after patching root@zarafa:~# diff /etc/postfix/main.cf.orig /etc/postfix/main.cf 104a105,106 > smtpd_tls_mandatory_protocols = !SSLv2 > smtpd_tls_protocols = 120a123,124 > smtp_tls_mandatory_protocols = !SSLv2 > smtp_tls_protocols = !SSLv2 root@zarafa:~# postconf >postconf.diff root@zarafa:~# diff postconf.orig postconf.diff root@zarafa:~# ^^^patch works like expected, default config is not changed ## set new default variables, commit and test: ucr set mail/postfix/smtpd/tls/mandatory_protocols='!SSLv2' ucr set mail/postfix/smtpd/tls/protocols='' ucr set mail/postfix/tls/client/mandatory_protocols='!SSLv2' ucr set mail/postfix/tls/client/protocols='!SSLv2' ucr commit /etc/postfix/main.cf service postfix restart root@zarafa:~# diff /etc/postfix/main.cf.orig /etc/postfix/main.cf 104a105,106 > smtpd_tls_mandatory_protocols = !SSLv2 > smtpd_tls_protocols = 120a123,124 > smtp_tls_mandatory_protocols = !SSLv2 > smtp_tls_protocols = !SSLv2 root@zarafa:~# postconf >postconf.diff root@zarafa:~# diff postconf.orig postconf.diff root@zarafa:~# ^^^patch works like expected, default config is not changed after variables are set ## precheck if SSLv3 is aviable root@zarafa:~# openssl s_client -starttls smtp -crlf -ssl3 -connect 127.0.0.1:25 CONNECTED(00000003) [...snip...] New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-SHA Server public key is 4048 bit Secure Renegotiation IS supported Compression: zlib compression Expansion: zlib compression SSL-Session: Protocol : SSLv3 Cipher : ECDHE-RSA-AES256-SHA [...snip...] ^^^ssl3 is aviable ## Disable the use of SSLv3 (testing variables) ucr set mail/postfix/smtpd/tls/mandatory_protocols='!SSLv2,!SSLv3' ucr set mail/postfix/smtpd/tls/protocols='!SSLv2,!SSLv3' ucr set mail/postfix/tls/client/mandatory_protocols='!SSLv2,!SSLv3' ucr set mail/postfix/tls/client/protocols='!SSLv2,!SSLv3' ucr commit /etc/postfix/main.cf service postfix restart root@zarafa:~# diff /etc/postfix/main.cf.orig /etc/postfix/main.cf 104a105,106 > smtpd_tls_mandatory_protocols = !SSLv2,!SSLv3 > smtpd_tls_protocols = !SSLv2,!SSLv3 120a123,124 > smtp_tls_mandatory_protocols = !SSLv2,!SSLv3 > smtp_tls_protocols = !SSLv2,!SSLv3 root@zarafa:~# postconf >postconf.diff root@zarafa:~# diff postconf.orig postconf.diff 593c593 < smtp_tls_mandatory_protocols = !SSLv2 --- > smtp_tls_mandatory_protocols = !SSLv2,!SSLv3 597c597 < smtp_tls_protocols = !SSLv2 --- > smtp_tls_protocols = !SSLv2,!SSLv3 689,690c689,690 < smtpd_tls_mandatory_protocols = !SSLv2 < smtpd_tls_protocols = --- > smtpd_tls_mandatory_protocols = !SSLv2,!SSLv3 > smtpd_tls_protocols = !SSLv2,!SSLv3 ^^^patch works like expected ## check if patch is working like expected (ie. SSLv3 is disabled now) root@zarafa:~# openssl s_client -starttls smtp -crlf -ssl3 -connect 127.0.0.1:25 CONNECTED(00000003) 140006034015912:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1260:SSL alert number 40 140006034015912:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:598: ... ^^^ssl3 is not aviable (sslv3 alert handshake failure...)
description of the variables mail/univention-mail-postfix/debian/univention-mail-postfix.univention-config-registry-variables: [mail/postfix/smtpd/tls/mandatory_protocols] Description[de]=Liste der TLS-Protokolle, die der Postfix SMTP-Server mit zwingenden TLS-Verschlüsselung verwendet. (Standard ist: !SSLv2) http://www.postfix.org/postconf.5.html#smtpd_tls_mandatory_protocols Description[en]=The SSL/TLS protocols accepted by the Postfix SMTP server with mandatory TLS encryption. (default: !SSLv2) http://www.postfix.org/postconf.5.html#smtpd_tls_mandatory_protocols Type=str Categories=service-mail [mail/postfix/smtpd/tls/protocols] Description[de]=Liste der TLS-Protokolle, die der Postfix SMTP-Server mit opportunistischer TLS-Verschlüsselung verwendet. (Standard ist: nicht gesetzt) http://www.postfix.org/postconf.5.html#smtpd_tls_protocols Description[en]=List of TLS protocols that the Postfix SMTP server will exclude or include with opportunistic TLS encryption. (default: empty) http://www.postfix.org/postconf.5.html#smtpd_tls_protocols Type=str Categories=service-mail [mail/postfix/tls/client/mandatory_protocols] Description[de]=Liste der TLS-Protokolle, die der Postfix SMTP-Client mit zwingenden TLS-Verschlüsselung verwendet. (Standard ist: !SSLv2) http://www.postfix.org/postconf.5.html#smtp_tls_mandatory_protocols Description[en]=List of SSL/TLS protocols that the Postfix SMTP client will use with mandatory TLS encryption. (default: !SSLv2) http://www.postfix.org/postconf.5.html#smtp_tls_mandatory_protocols Type=str Categories=service-mail [mail/postfix/tls/client/protocols] Description[de]=Liste der TLS-Protokolle, die der Postfix SMTP-Client mit opportunistischer TLS-Verschlüsselung verwendet. (Standard ist: !SSLv2) http://www.postfix.org/postconf.5.html#smtp_tls_protocols Description[en]=List of TLS protocols that the Postfix SMTP client will exclude or include with opportunistic TLS encryption. (default: !SSLv2) http://www.postfix.org/postconf.5.html#smtp_tls_protocols Type=str Categories=service-mail /mail/univention-mail-postfix/debian/univention-mail-postfix.univention-config-registry ... Type: subfile Multifile: etc/postfix/main.cf Subfile: etc/postfix/main.cf.d/60_tls ... Variables: mail/postfix/smtpd/tls/mandatory_protocols Variables: mail/postfix/smtpd/tls/protocols Variables: mail/postfix/tls/client/mandatory_protocols Variables: mail/postfix/tls/client/protocols
Just as a note: To disable SSLv2 and SSLv3 with Postfix, run the following commands: ucr set mail/postfix/smtpd/tls/mandatory_protocols='!SSLv2,!SSLv3' ucr set mail/postfix/smtpd/tls/protocols='' ucr set mail/postfix/tls/client/mandatory_protocols='!SSLv2,!SSLv3' ucr set mail/postfix/tls/client/protocols='!SSLv2,!SSLv3' I can not recommend restricting "mail/postfix/smtpd/tls/protocols", ie the Postfix parameter "smtpd_tls_protocols". Doing so increasing the chance not to be able to agree with other mail servers to any suitable protocol or cipher suite. (In this case data is passed without encryption) Please review the patch, and, if possible, apply to UCS 4.0-1-errata. Best regards Lutz Willek
@Daniel, can you review and apply the patch please. If everything is fine you can commit it and build for UCS 4.0-1-errata.
Thank you for a perfect patch Lutz Willek. Adds UCR variables: * mail/postfix/smtpd/tls/protocols to set smtpd_tls_protocols * mail/postfix/smtpd/tls/mandatory_protocols to set smtpd_tls_mandatory_protocols * mail/postfix/tls/client/protocols to set smtp_tls_protocols * mail/postfix/tls/client/mandatory_protocols to set smtp_tls_mandatory_protocols SSLv3 will be disabled for fresh Postfix installs (except for receiving mails). Commit: r59834 Package: mail/univention-mail-postfix YAML: 2015-04-16-univention-mail-postfix.yaml
(In reply to Daniel Tröder from comment #6) > Thank you for a perfect patch Lutz Willek. > > Adds UCR variables: > * mail/postfix/smtpd/tls/protocols to set smtpd_tls_protocols > * mail/postfix/smtpd/tls/mandatory_protocols to set > smtpd_tls_mandatory_protocols > * mail/postfix/tls/client/protocols to set smtp_tls_protocols > * mail/postfix/tls/client/mandatory_protocols to set > smtp_tls_mandatory_protocols > > SSLv3 will be disabled for fresh Postfix installs (except for receiving > mails). > > Commit: r59834 > Package: mail/univention-mail-postfix > YAML: 2015-04-16-univention-mail-postfix.yaml During update, the default values will be kept. Fresh installations will disable SSLv2 and SSLv3 (except for incoming mails in opportunistic TLS mode). Please do not abbreviate the UCR variables within the YAML file; add all 4 variable names → REOPEN Please add <..> arround the hyperlinks <http://...> within UCR variable description. OK: code change OK: functional test (update / fresh install) REOPEN: UCR variable description REOPEN: YAML
fixed UCR variable description in r60508 fixed YAML in r60512
(In reply to Daniel Tröder from comment #8) > fixed UCR variable description in r60508 OK > fixed YAML in r60512 OK REOPEN: please fix the bug number in debian/changelog.
Done in 60519.
(In reply to Daniel Tröder from comment #10) > Done in 60519. OK
<http://errata.univention.de/ucs/4.0/183.html>