Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-15930

Minumum TLS version not enforce for postfix

Linking RHIVOS CVEs to...Migration: Automation ...RHELPRIO AssignedTeam ...SWIFT: POC ConversionSync from "Extern...XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Won't Do
    • Icon: Undefined Undefined
    • None
    • rhel-8.8.0
    • postfix
    • None
    • None
    • rhel-net-perf
    • ssg_core_services
    • None
    • False
    • False
    • Hide

      None

      Show
      None
    • None
    • Red Hat Enterprise Linux
    • None
    • None
    • None
    • x86_64
    • None

      What were you trying to do that didn't work?

      As described here[1] DEFAULT crypto policy should disallow TLS1 / 1.1, but this is not the case for postfix as connections with TLS1 / 1.1 are allowed by default. To block these connections, one has to use the FUTURE policy.

      [1] https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening

      Please provide the package NVR for which bug is seen:

      postfix-3.5.8-4.el8.x86_64

      openssl-1.1.1k-9.el8_7.x86_64

      crypto-policies-20221215-1.gitece0092.el8.noarch

      How reproducible:

      With DEFAULT policy, get openssl allowed protocols and observe how TLS1 is enabled:

      # openssl ciphers -v | grep "TLSv1 "
      ECDHE-ECDSA-AES256-SHA  TLSv1 Kx=ECDH     Au=ECDSA Enc=AES(256)  Mac=SHA1
      ECDHE-RSA-AES256-SHA    TLSv1 Kx=ECDH     Au=RSA  Enc=AES(256)  Mac=SHA1
      ECDHE-ECDSA-AES128-SHA  TLSv1 Kx=ECDH     Au=ECDSA Enc=AES(128)  Mac=SHA1
      ECDHE-RSA-AES128-SHA    TLSv1 Kx=ECDH     Au=RSA  Enc=AES(128)  Mac=SHA1
      PSK-AES128-CBC-SHA256   TLSv1 Kx=PSK      Au=PSK  Enc=AES(128)  Mac=SHA256
      DHE-PSK-AES128-CBC-SHA256 TLSv1 Kx=DHEPSK   Au=PSK  Enc=AES(128)  Mac=SHA256
      ECDHE-PSK-AES256-CBC-SHA TLSv1 Kx=ECDHEPSK Au=PSK  Enc=AES(256)  Mac=SHA1
      ECDHE-PSK-AES128-CBC-SHA256 TLSv1 Kx=ECDHEPSK Au=PSK  Enc=AES(128)  Mac=SHA256
      ECDHE-PSK-AES128-CBC-SHA TLSv1 Kx=ECDHEPSK Au=PSK  Enc=AES(128)  Mac=SHA1

      Postfix does accept connections via TLS1.1:

      # openssl s_client -connect localhost:587 -starttls smtp -tls1
      New, TLSv1.0, Cipher is ECDHE-RSA-AES256-SHA
      Server public key is 2048 bit
      Secure Renegotiation IS supported
      Compression: NONE
      Expansion: NONE
      No ALPN negotiated
      SSL-Session:
          Protocol  : TLSv1
          Cipher    : ECDHE-RSA-AES256-SHA

       

      httpd (correctly) seems to not allow such connections:

      # gnutls-cli localhost --insecure --priority "NORMAL:-VERS-ALL:+VERS-TLS1.1" </dev/null
      Processed 0 CA certificate(s).
      Resolving 'localhost:443'...
      Connecting to '::1:443'...
      *** Fatal error: A TLS fatal alert has been received.
      *** Received alert [70]: Error in protocol version

      Steps to reproduce

      1. update-crypto-policy --set DEFAULT
      2. openssl ciphers -v | grep "TLSv1 "
      3. openssl s_client -connect localhost:587 -starttls smtp -tls1

      Expected results

      TLS <=1.2 should be disabled

      Actual results

      At least some TLS 1 / 1.1 connections are allowed.

              jskarvad Jaroslav Škarvada
              g.danti@assyoma.it Gionatan Danti (Inactive)
              Jaroslav Škarvada Jaroslav Škarvada
              Frantisek Hrdina Frantisek Hrdina
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: