(the "ffdhe" identifiers).
At this point, all of the "ike" values should be considered obsolete;
-they're still in Exim to avoid breaking unusual configurations, but are
+they are still in Exim to avoid breaking unusual configurations, but are
candidates for removal the next time we have backwards-incompatible changes.
+.new
+Two of them in particular (&`ike1`& and &`ike22`&) are called out by RFC 8247
+as MUST NOT use for IPSEC, and two more (&`ike23`& and &`ike24`&) as
+SHOULD NOT.
+Because of this, Exim regards them as deprecated; if either of the first pair
+are used, warnings will be logged in the paniclog, and if any are used then
+warnings will be logged in the mainlog.
+All four will be removed in a future Exim release.
+.wen
The TLS protocol does not negotiate an acceptable size for this; clients tend
to hard-drop connections if what is offered by the server is unacceptable,
in 4.95 trapped when normalisation was applied to an option not needing
expansion action.
+JH/14 Bug 1895: TLS: Deprecate RFC 5114 Diffie-Hellman parameters.
+
Exim version 4.95
-----------------
/* ========================================================================= */
-/*
- * Generated by Phil as a non-standard option.
- * openssl dhparam -2 2048
- * No provenance to prove non-tampering available, beyond trusting that this
- * developer generated this as stated above.
- */
+/* Generated by Phil as a non-standard option.
+openssl dhparam -2 2048
+No provenance to prove non-tampering available, beyond trusting that this
+developer generated this as stated above. */
+
/* MacOSX 10.10.5 invoking system OpenSSL 0.9.8zg */
static const char dh_exim_20160529_1[] =
/* ========================================================================= */
struct dh_constant {
- const char *label;
- const char *pem;
+ const char * label;
+ const char * pem;
+ int logging;
};
#define EXIM_DH_PRIME_DEFAULT dh_exim_20160529_3
/* KEEP SORTED ALPHABETICALLY;
- * duplicate PEM are okay, if we want aliases, but names must be alphabetical */
+duplicate PEM are okay, if we want aliases, but names must be alphabetical */
+
static struct dh_constant dh_constants[] = {
/* label pem */
- { "default", EXIM_DH_PRIME_DEFAULT },
- { "exim.dev.20160529.1", dh_exim_20160529_1 },
- { "exim.dev.20160529.2", dh_exim_20160529_2 },
- { "exim.dev.20160529.3", dh_exim_20160529_3 },
- { "ffdhe2048", dh_ffdhe2048_pem },
- { "ffdhe3072", dh_ffdhe3072_pem },
- { "ffdhe4096", dh_ffdhe4096_pem },
- { "ffdhe6144", dh_ffdhe6144_pem },
- { "ffdhe8192", dh_ffdhe8192_pem },
- { "ike1", dh_ike_1_pem },
- { "ike14", dh_ike_14_pem },
- { "ike15", dh_ike_15_pem },
- { "ike16", dh_ike_16_pem },
- { "ike17", dh_ike_17_pem },
- { "ike18", dh_ike_18_pem },
- { "ike2", dh_ike_2_pem },
- { "ike22", dh_ike_22_pem },
- { "ike23", dh_ike_23_pem },
- { "ike24", dh_ike_24_pem },
- { "ike5", dh_ike_5_pem },
+ { "default", EXIM_DH_PRIME_DEFAULT, 0 },
+ { "exim.dev.20160529.1", dh_exim_20160529_1, 0 },
+ { "exim.dev.20160529.2", dh_exim_20160529_2, 0 },
+ { "exim.dev.20160529.3", dh_exim_20160529_3, 0 },
+ { "ffdhe2048", dh_ffdhe2048_pem, 0 },
+ { "ffdhe3072", dh_ffdhe3072_pem, 0 },
+ { "ffdhe4096", dh_ffdhe4096_pem, 0 },
+ { "ffdhe6144", dh_ffdhe6144_pem, 0 },
+ { "ffdhe8192", dh_ffdhe8192_pem, 0 },
+ { "ike1", dh_ike_1_pem, LOG_MAIN | LOG_PANIC },
+ { "ike14", dh_ike_14_pem, 0 },
+ { "ike15", dh_ike_15_pem, 0 },
+ { "ike16", dh_ike_16_pem, 0 },
+ { "ike17", dh_ike_17_pem, 0 },
+ { "ike18", dh_ike_18_pem, 0 },
+ { "ike2", dh_ike_2_pem, LOG_MAIN },
+ { "ike22", dh_ike_22_pem, LOG_MAIN | LOG_PANIC },
+ { "ike23", dh_ike_23_pem, LOG_MAIN },
+ { "ike24", dh_ike_24_pem, LOG_MAIN },
+ { "ike5", dh_ike_5_pem, 0 },
};
-static const int dh_constants_count =
- sizeof(dh_constants) / sizeof(struct dh_constant);
+static const int dh_constants_count = nelem(dh_constants);
/* A policy decision; in absence of any other data, use a 2048 bit prime,
- * pick the first one from the latest RFC providing such. */
+pick the first one from the latest RFC providing such. */
+
const char *
std_dh_prime_default(void)
{
- return EXIM_DH_PRIME_DEFAULT;
+return EXIM_DH_PRIME_DEFAULT;
}
+/* Return PEM string for given name */
+
const char *
-std_dh_prime_named(const uschar *name)
+std_dh_prime_named(const uschar * name)
{
- int first, last;
- char *search_name = CS string_copylc(US name);
-
- first = 0;
- last = dh_constants_count;
- while (last > first) {
- int middle = (first + last)/2;
- int c = strcmp(search_name, dh_constants[middle].label);
- if (c == 0)
- return dh_constants[middle].pem;
- else if (c > 0)
- first = middle + 1;
- else
- last = middle;
+for (int first = 0, last = dh_constants_count; last > first; )
+ {
+ int middle = (first + last)/2;
+ struct dh_constant * dp = &dh_constants[middle];
+ int c = Ustrcmp(name, dp->label);
+ if (c == 0)
+ {
+ if (dp->logging)
+ log_write(0, dp->logging,
+ "WARNING: deprecated Diffie-Hellman parameter '%s' used", dp->label);
+ return dp->pem;
+ }
+ else if (c > 0)
+ first = middle + 1;
+ else
+ last = middle;
}
- return NULL;
+return NULL;
}
#endif /*DISABLE_TLS*/
--- /dev/null
+# Exim test configuration 2049
+
+SERVER =
+
+.include DIR/aux-var/tls_conf_prefix
+
+primary_hostname = myhost.test.ex
+
+# ----- Main settings -----
+
+acl_smtp_rcpt = accept
+
+tls_advertise_hosts = *
+tls_certificate = DIR/aux-fixed/cert1
+tls_dhparam = ${if eq {SERVER}{server}{DATA}fail}
+
+
+# ----- Routers -----
+
+begin routers
+
+client:
+ driver = accept
+ condition = ${if eq {SERVER}{server}{no}{yes}}
+ retry_use_local_part
+ transport = send_to_server
+
+server:
+ driver = accept
+ retry_use_local_part
+ transport = local_delivery
+
+
+# ----- Transports -----
+
+begin transports
+
+local_delivery:
+ driver = appendfile
+ file = DIR/test-mail/$local_part
+ create_file = DIR/test-mail
+ headers_add = TLS: cipher=$tls_cipher peerdn=$tls_peerdn
+ user = CALLER
+
+send_to_server:
+ driver = smtp
+ allow_localhost
+ hosts = 127.0.0.1
+ port = PORT_D
+ hosts_try_fastopen = :
+ tls_verify_certificates = DIR/aux-fixed/cert1
+ tls_verify_cert_hostnames = :
+
+# End
--- /dev/null
+1999-03-02 09:44:33 10HmaX-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss
+1999-03-02 09:44:33 10HmaX-0005vi-00 => userw@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmaY-0005vi-00"
+1999-03-02 09:44:33 10HmaX-0005vi-00 Completed
+1999-03-02 09:44:33 10HmaZ-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss
+1999-03-02 09:44:33 10HmaZ-0005vi-00 => userx@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmbA-0005vi-00"
+1999-03-02 09:44:33 10HmaZ-0005vi-00 Completed
+1999-03-02 09:44:33 10HmbB-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss
+1999-03-02 09:44:33 10HmbB-0005vi-00 => userz@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmbC-0005vi-00"
+1999-03-02 09:44:33 10HmbB-0005vi-00 Completed
+1999-03-02 09:44:33 10HmbD-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss
+1999-03-02 09:44:33 10HmbD-0005vi-00 => usera@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmbE-0005vi-00"
+1999-03-02 09:44:33 10HmbD-0005vi-00 Completed
+1999-03-02 09:44:33 10HmbF-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss
+1999-03-02 09:44:33 10HmbF-0005vi-00 => userb@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmbG-0005vi-00"
+1999-03-02 09:44:33 10HmbF-0005vi-00 Completed
+
+******** SERVER ********
+1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D
+1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@myhost.test.ex H=localhost (myhost.test.ex) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaX-0005vi-00@myhost.test.ex
+1999-03-02 09:44:33 10HmaY-0005vi-00 => userw <userw@test.ex> R=server T=local_delivery
+1999-03-02 09:44:33 10HmaY-0005vi-00 Completed
+1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D
+1999-03-02 09:44:33 10HmbA-0005vi-00 <= CALLER@myhost.test.ex H=localhost (myhost.test.ex) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmaZ-0005vi-00@myhost.test.ex
+1999-03-02 09:44:33 10HmbA-0005vi-00 => userx <userx@test.ex> R=server T=local_delivery
+1999-03-02 09:44:33 10HmbA-0005vi-00 Completed
+1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D
+1999-03-02 09:44:33 10HmbC-0005vi-00 <= CALLER@myhost.test.ex H=localhost (myhost.test.ex) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbB-0005vi-00@myhost.test.ex
+1999-03-02 09:44:33 10HmbC-0005vi-00 => userz <userz@test.ex> R=server T=local_delivery
+1999-03-02 09:44:33 10HmbC-0005vi-00 Completed
+1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D
+1999-03-02 09:44:33 WARNING: deprecated Diffie-Hellman parameter 'ike24' used
+1999-03-02 09:44:33 10HmbE-0005vi-00 <= CALLER@myhost.test.ex H=localhost (myhost.test.ex) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbD-0005vi-00@myhost.test.ex
+1999-03-02 09:44:33 10HmbE-0005vi-00 => usera <usera@test.ex> R=server T=local_delivery
+1999-03-02 09:44:33 10HmbE-0005vi-00 Completed
+1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D
+1999-03-02 09:44:33 WARNING: deprecated Diffie-Hellman parameter 'ike22' used
+1999-03-02 09:44:33 10HmbG-0005vi-00 <= CALLER@myhost.test.ex H=localhost (myhost.test.ex) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbF-0005vi-00@myhost.test.ex
+1999-03-02 09:44:33 10HmbG-0005vi-00 => userb <userb@test.ex> R=server T=local_delivery
+1999-03-02 09:44:33 10HmbG-0005vi-00 Completed
1999-03-02 09:44:33 10HmbD-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss
1999-03-02 09:44:33 10HmbD-0005vi-00 => userz@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmbE-0005vi-00"
1999-03-02 09:44:33 10HmbD-0005vi-00 Completed
+1999-03-02 09:44:33 10HmbF-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss
+1999-03-02 09:44:33 10HmbF-0005vi-00 => usera@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmbG-0005vi-00"
+1999-03-02 09:44:33 10HmbF-0005vi-00 Completed
+1999-03-02 09:44:33 10HmbH-0005vi-00 <= CALLER@myhost.test.ex U=CALLER P=local S=sss
+1999-03-02 09:44:33 10HmbH-0005vi-00 => userb@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1] X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=yes C="250 OK id=10HmbI-0005vi-00"
+1999-03-02 09:44:33 10HmbH-0005vi-00 Completed
******** SERVER ********
1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D
1999-03-02 09:44:33 10HmbE-0005vi-00 <= CALLER@myhost.test.ex H=localhost (myhost.test.ex) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbD-0005vi-00@myhost.test.ex
1999-03-02 09:44:33 10HmbE-0005vi-00 => userz <userz@test.ex> R=server T=local_delivery
1999-03-02 09:44:33 10HmbE-0005vi-00 Completed
+1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D
+1999-03-02 09:44:33 WARNING: deprecated Diffie-Hellman parameter 'ike24' used
+1999-03-02 09:44:33 10HmbG-0005vi-00 <= CALLER@myhost.test.ex H=localhost (myhost.test.ex) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbF-0005vi-00@myhost.test.ex
+1999-03-02 09:44:33 10HmbG-0005vi-00 => usera <usera@test.ex> R=server T=local_delivery
+1999-03-02 09:44:33 10HmbG-0005vi-00 Completed
+1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D
+1999-03-02 09:44:33 WARNING: deprecated Diffie-Hellman parameter 'ike22' used
+1999-03-02 09:44:33 TLS error (D-H param setting 'ike22'): error:xxxxxxxx:SSL routines::dh key too small
+1999-03-02 09:44:33 10HmbI-0005vi-00 <= CALLER@myhost.test.ex H=localhost (myhost.test.ex) [127.0.0.1] P=esmtps X=TLS1.x:ke-RSA-AES256-SHAnnn:xxx CV=no S=sss id=E10HmbH-0005vi-00@myhost.test.ex
+1999-03-02 09:44:33 10HmbI-0005vi-00 => userb <userb@test.ex> R=server T=local_delivery
+1999-03-02 09:44:33 10HmbI-0005vi-00 Completed
+++ /dev/null
-From CALLER@myhost.test.ex Tue Mar 02 09:44:33 1999
-Received: from localhost ([127.0.0.1] helo=myhost.test.ex)
- by myhost.test.ex with esmtps (TLS1.x:ke-RSA-AES256-SHAnnn:xxx)
- (Exim x.yz)
- (envelope-from <CALLER@myhost.test.ex>)
- id 10HmaY-0005vi-00
- for userw@test.ex;
- Tue, 2 Mar 1999 09:44:33 +0000
-Received: from CALLER by myhost.test.ex with local (Exim x.yz)
- (envelope-from <CALLER@myhost.test.ex>)
- id 10HmaX-0005vi-00
- for userw@test.ex;
- Tue, 2 Mar 1999 09:44:33 +0000
-Message-Id: <E10HmaX-0005vi-00@myhost.test.ex>
-From: CALLER_NAME <CALLER@myhost.test.ex>
-Date: Tue, 2 Mar 1999 09:44:33 +0000
-TLS: cipher=TLS1.x:ke-RSA-AES256-SHAnnn:xxx peerdn=
-
-Test message
-
+++ /dev/null
-From CALLER@myhost.test.ex Tue Mar 02 09:44:33 1999
-Received: from localhost ([127.0.0.1] helo=myhost.test.ex)
- by myhost.test.ex with esmtps (TLS1.x:ke-RSA-AES256-SHAnnn:xxx)
- (Exim x.yz)
- (envelope-from <CALLER@myhost.test.ex>)
- id 10HmbA-0005vi-00
- for userx@test.ex;
- Tue, 2 Mar 1999 09:44:33 +0000
-Received: from CALLER by myhost.test.ex with local (Exim x.yz)
- (envelope-from <CALLER@myhost.test.ex>)
- id 10HmaZ-0005vi-00
- for userx@test.ex;
- Tue, 2 Mar 1999 09:44:33 +0000
-Message-Id: <E10HmaZ-0005vi-00@myhost.test.ex>
-From: CALLER_NAME <CALLER@myhost.test.ex>
-Date: Tue, 2 Mar 1999 09:44:33 +0000
-TLS: cipher=TLS1.x:ke-RSA-AES256-SHAnnn:xxx peerdn=
-
-Test message
-
+++ /dev/null
-From CALLER@myhost.test.ex Tue Mar 02 09:44:33 1999
-Received: from localhost ([127.0.0.1] helo=myhost.test.ex)
- by myhost.test.ex with esmtps (TLS1.x:ke-RSA-AES256-SHAnnn:xxx)
- (Exim x.yz)
- (envelope-from <CALLER@myhost.test.ex>)
- id 10HmbC-0005vi-00
- for usery@test.ex;
- Tue, 2 Mar 1999 09:44:33 +0000
-Received: from CALLER by myhost.test.ex with local (Exim x.yz)
- (envelope-from <CALLER@myhost.test.ex>)
- id 10HmbB-0005vi-00
- for usery@test.ex;
- Tue, 2 Mar 1999 09:44:33 +0000
-Message-Id: <E10HmbB-0005vi-00@myhost.test.ex>
-From: CALLER_NAME <CALLER@myhost.test.ex>
-Date: Tue, 2 Mar 1999 09:44:33 +0000
-TLS: cipher=TLS1.x:ke-RSA-AES256-SHAnnn:xxx peerdn=
-
-Test message
-
+++ /dev/null
-From CALLER@myhost.test.ex Tue Mar 02 09:44:33 1999
-Received: from localhost ([127.0.0.1] helo=myhost.test.ex)
- by myhost.test.ex with esmtps (TLS1.x:ke-RSA-AES256-SHAnnn:xxx)
- (Exim x.yz)
- (envelope-from <CALLER@myhost.test.ex>)
- id 10HmbE-0005vi-00
- for userz@test.ex;
- Tue, 2 Mar 1999 09:44:33 +0000
-Received: from CALLER by myhost.test.ex with local (Exim x.yz)
- (envelope-from <CALLER@myhost.test.ex>)
- id 10HmbD-0005vi-00
- for userz@test.ex;
- Tue, 2 Mar 1999 09:44:33 +0000
-Message-Id: <E10HmbD-0005vi-00@myhost.test.ex>
-From: CALLER_NAME <CALLER@myhost.test.ex>
-Date: Tue, 2 Mar 1999 09:44:33 +0000
-TLS: cipher=TLS1.x:ke-RSA-AES256-SHAnnn:xxx peerdn=
-
-Test message
-
--- /dev/null
+
+******** SERVER ********
+1999-03-02 09:44:33 WARNING: deprecated Diffie-Hellman parameter 'ike22' used
******** SERVER ********
1999-03-02 09:44:33 TLS error (D-H param setting 'TESTSUITE/aux-fixed/dh512'): error:xxxxxxxx:SSL routines::dh key too small
+1999-03-02 09:44:33 WARNING: deprecated Diffie-Hellman parameter 'ike22' used
+1999-03-02 09:44:33 TLS error (D-H param setting 'ike22'): error:xxxxxxxx:SSL routines::dh key too small
--- /dev/null
+# TLS: DH ciphers for GnuTLS
+#
+# DH param from file
+exim -DSERVER=server -DDATA=DIR/aux-fixed/dh2048 -bd -oX PORT_D
+****
+exim -odf userw@test.ex
+Test message
+****
+killdaemon
+#
+# Too-big DH param (vs. tls_dh_max_bits), from file
+exim -DSERVER=server -DDATA=DIR/aux-fixed/dh3072 -bd -oX PORT_D
+****
+exim -odf userx@test.ex
+Test message
+****
+killdaemon
+#
+#
+# Named DH-param
+exim -DSERVER=server -DDATA=ffdhe2048 -bd -oX PORT_D
+****
+exim -odf userz@test.ex
+Test message
+****
+killdaemon
+#
+# Named DH-param, logged deprecation
+exim -DSERVER=server -DDATA=ike24 -bd -oX PORT_D
+****
+exim -odf usera@test.ex
+Test message
+****
+killdaemon
+#
+# Named DH-param, panic-logged deprecation
+exim -DSERVER=server -DDATA=ike22 -bd -oX PORT_D
+****
+exim -odf userb@test.ex
+Test message
+****
+killdaemon
+no_message_check
Test message
****
killdaemon
+#
+# Named DH-param, logged deprecation
+exim -DSERVER=server -DDATA=ike24 -bd -oX PORT_D
+****
+exim -odf usera@test.ex
+Test message
+****
+killdaemon
+#
+# Named DH-param, panic-logged deprecation
+exim -DSERVER=server -DDATA=ike22 -bd -oX PORT_D
+****
+exim -odf userb@test.ex
+Test message
+****
+killdaemon
+no_message_check
--- /dev/null
+
+******** SERVER ********
+1999-03-02 09:44:33 WARNING: deprecated Diffie-Hellman parameter 'ike22' used
******** SERVER ********
1999-03-02 09:44:33 TLS error (D-H param setting 'TESTSUITE/aux-fixed/dh512'): error:xxxxxxxx:SSL routines::dh key too small
+1999-03-02 09:44:33 WARNING: deprecated Diffie-Hellman parameter 'ike22' used
+1999-03-02 09:44:33 TLS error (D-H param setting 'ike22'): error:xxxxxxxx:SSL routines::dh key too small