dovecot - Apr 2020 - Unable to set ssl_min_protocol=TLSv1.3

Good $daytime,

as per the recommendations of Mozilla?s SSL config generator[0], I
wanted to set ssl_min_protocol=TLSv1.3 in my dovecot config.  This
produced the error:

  imap-login: Error: Failed to initialize SSL server context: Unknown
  ssl_min_protocol setting 'TLSv1.3'

After some digging, I found the function that parses this setting in
src/lib-ssl-iostream/iostream-openssl-common.c
(openssl_min_protocol_to_options()), which maps strings such as
SSL_TXT_TLSV1_2 == "TLSv1.2" (from openssl/ssl.h) to the appropriate
version and option defines of OpenSSL.

Said openssl/ssl.h does not contain a SSL_TXT_TLSV1_3, so it?s no
surprise that dovecot does not know this setting.  As a quick fix, I
could probably extend struct {?} protocol_versions[] (in
iostream-openssl-common.c again) with an appropriate "TLSv1.3" entry
(and send a patch), though I would also suggest to OpenSSL to add a
SSL_TXT_TLSV1_3 define.

Unfortunately, I have not found a config setting in dovecot to set
SSL_OP_NO_TLSv1_2, or in fact any way to enforce TLS >=1.3, except maybe
via the cipher list string.

I think that dovecot should support setting this, and I?d also gladly
provide a patch.

Thanks,
Thomas

[0]:
https://ssl-config.mozilla.org/#server=dovecot&version=2.3.4.1&config=modern&openssl=1.1.1d&guideline=5.4
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL:
<https://dovecot.org/pipermail/dovecot/attachments/20200413/6ce6f316/attachment-0001.sig>

> On 13/04/2020 12:35 Thomas Schneider <qsx at chaotikum.eu> wrote:
> 
>  
> Good $daytime,
> 
> as per the recommendations of Mozilla?s SSL config generator[0], I
> wanted to set ssl_min_protocol=TLSv1.3 in my dovecot config.  This
> produced the error:
> 
>   imap-login: Error: Failed to initialize SSL server context: Unknown
>   ssl_min_protocol setting 'TLSv1.3'
> 
> After some digging, I found the function that parses this setting in
> src/lib-ssl-iostream/iostream-openssl-common.c
> (openssl_min_protocol_to_options()), which maps strings such as
> SSL_TXT_TLSV1_2 == "TLSv1.2" (from openssl/ssl.h) to the
appropriate
> version and option defines of OpenSSL.
> 
> Said openssl/ssl.h does not contain a SSL_TXT_TLSV1_3, so it?s no
> surprise that dovecot does not know this setting.  As a quick fix, I
> could probably extend struct {?} protocol_versions[] (in
> iostream-openssl-common.c again) with an appropriate "TLSv1.3"
entry
> (and send a patch), though I would also suggest to OpenSSL to add a
> SSL_TXT_TLSV1_3 define.
> 
> Unfortunately, I have not found a config setting in dovecot to set
> SSL_OP_NO_TLSv1_2, or in fact any way to enforce TLS >=1.3, except maybe
> via the cipher list string.
> 
> I think that dovecot should support setting this, and I?d also gladly
> provide a patch.
> 
> Thanks,
> Thomas
Hi!

What version of Dovecot are you using? What OS/distro are you using?

I'm guessing you're seeing this, see
https://dovecot.org/pipermail/dovecot/2019-December/117799.html

Aki

Any news on setting TLS 1.3 as minimal version?

I am using Debian 10 with Dovecot 2.3.4.1-5+deb10u1 and openssl 
1.1.1d-0+deb10u3.