dovecot - May 2022 - TLS renegotiation issue (CVE-2011-1473) in Dovecot

On 13 May 2022, at 19:38, Elisamuel Resto <sam at samresto.dev> wrote:
> I believe this to be a configuration error, not a dovecot problem.  
> The
> output of dovecot -n (as an attachment; look it over for any data you 
> do
> not want publicized) would help to suggest changes to bring you back
> into compliance.
Elisamuel,

I'm not really sure why you think it's a configuration error, but
I'll
attach the "dovecot -n" output.

Thanks,

		- Greg
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: dovecot_-n.txt
URL:
<https://dovecot.org/pipermail/dovecot/attachments/20220514/d2021253/attachment.txt>

I'm curious - if you throw in the SSL parameters suggested here, is the 
problem resolved?

<https://ssl-config.mozilla.org/#server=dovecot>
--
Steven Haigh

? netwiz at crc.id.au <mailto:netwiz at crc.id.au>
? https://www.crc.id.au <https://www.crc.id.au/>

On Sat, May 14 2022 at 01:13:44 -0700, Greg Earle 
<earle at isolar.DynDNS.ORG> wrote:
> On 13 May 2022, at 19:38, Elisamuel Resto <sam at samresto.dev 
> <mailto:sam at samresto.dev>> wrote:
> 
>> I believe this to be a configuration error, not a dovecot problem.  
>> The
>> output of dovecot -n (as an attachment; look it over for any data 
>> you do
>> not want publicized) would help to suggest changes to bring you back
>> into compliance.
> 
> Elisamuel,
> 
> I'm not really sure why you think it's a configuration error, but 
> I'll attach the "dovecot -n" output.
> 
> Thanks,
> 
> 		- Greg
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://dovecot.org/pipermail/dovecot/attachments/20220514/e562d07e/attachment.htm>

Interesting that your security organization is worried about TLS renegotiation
but do not mind people logging in without TLS... =)

You have

disable_plaintext_auth = no

which allows plaintext auth over non-TLS connection. See
https://doc.dovecot.org/configuration_manual/dovecot_ssl_configuration/

"ssl=yes and disable_plaintext_auth=no: SSL/TLS is offered to the client,
but the client isn?t required to use it. The client is allowed to login with
plaintext authentication even when SSL/TLS isn?t enabled on the connection. This
is insecure, because the plaintext password is exposed to the internet."

Anyways, back to the TLS renegotiation...

There is no config option in dovecot explicitly to disable this, and
unfortunately openssl 1.0.2 does not seem to support system-wide config file to
disable Renegotiation in ssl_conf section. With OpenSSL 1.1.1 you can actually
edit /etc/pki/tls/openssl.cnf and disable renegotiation, without having to run
everything on TLSv1.3.
 
For users with 1.1 you can use following to disable renegotiation in your
distribution specific system-wide openssl.cnf:

[default_conf]
ssl_conf = ssl_sect

[ssl_sect]
system_default = system_default_sect

[system_default_sect]
Options = NoRenegotiation

Aki
> On 14/05/2022 11:13 Greg Earle <earle at isolar.dyndns.org> wrote:
> 
>  
> On 13 May 2022, at 19:38, Elisamuel Resto <sam at samresto.dev>
wrote:
> 
> > I believe this to be a configuration error, not a dovecot problem.  
> > The
> > output of dovecot -n (as an attachment; look it over for any data you 
> > do
> > not want publicized) would help to suggest changes to bring you back
> > into compliance.
> 
> Elisamuel,
> 
> I'm not really sure why you think it's a configuration error, but
I'll
> attach the "dovecot -n" output.
> 
> Thanks,
> 
> 		- Greg