I sent my original message just to mutt-dev, but it might be of interest to mutt-users as well, since it brings up security issues that people might not have thought about with the current STARTTLS behaviour.
On Fri, Feb 15, 2002 at 08:19:46PM +0000, Andrew McDonald wrote:
> The current starttls behaviour in mutt can only provide opportunistic
> encryption, and protect against passive attackers.
>
> The ssl_starttls setting essentially gives opportunistic encryption -
> if we use imap (port 143) and the server advertises STARTTLS we try to
> do it. However, an active attacker could of course change the
> unauthenticated capabilities advertised by the server.
>
> If you want to be sure of using TLS/SSL then you can specify imaps
> (IMAP over SSL/TLS on port 993). There is also an imap_force_ssl
> setting. If you have this set and then specify imap it essentially
> changes it to imaps (IMAP over SSL on port 993 unless another port is
> specified).
>
> If you work this through you'll realise that it is not possible to make
> sure it uses TLS while using imap/STARTTLS. :-(
I've now written a patch (attached) that adds an ssl_force_starttls
setting. This will fail if a connection attempt is made and STARTTLS
isn't advertised (and we're not already doing TLS from an imaps://
specification).
ssl_starttls is left as providing opportunistic encryption, though
ssl_force_starttls overrides it.
Also, I'm not sure I fully understand the purpose of imap_force_ssl. I
guess it is to stop you accidentally connecting unencrypted. Is that
right? Otherwise it doesn't appear to have a use that using imaps:// or
{hostname/ssl} won't solve.
Andrew
--
Andrew McDonald
E-mail: [EMAIL PROTECTED]
http://www.mcdonald.org.uk/andrew/
diff -Nru --exclude CVS mutt.orig/PATCHES mutt/PATCHES
--- mutt.orig/PATCHES Fri Jan 25 18:15:12 2002
+++ mutt/PATCHES Sat Feb 23 22:22:40 2002
@@ -1,0 +1 @@
+patch-1.5.0.admcd.starttls.1
diff -Nru --exclude CVS mutt.orig/imap/imap.c mutt/imap/imap.c
--- mutt.orig/imap/imap.c Sat Feb 23 22:05:23 2002
+++ mutt/imap/imap.c Sat Feb 23 22:36:16 2002
@@ -384,15 +384,25 @@
if (imap_check_capabilities (idata))
goto bail;
#if defined(USE_SSL) && !defined(USE_NSS)
+ /* Abort if forcestarttls set and STARTTLS not advertised */
+ /* NB: might not advertise STARTTLS if already doing TLS */
+ if (!mutt_bit_isset (idata->capabilities, STARTTLS) && !idata->conn->ssf
+ && option(OPT_FORCESTARTTLS))
+ {
+ mutt_error (_("Could not use STARTTLS"));
+ mutt_sleep (1);
+ goto bail;
+ }
/* Attempt STARTTLS if available and desired. */
if (mutt_bit_isset (idata->capabilities, STARTTLS) && !idata->conn->ssf)
{
int rc;
- if ((rc = query_quadoption (OPT_SSLSTARTTLS,
+ if (!option(OPT_FORCESTARTTLS) &&
+ (rc = query_quadoption (OPT_SSLSTARTTLS,
_("Secure connection with TLS?"))) == -1)
goto err_close_conn;
- if (rc == M_YES) {
+ if (option(OPT_FORCESTARTTLS) || rc == M_YES) {
if ((rc = imap_exec (idata, "STARTTLS", IMAP_CMD_FAIL_OK)) == -1)
goto bail;
if (rc != -2)
diff -Nru --exclude CVS mutt.orig/init.h mutt/init.h
--- mutt.orig/init.h Sat Feb 23 22:05:19 2002
+++ mutt/init.h Sat Feb 23 22:48:46 2002
@@ -1616,6 +1616,14 @@
** advertising the capability. When unset, mutt will not attempt to
** use STARTTLS regardless of the server's capabilities.
*/
+ { "ssl_force_starttls", DT_BOOL, R_NONE, OPT_FORCESTARTTLS, 0 },
+ /*
+ ** .pp
+ ** If set, mutt will attempt to use STARTTLS on servers
+ ** advertising the capability. If STARTTLS is not advertised then the
+ ** connection will fail. Unlike ssl_starttls it will not fall back
+ ** to using an unencrypted connection if STARTTLS is not advertised.
+ */
# endif
{ "certificate_file", DT_PATH, R_NONE, UL &SslCertFile, 0 },
/*
diff -Nru --exclude CVS mutt.orig/mutt.h mutt/mutt.h
--- mutt.orig/mutt.h Sat Feb 23 22:05:21 2002
+++ mutt/mutt.h Sat Feb 23 21:40:37 2002
@@ -265,6 +265,7 @@
#ifdef USE_SSL
OPT_SSLSTARTTLS,
+ OPT_FORCESTARTTLS,
#endif
OPT_PRINT,
msg24730/pgp00000.pgp
Description: PGP signature
