SSL_OP_IGNORE_UNEXPECTED_EOF will be enabled in the upcoming
stable releases, expected by this weekend.
Wietse
Miriam Espana Acebal:
> Hi all,
>
> I was working on the same case for a bug open in Ubuntu
> https://bugs.launchpad.net/debian/+source/postfix/+bug/1995312 (It was
> reported to Debian also at
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011040 ) when using
> postfix when openssl3. I developed a solution similar to Viktor's proposed
> in this thread. Still, I doubted if it was affecting only the server-side,
> client-side or both, although I would opt toward both, as an abrupt
> disconnection can happen in both ways... but as I said, it was a thing I
> want to share here for discussion and advice, also proposing if you could
> pick one of the proposed fixes in future patches or releases to solve the
> bugs (as I didn't see it in the incoming postfix 3.8 either).
>
> I put the setting of the SSL_OP_IGNORE_UNEXPECTED_EOF in the function
> tls_bug_bits (src/tls/tls_misc.c) used by both client and server
> connections:
>
> --- a/src/tls/tls_misc.c
> +++ b/src/tls/tls_misc.c
> @@ -1355,6 +1355,9 @@ long tls_bug_bits(void)
> * options just in case.
> */
> bits |= SSL_OP_SINGLE_ECDH_USE | SSL_OP_SINGLE_DH_USE;
> +#ifdef SSL_OP_IGNORE_UNEXPECTED_EOF
> + bits |= SSL_OP_IGNORE_UNEXPECTED_EOF;
> +#endif
> return (bits);
> }
>
> I tested this fix in Ubuntu Jammy (potsfix 3.6.4-1ubuntu1), Ubuntu Kinetic
> (potsfix3.6.4-1ubuntu2 ) and also 23.04 (our on-development version,
> postfix 3.7.3-4) and I'll document that in the Ubuntu bug.
>
> I really appreciate any help you can provide and many thanks for
> considering my request.
>
>
> On Tue, Jun 14, 2022 at 5:17 PM Demi Marie Obenour <demioben...@gmail.com>
> wrote:
>
> > On 6/10/22 08:55, Gerben Wierda wrote:
> > >
> > >> On 10 Jun 2022, at 13:17, Wietse Venema <wie...@porcupine.org> wrote:
> > >>
> > >> Wietse Venema:
> > >>> Gerben Wierda:
> > >>>>
> > >>>>> On 10 Jun 2022, at 02:30, Wietse Venema <wie...@porcupine.org>
> > wrote:
> > >>>>>
> > >>>>> Gerben Wierda:
> > >>>>>> What is happening here? (mail is delivered, I?m just curious)
> > >>>>>>
> > >>>>>> Jun 09 23:37:39 mail postfix/postscreen[4294]: CONNECT from
> > [146.185.52.133]:10400 to [192.168.2.66]:25
> > >>>>>> Jun 09 23:37:45 mail postfix/postscreen[4294]: PASS NEW
> > [146.185.52.133]:10400
> > >>>>>> Jun 09 23:37:45 mail smtp/smtpd[4296]: connect from
> > ims-smtp133.persgroep-ops.net[146.185.52.133]
> > >>>>>> Jun 09 23:37:46 mail smtp/smtpd[4296]: CC868E75AA1E: client=
> > ims-smtp133.persgroep-ops.net[146.185.52.133]
> > >>>>>> Jun 09 23:37:47 mail postfix/cleanup[4300]: CC868E75AA1E:
> > message-id=<
> > 220609233739.sim_40lt1wa1poje3tjw6hnmtvk29xxj_ghn7vvejgut3cs3hljfekzafd9hipabzz8ro0vetlr2qj0j2ddp9oie2u%2bfuro...@ims-smtp133.persgroep-ops.net
> > >
> > >>>>>> Jun 09 23:37:48 mail postfix/qmgr[8801]: CC868E75AA1E: from=<
> > nore...@mail.trouw.nl>, size=34628, nrcpt=1 (queue active)
> > >>>>>> Jun 09 23:37:48 mail smtp/smtpd[4296]: warning: TLS library
> > problem: error:0A000126:SSL routines::unexpected eof while
> > reading:ssl/record/rec_layer_s3.c:309:
> > >>>>>> Jun 09 23:37:48 mail smtp/smtpd[4296]: disconnect from
> > ims-smtp133.persgroep-ops.net[146.185.52.133] ehlo=2 starttls=1 mail=1
> > rcpt=1 data=1 commands=6
> > >>>>>>
> > >>>>>
> > >>>>> Did you look for 0A000126 with a web search engine?
> > >>>>
> > >>>> Yes. Searched on the entire error string as well.
> > >>>>
> > >>>> But that did not give me a clue.
> > >>>
> > >>> I got: OpenSSL 3 is more strict about clients that disconnect without
> > >>> fully following the protocol.
> > >>
> > >> Specifically, google 0A000126, the first result is PHP issue 8369a
> > >
> > > Indeed. Interesting. I use duckduckgo (which relies on Bing afaik) and
> > it doesn?t find that.
> > >
> > >> which links to https://github.com/openssl/openssl/issues/11378 <
> > https://github.com/openssl/openssl/issues/11378>. The
> > >> latter had a breaking fix, backed it out for OpenSSL 1.1.1, but
> > >> kept it in the branch that become OpenSSL 3.
> > >
> > > So basically, the sender doesn?t properly close the SSL protocol, their
> > MTA is using an SSL which isn?t properly implemented.
> >
> > My understanding is that a truncation attack is never a problem in
> > SMTP, as a premature EOF is always an SMTP error. If this is in
> > fact the case, Postfix should set SSL_OP_IGNORE_UNEXPECTED_EOF to
> > tell OpenSSL to not treat a missing close_notify as an error.
> > --
> > Sincerely,
> > Demi Marie Obenour (she/her/hers)
>
>
>
> --
> Miriam Espa?a Acebal
> Software Engineer II - Ubuntu PublicCloud/Server
> Canonical Ltd.
