Enforcing diffie-hellman-keyexchange within SSL-handshake
Enforcing diffie-hellman-keyexchange within SSL-handshake
From webservers or other mailservers I know very simple configuration steps to enforce a diffie-hellman-keyexchange within the SSL-Handshake. How to do this with hmailserver?
Re: Enforcing diffie-hellman-keyexchange within SSL-handshak
Hello, are the developers all on vacation in Fort Meade, Maryland?
To sort the ciphersuites to increase security is absolute standard procedure. From your silence I deduce that this is not possible.
Or uses Martin Microsofts CryptoAPI (schannel.dll) ?
Could it be possible to achieve this by configuring HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL ?
To sort the ciphersuites to increase security is absolute standard procedure. From your silence I deduce that this is not possible.
Or uses Martin Microsofts CryptoAPI (schannel.dll) ?
Could it be possible to achieve this by configuring HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL ?
- Snorkasaurus
- Normal user
- Posts: 191
- Joined: 2010-08-29 16:32
- Location: Canada
- Contact:
Re: Enforcing diffie-hellman-keyexchange within SSL-handshak
Okay I'll bite... what is it about enforcing diffie-hellman that increases security and could the same be achieved by disabling any other possible handshake? Would this be specifically for client-server connections versus server-server connections?
S.
S.
Re: Enforcing diffie-hellman-keyexchange within SSL-handshak
This post has nothing to do with security for Server-Server connections (RFC-3207). StartTLS for SMTP isn't implemented by Martin. If you also agree with me that this is a problem, please vote for it here: http://hmailserver.com/forum/viewtopic.php?t=15500
This post is about how to determine and sort the used ciphersuites to prevent weak encryption or encryption which can be broken if the data stream is first recorded and the servers private key is recalculated or stolen later. (EC)DH makes this more difficult.
This post is not about the sense of encryption. Every encryption can be broken, especially from NSA.
You wrote "could the same be achieved by disabling any other possible handshake". Yes, of course. But how achieve this with hmailserver? Please give me a hint. I'm to stupid to find it within the docs.
This post is about how to determine and sort the used ciphersuites to prevent weak encryption or encryption which can be broken if the data stream is first recorded and the servers private key is recalculated or stolen later. (EC)DH makes this more difficult.
This post is not about the sense of encryption. Every encryption can be broken, especially from NSA.
You wrote "could the same be achieved by disabling any other possible handshake". Yes, of course. But how achieve this with hmailserver? Please give me a hint. I'm to stupid to find it within the docs.
Re: Enforcing diffie-hellman-keyexchange within SSL-handshak
Was looking closer at this & in hmail code openssl SSL_set_cipher_list() can be called to specify ciphers available in openssl as documented here:
http://www.openssl.org/docs/apps/ciphers.html
Assuming that will suffice to suit your needs I could add new INI setting to hmailserver.ini where YOU specify the string to be passed to that function in turn allowing YOU to specify which ciphers are allowed or not allowed.
Bill
http://www.openssl.org/docs/apps/ciphers.html
Assuming that will suffice to suit your needs I could add new INI setting to hmailserver.ini where YOU specify the string to be passed to that function in turn allowing YOU to specify which ciphers are allowed or not allowed.
Bill
hMailServer build LIVE on my servers: 5.4-B2014050402
#hmailserver on FreeNode IRC https://webchat.freenode.net/?channels=#hmailserver
*** ABSENT FROM hMail! Those in IRC know how to find me if urgent. ***
#hmailserver on FreeNode IRC https://webchat.freenode.net/?channels=#hmailserver
*** ABSENT FROM hMail! Those in IRC know how to find me if urgent. ***
Re: Enforcing diffie-hellman-keyexchange within SSL-handshak
I have a TEST BUILD if anyone wants to try it. Understand this is not tested beyond making sure the values set show up as expected in the logs as shown.
*** I would not recommend using this test build in production ***
hmailserver.ini
IMPORTANT!
* Note that SSLOptionList defaults to default_workarounds,no_sslv2 if not set (that is what hmailserver uses now) and that it is a COMMA DELIMITED LIST. I would not put spaces between I do not know what that would do.
* SSLCipherList defaults to NOTHING as is the case with hmailserver now and it is a COLON DELIMITED LIST as shown & from the available options shown on openssl site: https://www.openssl.org/docs/apps/ciphers.html# Using ! in front of a cipher disables it. Do not put spaces between each.
* For now ensure all OPTIONS set to lower case and CIPHERS set to UPPER CASE, unless confirmed to work otherwise. (Tempted to force case in the code but for now just match case of example INI above)
* These lists are used for both listening (incoming) and outgoing. If there becomes a need I can make 2 more INI settings but for now this allows testing.
* IMPORTANT: This build has a LOT of extra debug logging but NOT shown by default. [Settings]LogLevel=10 for some extra to 100 for extremely verbose (10 needed to show below log lines)
*** I would not recommend using this test build in production ***
Other changes in this build since 4/8 build:
* Fixed bug where built-in backup would abort if Data > 15GB despite BackupMessagesDBOnly=1 option. (Thx CU2U)
* Using martin's openssl 1.0.1g from official source vs my assembly built one. (Might as well stick with his now that it is available)
In addition I am posting up a 2nd test build which also changes:
* Used /LARGEADDRESSAWARE option during build which should allow hmailserver to use more memory if needed (such as heavy IMAP load)
* WARNING!!! - UNTESTED!!! - Could cause unknown problems due to memory space addressing.
* WARNING!!! - Should ONLY be tested on 64bit Windows Vista or later with AT LEAST 4GB MEMORY!! (It makes no sense to try this on 32bit or <2GB anyway but you should have at least 3GB before it could make a difference but really 4GB.)
* YOU'VE BEEN WARNED!
OK here are the downloads: (Install just like any other experimental build)
SSLOptions SSL Cipher TEST build: (See warnings above)
http://www.mediafire.com/download/dzel2 ... ns-TEST.7z
MD5: 531605ee555e7b2d175a2ebe31071e0b SHA1: c1209e9e666fe4ff3cfa4fd43b316015e3a02eb3
LargeMemory SSLPtions SSL Cipher TEST build: (See warnings above)
http://www.mediafire.com/download/nu0f7 ... ns-TEST.7z
MD5: e1fd3a6787e62297af607893d2d5fd4a SHA1: 8f50730f7783ee1dcec8631c0b28de757529e6ba
*** I would not recommend using this test build in production ***
hmailserver.ini
Code: Select all
[Settings]
SSLOptionList=default_workarounds,no_sslv2,no_tlsv1
;DO NOT USE this examaple SSLOptionList. It is just an example
;Default if not defined is default_workarounds,no_sslv2
SSLCipherList=ECDH:DH
;DO NOT USE this examaple SSLCipherList. It is just an example
;Default if not defined is OpenSSL default Ciphers
* Note that SSLOptionList defaults to default_workarounds,no_sslv2 if not set (that is what hmailserver uses now) and that it is a COMMA DELIMITED LIST. I would not put spaces between I do not know what that would do.
* SSLCipherList defaults to NOTHING as is the case with hmailserver now and it is a COLON DELIMITED LIST as shown & from the available options shown on openssl site: https://www.openssl.org/docs/apps/ciphers.html# Using ! in front of a cipher disables it. Do not put spaces between each.
* For now ensure all OPTIONS set to lower case and CIPHERS set to UPPER CASE, unless confirmed to work otherwise. (Tempted to force case in the code but for now just match case of example INI above)
* These lists are used for both listening (incoming) and outgoing. If there becomes a need I can make 2 more INI settings but for now this allows testing.
* IMPORTANT: This build has a LOT of extra debug logging but NOT shown by default. [Settings]LogLevel=10 for some extra to 100 for extremely verbose (10 needed to show below log lines)
Code: Select all
"DEBUG" 3448 "2014-04-21 17:08:32.079" "TCPServer::InitSSL() - SSLOptionList Option: default_workarounds,no_sslv2,no_tlsv1"
"DEBUG" 3448 "2014-04-21 17:08:32.079" "TCPServer::InitSSL() - SSL Cipher Option: ECDH:DH"
"DEBUG" 3448 "2014-04-21 17:08:32.079" "TCPServer::InitSSL() - Found SSL Option: default_workarounds"
"DEBUG" 3448 "2014-04-21 17:08:32.079" "TCPServer::InitSSL() - SSL Option SET: default_workarounds"
"DEBUG" 3448 "2014-04-21 17:08:32.079" "TCPServer::InitSSL() - Found SSL Option: no_sslv2"
"DEBUG" 3448 "2014-04-21 17:08:32.079" "TCPServer::InitSSL() - SSL Option SET: no_sslv2"
"DEBUG" 3448 "2014-04-21 17:08:32.079" "TCPServer::InitSSL() - Found SSL Option: no_tlsv1"
"DEBUG" 3448 "2014-04-21 17:08:32.079" "TCPServer::InitSSL() - SSL Option SET: no_tlsv1"
Other changes in this build since 4/8 build:
* Fixed bug where built-in backup would abort if Data > 15GB despite BackupMessagesDBOnly=1 option. (Thx CU2U)
* Using martin's openssl 1.0.1g from official source vs my assembly built one. (Might as well stick with his now that it is available)
In addition I am posting up a 2nd test build which also changes:
* Used /LARGEADDRESSAWARE option during build which should allow hmailserver to use more memory if needed (such as heavy IMAP load)
* WARNING!!! - UNTESTED!!! - Could cause unknown problems due to memory space addressing.
* WARNING!!! - Should ONLY be tested on 64bit Windows Vista or later with AT LEAST 4GB MEMORY!! (It makes no sense to try this on 32bit or <2GB anyway but you should have at least 3GB before it could make a difference but really 4GB.)
* YOU'VE BEEN WARNED!
OK here are the downloads: (Install just like any other experimental build)
SSLOptions SSL Cipher TEST build: (See warnings above)
http://www.mediafire.com/download/dzel2 ... ns-TEST.7z
MD5: 531605ee555e7b2d175a2ebe31071e0b SHA1: c1209e9e666fe4ff3cfa4fd43b316015e3a02eb3
LargeMemory SSLPtions SSL Cipher TEST build: (See warnings above)
http://www.mediafire.com/download/nu0f7 ... ns-TEST.7z
MD5: e1fd3a6787e62297af607893d2d5fd4a SHA1: 8f50730f7783ee1dcec8631c0b28de757529e6ba
hMailServer build LIVE on my servers: 5.4-B2014050402
#hmailserver on FreeNode IRC https://webchat.freenode.net/?channels=#hmailserver
*** ABSENT FROM hMail! Those in IRC know how to find me if urgent. ***
#hmailserver on FreeNode IRC https://webchat.freenode.net/?channels=#hmailserver
*** ABSENT FROM hMail! Those in IRC know how to find me if urgent. ***
Re: Enforcing diffie-hellman-keyexchange within SSL-handshak
UPDATE: Tried out the bolet test tool & would not connect so I was worried. Come find out my sample ciphers was a bad choice. lol based on the test tool the INI settings DO WORK just make sure to use reasonable ciphers & not the ones I used in the example.
Bill
Bill
hMailServer build LIVE on my servers: 5.4-B2014050402
#hmailserver on FreeNode IRC https://webchat.freenode.net/?channels=#hmailserver
*** ABSENT FROM hMail! Those in IRC know how to find me if urgent. ***
#hmailserver on FreeNode IRC https://webchat.freenode.net/?channels=#hmailserver
*** ABSENT FROM hMail! Those in IRC know how to find me if urgent. ***
Re: Enforcing diffie-hellman-keyexchange within SSL-handshak
Thank you Bill. I have this installed and running on my server.Bill48105 wrote:These lists are used for both listening (incoming) and outgoing. If there becomes a need I can make 2 more INI settings but for now this allows testing.
I think it's a good idea to have separate settings for incoming and outgoing mail. Also, please compile all future hMail builds to load OpenSSL dynamically.
Re: Enforcing diffie-hellman-keyexchange within SSL-handshak
OK cool. Yeah let me know how it works.braniak wrote:Thank you Bill. I have this installed and running on my server.Bill48105 wrote:These lists are used for both listening (incoming) and outgoing. If there becomes a need I can make 2 more INI settings but for now this allows testing.
I think it's a good idea to have separate settings for incoming and outgoing mail. Also, please compile all future hMail builds to load OpenSSL dynamically.
As I said in my other post I can't promise anything in terms of the builds & openssl for the reasons noted in my other post. Please make a feature request for it & we'll get a poll going on it so I can see if there is even any interest.
Thx
Bill
hMailServer build LIVE on my servers: 5.4-B2014050402
#hmailserver on FreeNode IRC https://webchat.freenode.net/?channels=#hmailserver
*** ABSENT FROM hMail! Those in IRC know how to find me if urgent. ***
#hmailserver on FreeNode IRC https://webchat.freenode.net/?channels=#hmailserver
*** ABSENT FROM hMail! Those in IRC know how to find me if urgent. ***