Loading ...
Sorry, an error occurred while loading the content.

291301Re: TLS Library Problem? Postfix 2.9.6

Expand Messages
  • weber@...
    Feb 12, 2013
      sorry for 2nd reply,

      and no i had openssl 1.0.1c on gentoo
      i see theres now 1.0.1d-r1 and the 1.0.1d is MASKED now.

      marko



      Am 2013-02-12 07:58, schrieb Viktor Dukhovni:
      > On Mon, Feb 11, 2013 at 11:58:07PM +0100, weber@...
      > wrote:
      >
      >> on my backup relay server i find these lines in the logs.
      >> i rebuild openssl and postfix.
      >> i am on gentoo linux.
      >>
      >> openssl 1.0.1c
      >
      > Gentoo builds software from source, are you sure you built OpenSSL
      > 1.0.1c and not the troubled 1.0.1d?
      >
      >> Feb 11 22:52:52 fallbackhost postfix/smtp[18823]: warning: TLS
      >> library problem: 18823:error:04075070:rsa routines:RSA_sign:digest
      >> too big for rsa key:rsa_sign.c:127:
      >> Feb 11 22:52:52 fallbackhost postfix/smtp[18823]: warning: TLS
      >> library problem: 18823:error:14099006:SSL
      >> routines:SSL3_SEND_CLIENT_VERIFY:EVP lib:s3_clnt.c:2983:
      >
      > This is only possible when the client and server are using TLSv1.2
      > and the client presents its own certificate. Do you have a client
      > cert? If so, can you post the output of:
      >
      > $ openssl x509 -in clientcert.pem
      >
      > Also the output of:
      >
      > $ postconf -n | egrep '^(smtp_)?tls_'
      >
      >> any ideas? what causes these errors?
      >
      > The TLSv1.2 digest algorithm negotiated with the server is reportedly
      > "too big" for your client certificate. If so, this feels like an
      > implementation bug. The client should not present a certificate
      > for which it can't generate a signature using the agreed digest.
      >
      > https://tools.ietf.org/html/rfc5246#section-7.4.8
      >
      > The hash and signature algorithms used in the signature MUST be
      > one of those present in the supported_signature_algorithms field
      > of the CertificateRequest message. In addition, the hash and
      > signature algorithms MUST be compatible with the key in the
      > client's end-entity certificate. RSA keys MAY be used with any
      > permitted hash algorithm, subject to restrictions in the
      > certificate, if any.
      >
      > You can retry the s_client command with the same client certificate
      > configured with Postfix,
      >
      > $ openssl s_client \
      > -cert clientcert.pem -key clientkey.pem \
      > -state -debug -msg -starttls smtp -connect mail.zbfmail.de:25
      >
      > I'm only able to reproduce your problem when I generate and use an
      > insecure 512-bit RSA client certificate (not a good plan).
      >
      > SSL_connect:SSLv3 write client key exchange A
      > SSL_connect:error in SSLv3 write certificate verify A
      > SSL_connect:error in SSLv3 write certificate verify A
      > 140735152091612:error:04075070:rsa routines:RSA_sign:digest too
      > big for rsa key:rsa_sign.c:127:
      > 140735152091612:error:14099006:SSL
      > routines:SSL3_SEND_CLIENT_VERIFY:EVP lib:s3_clnt.c:2983:
      >
      > When I specify a 1024-bit key, the handshake completes normally.
      > Whatever motivated you to configure a client certificate, and
      > particularly a pointlessly weak one that is well short of 1024-bits,
      > was probably the result of a particularly delirious nightmare.
      >
      > Just relax and set:
      >
      > main.cf:
      > smtp_tls_cert_file =
      > smtp_tls_key_file =
      >
      > as documented in:
      >
      > http://www.postfix.org/TLS_README.html#client_cert_key
    • Show all 8 messages in this topic