Joined: 09 Mar 2008
|Posted: Tue Jun 06, 2017 15:38 Post subject: dnscrypt-proxy v1.9.5 new cipher (K-r32170M) & gmail
I just tried the new test Kong's build r32170M, and encountered a problem sending notification emails from dd-wrt using ssmtp and curl.
This is not a build bug, but rather the newly introduced dnscrypt-proxy v1.9.5 cipher reinforcement problem.
dnscrypt-proxy v1.9.5 by itself seemed to work well, but unfortunately, I had to roll back to Kong's r31920M, due to email issues.
Here what happens:
build: r32170M no emails are sent, and syslog shows:
SSL connection using ECDHE-RSA-CHACHA20-POLY1305 (this is new cipher)
smtp err: Invalid response SMTP server.
build: r31920M (with v1.9.4-optware)
SSL connection using ECDHE-RSA-AES128-GCM-SHA256
and email goes through.
This works or does not regardless ports used smtp.gmail.com:465 or :587.
So, it does not appear to be a bad configuration.
Upon further investigation using dockerized version of cipherscan (https://github.com/jig/docker-cipherscan), it appears that at least smtp.gmail.com:465 does not list support for ECDHE-RSA-CHACHA20-POLY1305 cipher. With smtp.gmail.com:587 scans there were no meaningful results.
It appears that in build r32170M SSL tries to enforce ECDHE-RSA-CHACHA20-POLY1305 cipher without an option to fallback to lower compatible one.
Would any one know if there is another option to send email not using ssmtp or curl but allowing to reinforce specific cipher suit similar to openssl which allows to test and change ciphers (openssl s_client -cipher 'ECDHE-RSA-AES128-GCM-SHA256' -connect smtp.gmail.com:587 -starttls smtp)?
Any constructive input, remarks and solutions will be very welcomed.
Joined: 09 Mar 2008
|Posted: Mon Jun 12, 2017 15:27 Post subject:
|Hello to all interested,
Upon further investigation I found out that OpenSSL vs.1.0.2(k&l) is incompatible with the new cipher ECDHE-RSA-CHACHA20-POLY1305 introduced with new DNSCrypt-proxy v.1.9.5.
1. r32170M build: this ECDHE-RSA-CHACHA20-POLY1305 cipher causes OpenSSL v.1.0.2k to throw errors:
1995728064:error:140943FC:lib(20):func(148):reason(1020):NA:0:SSL alert number 20
and aborts connections
2. r31920M build: this ECDHE-RSA-CHACHA20-POLY1305 cipher causes OpenSSL v.1.0.2k to throw errors:
Error with command: "-cipher ECDHE-RSA-CHACHA20-POLY1305"
and aborts connections (here understandably, this build does not know anything about this cipher)
3. Both builds when selecting ECDHE-RSA-AES128-GCM-SHA256 cipher do not show any significant errors and connections succeed.
4. Similar situation happens on Windows 10 x64 machine with OpenSSL (v.1.0.2k) coming with the latest OpenVPN (build v.2.4.2):
---selecting ECDHE-RSA-CHACHA20-POLY1305 cipher causes errors:
Error with command: "-cipher ECDHE-RSA-CHACHA20-POLY1305" (again, this build does not know anything about this cipher)
11320:error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match:ssl_lib.c:1383: (connection aborted)
---selecting ECDHE-RSA-AES128-GCM-SHA256 cipher-no errors, connection successful
5. On Ubuntu 16.04 LTS x64 with updated OpenSSL to v.1.1.0f any cipher, including ECDHE-RSA-CHACHA20-POLY1305 one, no errors and connections succeed.
With older OpenSSL v.1.0.2, similar situation was observed as on dd-wrt build r32170M.
Fortunately, this new cipher does not seem to interfere with DNSCrypt-proxy operations.
However, it affects OpenSSL operations unless diferent cipher than ECDHE-RSA-CHACHA20-POLY1305 is specified, as in command:
openssl s_client -cipher ECDHE-RSA-AES128-GCM-SHA256 -connect smtp.gmail.com:587 -starttls smtp
and it is pretty "lethal" for applications where it is not possible to specify a cipher through command line or configuration file, as sSMTP, which stops working entirely.
I have not investigated any other apps relaying on OpenSSL ciphers.
I am reporting this here as INCOMPATIBILITY and not as a bug, hoping that the dd-wrt devs will at least notice incompatible implementations of OpenSSL versions and newer ciphers.