Quantcast

CA validation

classic Classic list List threaded Threaded
10 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

CA validation

Emmanuel Dreyfus
Squirrelmail has TLS support, but it lacks the ability to enforce server
certificate validation. This leaves no defense against MiM attacks using
a self-signed certificate.

Here is how it could be fixed, for SMTP side. Connexion is established
in class/deliver/Deliver_SMTP.class.php:

$stream =
    @fsockopen('tls://' . $host, $port, $errorNumber, $errorString);

The stream_socket_client() function is an alternative to fsockopen()
that appeared in PHP 5. It allows the caller to specify a context with
various options:

if (function_exists('stream_socket_client') {
  $remote = sprintf("ssl://%s:%d", $host, port);
  $opts = array(
    'ssl' => array(
      'verify_peer' => TRUE,
      'verify_depth' => 5,
      'cafile' => '/path/to/ca_file',
    ),
  );
  $ctx = stream_context_create($opts);
  $timeout = ini_get("default_socket_timeout");
  $stream =
    @stream_socket_client($remote, $errorNumber, $errorString,  
     $timeout, STREAM_CLIENT_CONNECT, $ctx);
} else {
  $stream =
    @fsockopen('ssl://' . $host, $port, $errorNumber, $errorString);
}

Of course '/path/to/ca_file' needs to be configurable, I can work on
this if the idea is accepted.

Also note that I changed tls:// to ssl://. Inside the bowels of PHP,
tls:// causes OpenSSL's TLSv1_client_method() to be used. As its name
suggests, this metho can only negociate TLSv1.

ssl:// causes SSLv23_client_method() to be used. As its named does not
suggests, it is able to negociate the highest protocol version
avaialble, up to TLSv1.2 if the installed OpenSSL supports it. This
causes much stronger ciphers to be used.

For now Squirrelmail's usage of tls:// can be worked around by
specifying a ssl:// prefixed $smtpServerAddress with $use_smtp_tls =
false, but switching the code to ssl:// would immediatly improve
everyone setup.

I did not look at the IMAP side since I use imapproxy, and therefore
Squirrelmail is not incharge of IMAP TLS, but the idea is the same.

--
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
[hidden email]

------------------------------------------------------------------------------
Shape the Mobile Experience: Free Subscription
Software experts and developers: Be at the forefront of tech innovation.
Intel(R) Software Adrenaline delivers strategic insight and game-changing
conversations that shape the rapidly evolving mobile landscape. Sign up now.
http://pubads.g.doubleclick.net/gampad/clk?id=63431311&iu=/4140/ostg.clktrk
-----
squirrelmail-devel mailing list
Posting guidelines: http://squirrelmail.org/postingguidelines
List address: [hidden email]
List archives: http://news.gmane.org/gmane.mail.squirrelmail.devel
List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-devel
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: CA validation

Emmanuel Dreyfus
Hello

I got no reply to the message below. Is there really no interest in
certificate validation? Encrypting communication is of little interest
if you are not sure of who you are talking with...

Emmanuel Dreyfus <[hidden email]> wrote:

> Squirrelmail has TLS support, but it lacks the ability to enforce server
> certificate validation. This leaves no defense against MiM attacks using
> a self-signed certificate.
>
> Here is how it could be fixed, for SMTP side. Connexion is established
> in class/deliver/Deliver_SMTP.class.php:
>
> $stream =
>     @fsockopen('tls://' . $host, $port, $errorNumber, $errorString);
>
> The stream_socket_client() function is an alternative to fsockopen()
> that appeared in PHP 5. It allows the caller to specify a context with
> various options:
>
> if (function_exists('stream_socket_client') {
>   $remote = sprintf("ssl://%s:%d", $host, port);
>   $opts = array(
>     'ssl' => array(
>       'verify_peer' => TRUE,
>       'verify_depth' => 5,
>       'cafile' => '/path/to/ca_file',
>     ),
>   );
>   $ctx = stream_context_create($opts);
>   $timeout = ini_get("default_socket_timeout");
>   $stream =
>     @stream_socket_client($remote, $errorNumber, $errorString,  
>      $timeout, STREAM_CLIENT_CONNECT, $ctx);
> } else {
>   $stream =
>     @fsockopen('ssl://' . $host, $port, $errorNumber, $errorString);
> }
>
> Of course '/path/to/ca_file' needs to be configurable, I can work on
> this if the idea is accepted.
>
> Also note that I changed tls:// to ssl://. Inside the bowels of PHP,
> tls:// causes OpenSSL's TLSv1_client_method() to be used. As its name
> suggests, this metho can only negociate TLSv1.
>
> ssl:// causes SSLv23_client_method() to be used. As its named does not
> suggests, it is able to negociate the highest protocol version
> avaialble, up to TLSv1.2 if the installed OpenSSL supports it. This
> causes much stronger ciphers to be used.
>
> For now Squirrelmail's usage of tls:// can be worked around by
> specifying a ssl:// prefixed $smtpServerAddress with $use_smtp_tls =
> false, but switching the code to ssl:// would immediatly improve
> everyone setup.
>
> I did not look at the IMAP side since I use imapproxy, and therefore
> Squirrelmail is not incharge of IMAP TLS, but the idea is the same.


--
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
[hidden email]

------------------------------------------------------------------------------
CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today.
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
-----
squirrelmail-devel mailing list
Posting guidelines: http://squirrelmail.org/postingguidelines
List address: [hidden email]
List archives: http://news.gmane.org/gmane.mail.squirrelmail.devel
List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-devel
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: CA validation

Paul Lesniewski
In reply to this post by Emmanuel Dreyfus
On Sat, Nov 23, 2013 at 9:37 PM, Emmanuel Dreyfus <[hidden email]> wrote:

> Squirrelmail has TLS support, but it lacks the ability to enforce server
> certificate validation. This leaves no defense against MiM attacks using
> a self-signed certificate.
>
> Here is how it could be fixed, for SMTP side. Connexion is established
> in class/deliver/Deliver_SMTP.class.php:
>
> $stream =
>     @fsockopen('tls://' . $host, $port, $errorNumber, $errorString);
>
> The stream_socket_client() function is an alternative to fsockopen()
> that appeared in PHP 5. It allows the caller to specify a context with
> various options:
>
> if (function_exists('stream_socket_client') {
>   $remote = sprintf("ssl://%s:%d", $host, port);
>   $opts = array(
>     'ssl' => array(
>       'verify_peer' => TRUE,
>       'verify_depth' => 5,
>       'cafile' => '/path/to/ca_file',
>     ),
>   );
>   $ctx = stream_context_create($opts);
>   $timeout = ini_get("default_socket_timeout");
>   $stream =
>     @stream_socket_client($remote, $errorNumber, $errorString,
>      $timeout, STREAM_CLIENT_CONNECT, $ctx);
> } else {
>   $stream =
>     @fsockopen('ssl://' . $host, $port, $errorNumber, $errorString);
> }
>
> Of course '/path/to/ca_file' needs to be configurable, I can work on
> this if the idea is accepted.
>
> Also note that I changed tls:// to ssl://. Inside the bowels of PHP,
> tls:// causes OpenSSL's TLSv1_client_method() to be used. As its name
> suggests, this metho can only negociate TLSv1.
>
> ssl:// causes SSLv23_client_method() to be used. As its named does not
> suggests, it is able to negociate the highest protocol version
> avaialble, up to TLSv1.2 if the installed OpenSSL supports it. This
> causes much stronger ciphers to be used.
>
> For now Squirrelmail's usage of tls:// can be worked around by
> specifying a ssl:// prefixed $smtpServerAddress with $use_smtp_tls =
> false, but switching the code to ssl:// would immediatly improve
> everyone setup.

Indeed. If you care to send a diff, I'd be happy to commit it.

> I did not look at the IMAP side since I use imapproxy, and therefore
> Squirrelmail is not incharge of IMAP TLS, but the idea is the same.

If you have the interest in addressing this, we'd appreciate it, but
if not, that's fine and I would be happy to take care of it.

--
Paul Lesniewski
SquirrelMail Team
Please support Open Source Software by donating to SquirrelMail!
http://squirrelmail.org/donate_paul_lesniewski.php

------------------------------------------------------------------------------
CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today.
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
-----
squirrelmail-devel mailing list
Posting guidelines: http://squirrelmail.org/postingguidelines
List address: [hidden email]
List archives: http://news.gmane.org/gmane.mail.squirrelmail.devel
List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-devel
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: CA validation

Emmanuel Dreyfus
On Sun, Jan 19, 2014 at 08:17:25PM -0800, Paul Lesniewski wrote:
> > Squirrelmail has TLS support, but it lacks the ability to enforce server
> > certificate validation. This leaves no defense against MiM attacks using
> > a self-signed certificate.
(...)
> Indeed. If you care to send a diff, I'd be happy to commit it.

Here is it:
http://ftp.espci.fr/shadow/manu/sq-stream.patch

I tested it with this configuration:
        $smtpServerAddress='smtp.example.net';
        $smtpPort = 465;
        $use_smtp_tls = true;
        $smtpOptions['ssl']['verify_peer'] = true;
        $smtpOptions['ssl']['verify_depth'] = 3;
        $smtpOptions['ssl']['cafile'] = '/etc/openssl/certs/ca.crt';

Using the wrong CA in $smtpOptions['ssl']['cafile'] cause the connexion
to abort, which suggests the thing works. Sendmail logs the TLS cipher
used as being ECDHE-RSA-AES256-GCM-SHA384, which is the best OpenSSL
can do.

There is just one small problem, with default timeout: having a
null timeout cause CA validation to always fail. In that patch,
I change a null tuimeout to abitrary value 30, but perhaps that
should be configurable.

While I am there, I made te same work on imapproxy. That was
discussed and submitted on the relevant mailig list months ago, but it
was not committed so far. Here is the latest patch, in case someone can
check it in:
http://ftp.espci.fr/shadow/manu/imapproxy4.patch


--
Emmanuel Dreyfus
[hidden email]

------------------------------------------------------------------------------
CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today.
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
-----
squirrelmail-devel mailing list
Posting guidelines: http://squirrelmail.org/postingguidelines
List address: [hidden email]
List archives: http://news.gmane.org/gmane.mail.squirrelmail.devel
List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-devel
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: CA validation

Emmanuel Dreyfus
Hi

You replied on the imapproxy patch, but not on the squirrelmail one. Was
it committed, or is there something to improve?

Emmanuel Dreyfus <[hidden email]> wrote:

> > Indeed. If you care to send a diff, I'd be happy to commit it.
>
> Here is it:
> http://ftp.espci.fr/shadow/manu/sq-stream.patch
>
> I tested it with this configuration:
>         $smtpServerAddress='smtp.example.net';
>       $smtpPort = 465;
>         $use_smtp_tls = true;
>         $smtpOptions['ssl']['verify_peer'] = true;
>         $smtpOptions['ssl']['verify_depth'] = 3;
>         $smtpOptions['ssl']['cafile'] = '/etc/openssl/certs/ca.crt';
>
> Using the wrong CA in $smtpOptions['ssl']['cafile'] cause the connexion
> to abort, which suggests the thing works. Sendmail logs the TLS cipher
> used as being ECDHE-RSA-AES256-GCM-SHA384, which is the best OpenSSL
> can do.
>
> There is just one small problem, with default timeout: having a
> null timeout cause CA validation to always fail. In that patch,
> I change a null tuimeout to abitrary value 30, but perhaps that
> should be configurable.


--
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
[hidden email]

------------------------------------------------------------------------------
CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today.
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
-----
squirrelmail-devel mailing list
Posting guidelines: http://squirrelmail.org/postingguidelines
List address: [hidden email]
List archives: http://news.gmane.org/gmane.mail.squirrelmail.devel
List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-devel
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: CA validation

Paul Lesniewski
In reply to this post by Emmanuel Dreyfus
On Mon, Jan 20, 2014 at 1:16 AM, Emmanuel Dreyfus <[hidden email]> wrote:

> On Sun, Jan 19, 2014 at 08:17:25PM -0800, Paul Lesniewski wrote:
>> > Squirrelmail has TLS support, but it lacks the ability to enforce server
>> > certificate validation. This leaves no defense against MiM attacks using
>> > a self-signed certificate.
> (...)
>> Indeed. If you care to send a diff, I'd be happy to commit it.
>
> Here is it:
> http://ftp.espci.fr/shadow/manu/sq-stream.patch
>
> I tested it with this configuration:
>         $smtpServerAddress='smtp.example.net';
>         $smtpPort = 465;
>         $use_smtp_tls = true;
>         $smtpOptions['ssl']['verify_peer'] = true;
>         $smtpOptions['ssl']['verify_depth'] = 3;
>         $smtpOptions['ssl']['cafile'] = '/etc/openssl/certs/ca.crt';
>
> Using the wrong CA in $smtpOptions['ssl']['cafile'] cause the connexion
> to abort, which suggests the thing works. Sendmail logs the TLS cipher
> used as being ECDHE-RSA-AES256-GCM-SHA384, which is the best OpenSSL
> can do.

http://sourceforge.net/p/squirrelmail/code/14427
http://sourceforge.net/p/squirrelmail/code/14429

I also added same support on the IMAP side.

Thanks again,

--
Paul Lesniewski
SquirrelMail Team
Please support Open Source Software by donating to SquirrelMail!
http://squirrelmail.org/donate_paul_lesniewski.php

------------------------------------------------------------------------------
CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today.
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
-----
squirrelmail-devel mailing list
Posting guidelines: http://squirrelmail.org/postingguidelines
List address: [hidden email]
List archives: http://news.gmane.org/gmane.mail.squirrelmail.devel
List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-devel
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: CA validation

Emmanuel Dreyfus
Paul Lesniewski <[hidden email]> wrote:

> http://sourceforge.net/p/squirrelmail/code/14427
> http://sourceforge.net/p/squirrelmail/code/14429

Thanks. I understand I have to use
$smtpSslOptions['cafile'] instead of $smtpOptions['ssl']['cafile']

That makes impossible to set up other socket options documented here:
http://fr2.php.net/manual/fr/context.socket.php

I did not meant to use them, but I just note the change, in case you did
not make it on purpose.

--
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
[hidden email]

------------------------------------------------------------------------------
CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today.
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
-----
squirrelmail-devel mailing list
Posting guidelines: http://squirrelmail.org/postingguidelines
List address: [hidden email]
List archives: http://news.gmane.org/gmane.mail.squirrelmail.devel
List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-devel
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: CA validation

Paul Lesniewski
On Mon, Jan 20, 2014 at 7:01 PM, Emmanuel Dreyfus <[hidden email]> wrote:

> Paul Lesniewski <[hidden email]> wrote:
>
>> http://sourceforge.net/p/squirrelmail/code/14427
>> http://sourceforge.net/p/squirrelmail/code/14429
>
> Thanks. I understand I have to use
> $smtpSslOptions['cafile'] instead of $smtpOptions['ssl']['cafile']
>
> That makes impossible to set up other socket options documented here:
> http://fr2.php.net/manual/fr/context.socket.php
>
> I did not meant to use them, but I just note the change, in case you did
> not make it on purpose.

I made the change on purpose, however, on second thought, it would
probably be best to have the flexibility of letting the administrator
apply the global options as well.  I just reverted to the way you had
originally proposed.  Changes are in SVN.

Thanks again.

--
Paul Lesniewski
SquirrelMail Team
Please support Open Source Software by donating to SquirrelMail!
http://squirrelmail.org/donate_paul_lesniewski.php

------------------------------------------------------------------------------
CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today.
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
-----
squirrelmail-devel mailing list
Posting guidelines: http://squirrelmail.org/postingguidelines
List address: [hidden email]
List archives: http://news.gmane.org/gmane.mail.squirrelmail.devel
List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-devel
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: CA validation

Emmanuel Dreyfus
On Mon, Jan 20, 2014 at 07:47:54PM -0800, Paul Lesniewski wrote:
> I made the change on purpose, however, on second thought, it would
> probably be best to have the flexibility of letting the administrator
> apply the global options as well.  I just reverted to the way you had
> originally proposed.  Changes are in SVN.

Shouldn't you revert the option name as well? $smtpSslOptions contains
non SSL stuff now. $smtpOptions seems mor coherent.

But I am getting picky, this is not a real issue.

--
Emmanuel Dreyfus
[hidden email]

------------------------------------------------------------------------------
CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today.
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
-----
squirrelmail-devel mailing list
Posting guidelines: http://squirrelmail.org/postingguidelines
List address: [hidden email]
List archives: http://news.gmane.org/gmane.mail.squirrelmail.devel
List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-devel
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: CA validation

Paul Lesniewski
On Tue, Jan 21, 2014 at 12:59 AM, Emmanuel Dreyfus <[hidden email]> wrote:

> On Mon, Jan 20, 2014 at 07:47:54PM -0800, Paul Lesniewski wrote:
>> I made the change on purpose, however, on second thought, it would
>> probably be best to have the flexibility of letting the administrator
>> apply the global options as well.  I just reverted to the way you had
>> originally proposed.  Changes are in SVN.
>
> Shouldn't you revert the option name as well? $smtpSslOptions contains
> non SSL stuff now. $smtpOptions seems mor coherent.
>
> But I am getting picky, this is not a real issue.

No, no problem, I appreciate attention to detail myself.  I just
changed to $smtp_stream_options and $imap_stream_options

Thanks

--
Paul Lesniewski
SquirrelMail Team
Please support Open Source Software by donating to SquirrelMail!
http://squirrelmail.org/donate_paul_lesniewski.php

------------------------------------------------------------------------------
CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today.
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
-----
squirrelmail-devel mailing list
Posting guidelines: http://squirrelmail.org/postingguidelines
List address: [hidden email]
List archives: http://news.gmane.org/gmane.mail.squirrelmail.devel
List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-devel
Loading...