[exim] Secure Client-Initiated Renegotiation

Top Page
Delete this message
Reply to this message
Author: Hans Morten Kind
Date:  
To: exim-users
CC: kind
Subject: [exim] Secure Client-Initiated Renegotiation
We were alarmed by the DROWNattack on Tuesday and started running
http://testssl.sh to find forgotten servers still running SSLv2 (or SSLv3).
There were not many left ...

But I also ran testssl.sh towards exim-servers offering TLS, and got an alarm on
Secure Client-Initiated Renegotiation, telling me not only "VULNERABLE (NOT ok)"
but also "DoS threat"!

We are running on RHEL6 servers with openssl from their repos, exim is
home-compiled and tested with versions 4.84 and 4.86, I have also tested exim
linked with a clean build of openssl-1.0.1s

I have played with openssl_options and the parameters of
allow_unsafe_legacy_renegotiation, no_session_resumption_on_renegotiation and
legacy_server_connect, but am still getting the alarm from testssl.

The test is run something like this on exim started with -tls-on-connect
echo R | openssl s_client -connect exim:465
exim seems to accept the RENEGOTIATING while a standard Apache httpd
is closing the connection with "ssl handshake failure" after ie
echo R | openssl s_client -connect httpd:443

Is there any way to turn this "feature" off?

hmk