On Mon, May 31, 2021 at 11:19:23PM +0200, Marcin Gryszkalis via Exim-users wrote:
> On 31.05.2021 22:59, Viktor Dukhovni via Exim-users wrote:
> >> I checked on exim built on FreeBSD 12 (with openssl 1.1) and it works fine - but fails on other installation with openssl 1.0.
> >
> > So what version of FreeBSD and OpenSSL are on the system with the
> > reported issue? Support for negotiated ECDHE groups has evolved in
> > OpenSSL over time. With older OpenSSL releases unless group selection
> > is explicitly set to "auto", the server picks some single default group,
> > which may not match this particular client's choice.
>
> Sorry, I forgot to mention this.
>
> This is OpenSSL 1.0.2u (base version for FreeBSD 11.4).
I see, the version of OpenSSL may be relevant here.
Is the server in question "mail.fuze.pl"? On port 25 for that server I
see:
No client certificate CA names sent
Peer signing digest: SHA512
Peer signature type: RSA
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 3757 bytes and written 475 bytes
Verification: OK
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 4096 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
Session-ID: ...
Session-ID-ctx:
Master-Key: ...
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1622494851
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
Which does show working support for ECDHE with P-256. I'd also humbly
suggest not bothering with 4096 bit RSA certs, they're rather pointless.
The major CAs are all using 2048 bit RSA. RSA 4096 is just bloat.
> I could switch to 1.1.1k from ports but that would require rebuilding
> exim and the rest.
> I also could switch to libressl or even GnuTLS...
I would not recommend either of those two, but OpenSSL 1.1.1 would be a
much better choice, 1.0.2 has been EOL for quite some time.
--
Viktor.
