Debian Bug report logs - #676563
exim4: new minimumum Diffie-Hellman length breaks sending, not configurable

version graph

Package: src:exim4; Maintainer for src:exim4 is Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>;

Reported by: Kevin Mitchell <kevmitch@math.sfu.ca>

Date: Thu, 7 Jun 2012 19:54:01 UTC

Severity: important

Found in version exim4/4.80-2

Fixed in version exim4/4.80-3

Done: Andreas Metzler <ametzler@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>:
Bug#676563; Package src:exim4. (Thu, 07 Jun 2012 19:54:04 GMT) Full text and rfc822 format available.

Acknowledgement sent to Kevin Mitchell <kevmitch@math.sfu.ca>:
New Bug report received and forwarded. Copy sent to Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>. (Thu, 07 Jun 2012 19:54:04 GMT) Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Kevin Mitchell <kevmitch@math.sfu.ca>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: exim4: new minimumum Diffie-Hellman length breaks sending, not configurable
Date: Thu, 07 Jun 2012 12:51:51 -0700
Source: exim4
Version: 4.80-2
Severity: important

This breaks relaying to my smarthost which requires secure
authentication, but apparently doesn't have the new required DH size of
2048. 

from /var/log/exim4/mainlog:

2012-06-07 11:57:56 1Schu8-0005cQ-SD <= kevmitch@math.sfu.ca U=kevmitch P=local S=472 id=20120607185756.GA21542@math.sfu.ca
2012-06-07 11:58:02 1Schu8-0005cQ-SD TLS error on connection to pobox.sfu.ca [142.58.101.28] (gnutls_handshake): The Diffie-Hellman prime sent by the server is not acceptable (not long enough).

Maybe a key shorter than 2048 is "insecure", but most people (myself
included) are not in a position to "fix" their smarthost. This wouldn't
be so bad as a default, except that as far as I can tell, there is no
way to configure it short of recompiling without 66_enlarge-dh-parameters-size.dpatch. 

I would recommend either dropping the patch or adding a runtime configuation option.

Kevin



-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (600, 'unstable'), (500, 'testing'), (400, 'stable'), (300, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.4.1.01 (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash




Information forwarded to debian-bugs-dist@lists.debian.org, Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>:
Bug#676563; Package src:exim4. (Fri, 08 Jun 2012 08:03:11 GMT) Full text and rfc822 format available.

Acknowledgement sent to Andreas Metzler <ametzler@downhill.at.eu.org>:
Extra info received and forwarded to list. Copy sent to Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>. (Fri, 08 Jun 2012 08:03:11 GMT) Full text and rfc822 format available.

Message #10 received at 676563@bugs.debian.org (full text, mbox):

From: Andreas Metzler <ametzler@downhill.at.eu.org>
To: Kevin Mitchell <kevmitch@math.sfu.ca>, 676563@bugs.debian.org
Subject: Re: Bug#676563: exim4: new minimumum Diffie-Hellman length breaks sending, not configurable
Date: Fri, 8 Jun 2012 09:38:35 +0200
On 2012-06-07 Kevin Mitchell <kevmitch@math.sfu.ca> wrote:
> Source: exim4
> Version: 4.80-2
> Severity: important

> This breaks relaying to my smarthost which requires secure
> authentication, but apparently doesn't have the new required DH size of
> 2048. 

> from /var/log/exim4/mainlog:

> 2012-06-07 11:57:56 1Schu8-0005cQ-SD <= kevmitch@math.sfu.ca U=kevmitch P=local S=472 id=20120607185756.GA21542@math.sfu.ca
> 2012-06-07 11:58:02 1Schu8-0005cQ-SD TLS error on connection to pobox.sfu.ca [142.58.101.28] (gnutls_handshake): The Diffie-Hellman prime sent by the server is not acceptable (not long enough).

> Maybe a key shorter than 2048 is "insecure", but most people (myself
> included) are not in a position to "fix" their smarthost. This wouldn't
[...]

Hello,

the upgrade from 4.77 to 4.80-2 should actually have lowered the
limit:

---------------------------------------------------
With respective patches we have this in 4.77-2
#define DH_BITS      2048
[...]
gnutls_dh_set_prime_bits(session, DH_BITS);

and this in 4.80-2:
#ifndef EXIM_CLIENT_DH_MIN_BITS
#define EXIM_CLIENT_DH_MIN_BITS 1024
#endif
[...]
gnutls_dh_set_prime_bits(state->session, EXIM_CLIENT_DH_MIN_BITS);
---------------------------------------------------

66_enlarge-dh-parameters-size.dpatch is a noop in sid, it only changes
EXIM_SERVER_DH_BITS_PRE2_12 which only triggers on backports, built
against gnutls < 2.12.

However, afaict the DH_BITS limit did not work with exim << 4.80. :-(

Anyway, pobox.sfu.ca really seems to broken, it only supports 512 bit DH,
which is probably not a lot better than sending unencrypted. 

exim GIT already has a fix, adding the tls_dh_min_bits SMTP transport
option.

cu andreas
-- 
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'




Reply sent to Andreas Metzler <ametzler@debian.org>:
You have taken responsibility. (Fri, 08 Jun 2012 11:36:04 GMT) Full text and rfc822 format available.

Notification sent to Kevin Mitchell <kevmitch@math.sfu.ca>:
Bug acknowledged by developer. (Fri, 08 Jun 2012 11:36:04 GMT) Full text and rfc822 format available.

Message #15 received at 676563-close@bugs.debian.org (full text, mbox):

From: Andreas Metzler <ametzler@debian.org>
To: 676563-close@bugs.debian.org
Subject: Bug#676563: fixed in exim4 4.80-3
Date: Fri, 08 Jun 2012 11:32:57 +0000
Source: exim4
Source-Version: 4.80-3

We believe that the bug you reported is fixed in the latest version of
exim4, which is due to be installed in the Debian FTP archive:

exim4-base_4.80-3_i386.deb
  to main/e/exim4/exim4-base_4.80-3_i386.deb
exim4-config_4.80-3_all.deb
  to main/e/exim4/exim4-config_4.80-3_all.deb
exim4-daemon-heavy-dbg_4.80-3_i386.deb
  to main/e/exim4/exim4-daemon-heavy-dbg_4.80-3_i386.deb
exim4-daemon-heavy_4.80-3_i386.deb
  to main/e/exim4/exim4-daemon-heavy_4.80-3_i386.deb
exim4-daemon-light-dbg_4.80-3_i386.deb
  to main/e/exim4/exim4-daemon-light-dbg_4.80-3_i386.deb
exim4-daemon-light_4.80-3_i386.deb
  to main/e/exim4/exim4-daemon-light_4.80-3_i386.deb
exim4-dbg_4.80-3_i386.deb
  to main/e/exim4/exim4-dbg_4.80-3_i386.deb
exim4-dev_4.80-3_i386.deb
  to main/e/exim4/exim4-dev_4.80-3_i386.deb
exim4_4.80-3.debian.tar.gz
  to main/e/exim4/exim4_4.80-3.debian.tar.gz
exim4_4.80-3.dsc
  to main/e/exim4/exim4_4.80-3.dsc
exim4_4.80-3_all.deb
  to main/e/exim4/exim4_4.80-3_all.deb
eximon4_4.80-3_i386.deb
  to main/e/exim4/eximon4_4.80-3_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 676563@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Andreas Metzler <ametzler@debian.org> (supplier of updated exim4 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

Format: 1.8
Date: Fri, 08 Jun 2012 12:37:05 +0200
Source: exim4
Binary: exim4-base exim4-config exim4-daemon-light exim4 exim4-daemon-heavy exim4-daemon-custom eximon4 exim4-dbg exim4-daemon-light-dbg exim4-daemon-heavy-dbg exim4-daemon-custom-dbg exim4-dev
Architecture: source i386 all
Version: 4.80-3
Distribution: unstable
Urgency: low
Maintainer: Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>
Changed-By: Andreas Metzler <ametzler@debian.org>
Description: 
 exim4      - metapackage to ease Exim MTA (v4) installation
 exim4-base - support files for all Exim MTA (v4) packages
 exim4-config - configuration for the Exim MTA (v4)
 exim4-daemon-custom - custom Exim MTA (v4) daemon with locally set features
 exim4-daemon-custom-dbg - debugging symbols for the Exim MTA (v4) packages
 exim4-daemon-heavy - Exim MTA (v4) daemon with extended features, including exiscan-ac
 exim4-daemon-heavy-dbg - debugging symbols for the Exim MTA "heavy" daemon
 exim4-daemon-light - lightweight Exim MTA (v4) daemon
 exim4-daemon-light-dbg - debugging symbols for the Exim MTA "light" daemon
 exim4-dbg  - debugging symbols for the Exim MTA (utilities)
 exim4-dev  - header files for the Exim MTA (v4) packages
 eximon4    - monitor application for the Exim MTA (v4) (X11 interface)
Closes: 676563
Changes: 
 exim4 (4.80-3) unstable; urgency=low
 .
   * Pull 75_openssl_sni.diff from upstream. - Segfault caused by NULL
     dereference if Exim is built using OpenSSL, tls_sni is used and a
     forced expansion failure is configured.
   * Pull 76_tls_dh_min_bits.diff (and the corresponding doc change
     77_docsfortls_dh_min_bits.diff) from upstream. Adds a new SMTP transport
     option tls_dh_min_bits for setting the minimal size of DH parameters.
   * Add macro TLS_DH_MIN_BITS for setting the tls_dh_min_bits smtp transport
     option. Closes: #676563
   * [lintian] Stop shipping empty directory /usr/share/exim4 in exim4-base.
Checksums-Sha1: 
 cd476f39515945e770302da0cf577ed26328de4a 2162 exim4_4.80-3.dsc
 7962d5a61628e6daa9aa0e06ec33459a41e4625f 575324 exim4_4.80-3.debian.tar.gz
 7a1c131f503b2b571cd8616a816443cfa96e2c36 1030882 exim4-base_4.80-3_i386.deb
 356082518e84db02d3a7ccb2abd5707766604c12 208536 eximon4_4.80-3_i386.deb
 a2ff6d14391d0f7bf99ffcaf758356389c53766b 627570 exim4-daemon-light_4.80-3_i386.deb
 aa2a98b064ed4d8e5b238233df26728d670b46da 684468 exim4-daemon-heavy_4.80-3_i386.deb
 ec4e30642a07be0d601584c7f6f78902593973d8 1132168 exim4-daemon-light-dbg_4.80-3_i386.deb
 1476f1125a2d56bb0be7a7e9b58c69c87cef0481 1264600 exim4-daemon-heavy-dbg_4.80-3_i386.deb
 9e3154913dbb1d84b62e4e3fa8f7d3e4c6c5d405 421386 exim4-dbg_4.80-3_i386.deb
 7f627f2935b6cd8b9bc048cc69821a9cdc71d696 173238 exim4-dev_4.80-3_i386.deb
 5647f81452c62edbd06dd51718898cff01143f04 477194 exim4-config_4.80-3_all.deb
 cde8fae563ec663e5b2337fdb8cee2dc6bd61025 7794 exim4_4.80-3_all.deb
Checksums-Sha256: 
 a820240181af11ae63299c7703ad98642e0e98ed57a431fdab533171ef57cd4b 2162 exim4_4.80-3.dsc
 1ff66e5b1c9112959246b4ba538afc9f7d778db77884175a61e2320cfb9f89f9 575324 exim4_4.80-3.debian.tar.gz
 04f77680514c1e11084d4ea23cae746ccf3cbbd82970751864d0f5acdae6e600 1030882 exim4-base_4.80-3_i386.deb
 324364cf0125ab4f14355ecbb22e98611fdd3703f19690020577156b6e04af66 208536 eximon4_4.80-3_i386.deb
 7d767871dd0303a71c7fd682957faaa6917eff12f573d8494eded4d779910453 627570 exim4-daemon-light_4.80-3_i386.deb
 ef2ad8039f7779edc2e1e62cd5a373ccc2558e64c050fe3d7805bebab6df9426 684468 exim4-daemon-heavy_4.80-3_i386.deb
 d8dc6051d65259d8f71a622dc32a65f6e33eb3175738174f94e8b4343dd94d0e 1132168 exim4-daemon-light-dbg_4.80-3_i386.deb
 a7e00c15f6fd00ea6e03037eb256ac3d8f6161d29a092195717e7f46a50ed27e 1264600 exim4-daemon-heavy-dbg_4.80-3_i386.deb
 8f19dde75c475c0f012fc750f26151b6ca4e2925694b2074dd6946d3626247af 421386 exim4-dbg_4.80-3_i386.deb
 d7b7ab85b46e8bd5482d96452002c4a9f6098fbddaec6af771f39cdaaff13daf 173238 exim4-dev_4.80-3_i386.deb
 1628d8094708e0df74c951ad59fc26e1134f2cc83493d57420bb503cc92c75f0 477194 exim4-config_4.80-3_all.deb
 dd7af8e3cfae085fbc15626bc28d4d01119ee8cb122b178c3bd9e3df5ee85791 7794 exim4_4.80-3_all.deb
Files: 
 146cab2f5d191ff99cf6b667edaeedb4 2162 mail standard exim4_4.80-3.dsc
 5ff04e0a35a9aa0987aef48a51667d0c 575324 mail standard exim4_4.80-3.debian.tar.gz
 cdc9b77c56a4e5c3897732af3e7ae175 1030882 mail standard exim4-base_4.80-3_i386.deb
 8f9b92f0dfc29012d929b224ae8366b5 208536 mail optional eximon4_4.80-3_i386.deb
 9af16d45844b782b9e0cfd055618f36f 627570 mail standard exim4-daemon-light_4.80-3_i386.deb
 06b59edce6a37ae63220688bf5b5dc2c 684468 mail optional exim4-daemon-heavy_4.80-3_i386.deb
 23af474f201128dea52e3811d4e71cce 1132168 debug extra exim4-daemon-light-dbg_4.80-3_i386.deb
 3c7128431bef54d35f24c23afc3ffbc5 1264600 debug extra exim4-daemon-heavy-dbg_4.80-3_i386.deb
 ea51831747afeea21b5f33411520b069 421386 debug extra exim4-dbg_4.80-3_i386.deb
 7655f8d53055d27abfce4550d463fceb 173238 mail extra exim4-dev_4.80-3_i386.deb
 12da37438d59d2c64debf03e4a0f1006 477194 mail standard exim4-config_4.80-3_all.deb
 55d3964fb6c3370c4dbb39f35f9cedf9 7794 mail standard exim4_4.80-3_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEAREDAAYFAk/R33cACgkQHTOcZYuNdmM0qgCfd4SFTUQ/Hjqkjszmbkb7/AiL
d0EAoKkaA5ylvbkXgCie66ibT0KIzNac
=FcnL
-----END PGP SIGNATURE-----





Information forwarded to debian-bugs-dist@lists.debian.org, Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>:
Bug#676563; Package src:exim4. (Sat, 09 Jun 2012 20:09:02 GMT) Full text and rfc822 format available.

Acknowledgement sent to Kevin Mitchell <kevmitch@math.sfu.ca>:
Extra info received and forwarded to list. Copy sent to Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>. (Sat, 09 Jun 2012 20:09:02 GMT) Full text and rfc822 format available.

Message #20 received at 676563@bugs.debian.org (full text, mbox):

From: Kevin Mitchell <kevmitch@math.sfu.ca>
To: 676563@bugs.debian.org
Subject: Re: Bug#676563 closed by Andreas Metzler <ametzler@debian.org> (Bug#676563: fixed in exim4 4.80-3)
Date: Sat, 9 Jun 2012 12:25:25 -0700
Thanks! Works great. I've also informed the admin of pobox.sfu.ca of the
vulnerability.

On Fri 12.06.08 11:36, Debian Bug Tracking System wrote:
>This is an automatic notification regarding your Bug report
>which was filed against the src:exim4 package:
>
>#676563: exim4: new minimumum Diffie-Hellman length breaks sending, not configurable
>
>It has been closed by Andreas Metzler <ametzler@debian.org>.
>
>Their explanation is attached below along with your original report.
>If this explanation is unsatisfactory and you have not received a
>better one in a separate message then please contact Andreas Metzler <ametzler@debian.org> by
>replying to this email.
>
>

>Date: Fri, 08 Jun 2012 11:32:57 +0000
>From: Andreas Metzler <ametzler@debian.org>
>To: 676563-close@bugs.debian.org
>Subject: Bug#676563: fixed in exim4 4.80-3
>
>Source: exim4
>Source-Version: 4.80-3
>
>We believe that the bug you reported is fixed in the latest version of
>exim4, which is due to be installed in the Debian FTP archive:
>
>exim4-base_4.80-3_i386.deb
>  to main/e/exim4/exim4-base_4.80-3_i386.deb
>exim4-config_4.80-3_all.deb
>  to main/e/exim4/exim4-config_4.80-3_all.deb
>exim4-daemon-heavy-dbg_4.80-3_i386.deb
>  to main/e/exim4/exim4-daemon-heavy-dbg_4.80-3_i386.deb
>exim4-daemon-heavy_4.80-3_i386.deb
>  to main/e/exim4/exim4-daemon-heavy_4.80-3_i386.deb
>exim4-daemon-light-dbg_4.80-3_i386.deb
>  to main/e/exim4/exim4-daemon-light-dbg_4.80-3_i386.deb
>exim4-daemon-light_4.80-3_i386.deb
>  to main/e/exim4/exim4-daemon-light_4.80-3_i386.deb
>exim4-dbg_4.80-3_i386.deb
>  to main/e/exim4/exim4-dbg_4.80-3_i386.deb
>exim4-dev_4.80-3_i386.deb
>  to main/e/exim4/exim4-dev_4.80-3_i386.deb
>exim4_4.80-3.debian.tar.gz
>  to main/e/exim4/exim4_4.80-3.debian.tar.gz
>exim4_4.80-3.dsc
>  to main/e/exim4/exim4_4.80-3.dsc
>exim4_4.80-3_all.deb
>  to main/e/exim4/exim4_4.80-3_all.deb
>eximon4_4.80-3_i386.deb
>  to main/e/exim4/eximon4_4.80-3_i386.deb
>
>
>
>A summary of the changes between this version and the previous one is
>attached.
>
>Thank you for reporting the bug, which will now be closed.  If you
>have further comments please address them to 676563@bugs.debian.org,
>and the maintainer will reopen the bug report if appropriate.
>
>Debian distribution maintenance software
>pp.
>Andreas Metzler <ametzler@debian.org> (supplier of updated exim4 package)
>
>(This message was generated automatically at their request; if you
>believe that there is a problem with it please contact the archive
>administrators by mailing ftpmaster@debian.org)
>
>
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: RIPEMD160
>
>Format: 1.8
>Date: Fri, 08 Jun 2012 12:37:05 +0200
>Source: exim4
>Binary: exim4-base exim4-config exim4-daemon-light exim4 exim4-daemon-heavy exim4-daemon-custom eximon4 exim4-dbg exim4-daemon-light-dbg exim4-daemon-heavy-dbg exim4-daemon-custom-dbg exim4-dev
>Architecture: source i386 all
>Version: 4.80-3
>Distribution: unstable
>Urgency: low
>Maintainer: Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>
>Changed-By: Andreas Metzler <ametzler@debian.org>
>Description:
> exim4      - metapackage to ease Exim MTA (v4) installation
> exim4-base - support files for all Exim MTA (v4) packages
> exim4-config - configuration for the Exim MTA (v4)
> exim4-daemon-custom - custom Exim MTA (v4) daemon with locally set features
> exim4-daemon-custom-dbg - debugging symbols for the Exim MTA (v4) packages
> exim4-daemon-heavy - Exim MTA (v4) daemon with extended features, including exiscan-ac
> exim4-daemon-heavy-dbg - debugging symbols for the Exim MTA "heavy" daemon
> exim4-daemon-light - lightweight Exim MTA (v4) daemon
> exim4-daemon-light-dbg - debugging symbols for the Exim MTA "light" daemon
> exim4-dbg  - debugging symbols for the Exim MTA (utilities)
> exim4-dev  - header files for the Exim MTA (v4) packages
> eximon4    - monitor application for the Exim MTA (v4) (X11 interface)
>Closes: 676563
>Changes:
> exim4 (4.80-3) unstable; urgency=low
> .
>   * Pull 75_openssl_sni.diff from upstream. - Segfault caused by NULL
>     dereference if Exim is built using OpenSSL, tls_sni is used and a
>     forced expansion failure is configured.
>   * Pull 76_tls_dh_min_bits.diff (and the corresponding doc change
>     77_docsfortls_dh_min_bits.diff) from upstream. Adds a new SMTP transport
>     option tls_dh_min_bits for setting the minimal size of DH parameters.
>   * Add macro TLS_DH_MIN_BITS for setting the tls_dh_min_bits smtp transport
>     option. Closes: #676563
>   * [lintian] Stop shipping empty directory /usr/share/exim4 in exim4-base.
>Checksums-Sha1:
> cd476f39515945e770302da0cf577ed26328de4a 2162 exim4_4.80-3.dsc
> 7962d5a61628e6daa9aa0e06ec33459a41e4625f 575324 exim4_4.80-3.debian.tar.gz
> 7a1c131f503b2b571cd8616a816443cfa96e2c36 1030882 exim4-base_4.80-3_i386.deb
> 356082518e84db02d3a7ccb2abd5707766604c12 208536 eximon4_4.80-3_i386.deb
> a2ff6d14391d0f7bf99ffcaf758356389c53766b 627570 exim4-daemon-light_4.80-3_i386.deb
> aa2a98b064ed4d8e5b238233df26728d670b46da 684468 exim4-daemon-heavy_4.80-3_i386.deb
> ec4e30642a07be0d601584c7f6f78902593973d8 1132168 exim4-daemon-light-dbg_4.80-3_i386.deb
> 1476f1125a2d56bb0be7a7e9b58c69c87cef0481 1264600 exim4-daemon-heavy-dbg_4.80-3_i386.deb
> 9e3154913dbb1d84b62e4e3fa8f7d3e4c6c5d405 421386 exim4-dbg_4.80-3_i386.deb
> 7f627f2935b6cd8b9bc048cc69821a9cdc71d696 173238 exim4-dev_4.80-3_i386.deb
> 5647f81452c62edbd06dd51718898cff01143f04 477194 exim4-config_4.80-3_all.deb
> cde8fae563ec663e5b2337fdb8cee2dc6bd61025 7794 exim4_4.80-3_all.deb
>Checksums-Sha256:
> a820240181af11ae63299c7703ad98642e0e98ed57a431fdab533171ef57cd4b 2162 exim4_4.80-3.dsc
> 1ff66e5b1c9112959246b4ba538afc9f7d778db77884175a61e2320cfb9f89f9 575324 exim4_4.80-3.debian.tar.gz
> 04f77680514c1e11084d4ea23cae746ccf3cbbd82970751864d0f5acdae6e600 1030882 exim4-base_4.80-3_i386.deb
> 324364cf0125ab4f14355ecbb22e98611fdd3703f19690020577156b6e04af66 208536 eximon4_4.80-3_i386.deb
> 7d767871dd0303a71c7fd682957faaa6917eff12f573d8494eded4d779910453 627570 exim4-daemon-light_4.80-3_i386.deb
> ef2ad8039f7779edc2e1e62cd5a373ccc2558e64c050fe3d7805bebab6df9426 684468 exim4-daemon-heavy_4.80-3_i386.deb
> d8dc6051d65259d8f71a622dc32a65f6e33eb3175738174f94e8b4343dd94d0e 1132168 exim4-daemon-light-dbg_4.80-3_i386.deb
> a7e00c15f6fd00ea6e03037eb256ac3d8f6161d29a092195717e7f46a50ed27e 1264600 exim4-daemon-heavy-dbg_4.80-3_i386.deb
> 8f19dde75c475c0f012fc750f26151b6ca4e2925694b2074dd6946d3626247af 421386 exim4-dbg_4.80-3_i386.deb
> d7b7ab85b46e8bd5482d96452002c4a9f6098fbddaec6af771f39cdaaff13daf 173238 exim4-dev_4.80-3_i386.deb
> 1628d8094708e0df74c951ad59fc26e1134f2cc83493d57420bb503cc92c75f0 477194 exim4-config_4.80-3_all.deb
> dd7af8e3cfae085fbc15626bc28d4d01119ee8cb122b178c3bd9e3df5ee85791 7794 exim4_4.80-3_all.deb
>Files:
> 146cab2f5d191ff99cf6b667edaeedb4 2162 mail standard exim4_4.80-3.dsc
> 5ff04e0a35a9aa0987aef48a51667d0c 575324 mail standard exim4_4.80-3.debian.tar.gz
> cdc9b77c56a4e5c3897732af3e7ae175 1030882 mail standard exim4-base_4.80-3_i386.deb
> 8f9b92f0dfc29012d929b224ae8366b5 208536 mail optional eximon4_4.80-3_i386.deb
> 9af16d45844b782b9e0cfd055618f36f 627570 mail standard exim4-daemon-light_4.80-3_i386.deb
> 06b59edce6a37ae63220688bf5b5dc2c 684468 mail optional exim4-daemon-heavy_4.80-3_i386.deb
> 23af474f201128dea52e3811d4e71cce 1132168 debug extra exim4-daemon-light-dbg_4.80-3_i386.deb
> 3c7128431bef54d35f24c23afc3ffbc5 1264600 debug extra exim4-daemon-heavy-dbg_4.80-3_i386.deb
> ea51831747afeea21b5f33411520b069 421386 debug extra exim4-dbg_4.80-3_i386.deb
> 7655f8d53055d27abfce4550d463fceb 173238 mail extra exim4-dev_4.80-3_i386.deb
> 12da37438d59d2c64debf03e4a0f1006 477194 mail standard exim4-config_4.80-3_all.deb
> 55d3964fb6c3370c4dbb39f35f9cedf9 7794 mail standard exim4_4.80-3_all.deb
>
>-----BEGIN PGP SIGNATURE-----
>Version: GnuPG v1.4.12 (GNU/Linux)
>
>iEYEAREDAAYFAk/R33cACgkQHTOcZYuNdmM0qgCfd4SFTUQ/Hjqkjszmbkb7/AiL
>d0EAoKkaA5ylvbkXgCie66ibT0KIzNac
>=FcnL
>-----END PGP SIGNATURE-----
>
>

>Date: Thu, 07 Jun 2012 12:51:51 -0700
>From: Kevin Mitchell <kevmitch@math.sfu.ca>
>To: Debian Bug Tracking System <submit@bugs.debian.org>
>Subject: exim4: new minimumum Diffie-Hellman length breaks sending, not
> configurable
>X-Mailer: reportbug 6.4
>
>Source: exim4
>Version: 4.80-2
>Severity: important
>
>This breaks relaying to my smarthost which requires secure
>authentication, but apparently doesn't have the new required DH size of
>2048.
>
>from /var/log/exim4/mainlog:
>
>2012-06-07 11:57:56 1Schu8-0005cQ-SD <= kevmitch@math.sfu.ca U=kevmitch P=local S=472 id=20120607185756.GA21542@math.sfu.ca
>2012-06-07 11:58:02 1Schu8-0005cQ-SD TLS error on connection to pobox.sfu.ca [142.58.101.28] (gnutls_handshake): The Diffie-Hellman prime sent by the server is not acceptable (not long enough).
>
>Maybe a key shorter than 2048 is "insecure", but most people (myself
>included) are not in a position to "fix" their smarthost. This wouldn't
>be so bad as a default, except that as far as I can tell, there is no
>way to configure it short of recompiling without 66_enlarge-dh-parameters-size.dpatch.
>
>I would recommend either dropping the patch or adding a runtime configuation option.
>
>Kevin
>
>
>
>-- System Information:
>Debian Release: wheezy/sid
>  APT prefers unstable
>  APT policy: (600, 'unstable'), (500, 'testing'), (400, 'stable'), (300, 'experimental')
>Architecture: amd64 (x86_64)
>
>Kernel: Linux 3.4.1.01 (SMP w/4 CPU cores)
>Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
>Shell: /bin/sh linked to /bin/dash
>
>





Information forwarded to debian-bugs-dist@lists.debian.org, Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>:
Bug#676563; Package src:exim4. (Wed, 20 Jun 2012 23:03:04 GMT) Full text and rfc822 format available.

Acknowledgement sent to Eric Cooper <ecc@cmu.edu>:
Extra info received and forwarded to list. Copy sent to Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>. (Wed, 20 Jun 2012 23:03:04 GMT) Full text and rfc822 format available.

Message #25 received at 676563@bugs.debian.org (full text, mbox):

From: Eric Cooper <ecc@cmu.edu>
To: Debian Bug Tracking System <676563@bugs.debian.org>
Subject: Re: exim4: new minimumum Diffie-Hellman length breaks sending, not configurable
Date: Wed, 20 Jun 2012 19:01:15 -0400
Package: exim4
Followup-For: Bug #676563

This problem still exists for me in version 4.80-3.
I'm using smtp.srv.cs.cmu.edu as smarthost, and I get this error:

2012-06-20 18:40:40 1ShRfu-0001AA-8c TLS error on connection to smtp.srv.cs.cmu.edu [128.2.217.15] (gnutls_handshake): The Diffie-Hellman prime sent by the server is not acceptable (not long enough).
2012-06-20 18:40:40 1ShRfu-0001AA-8c TLS session failure: delivering unencrypted to smtp.srv.cs.cmu.edu [128.2.217.15] (not in hosts_require_tls)

I downgraded to 4.77-1 and my configuration works again.

I tried setting tls_dh_min_bits to several lower values, but it didn't
help. (Perhaps I was doing it wrong.)  Also, is there a debugging
option that would allow me to determine the prime size that the CMU
server is using?

-- Package-specific info:
Exim version 4.77 #3 built 22-Oct-2011 17:56:52
Copyright (c) University of Cambridge, 1995 - 2007
Berkeley DB: Berkeley DB 5.1.25: (January 28, 2011)
Support for: crypteq iconv() IPv6 GnuTLS move_frozen_messages DKIM
Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmnz dnsdb dsearch nis nis0 passwd
Authenticators: cram_md5 plaintext
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore autoreply lmtp pipe smtp
Fixed never_users: 0
Size of off_t: 8
Configuration file is /var/lib/exim4/config.autogenerated

-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (500, 'testing'), (400, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages exim4 depends on:
ii  debconf [debconf-2.0]                                          1.5.43
pn  exim4-base                                                     <none>
pn  exim4-daemon-light | exim4-daemon-heavy | exim4-daemon-custom  <none>

exim4 recommends no packages.

exim4 suggests no packages.

-- debconf information:
  exim4/drec:




Information forwarded to debian-bugs-dist@lists.debian.org, Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>:
Bug#676563; Package src:exim4. (Thu, 21 Jun 2012 17:51:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Andreas Metzler <ametzler@downhill.at.eu.org>:
Extra info received and forwarded to list. Copy sent to Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>. (Thu, 21 Jun 2012 17:51:03 GMT) Full text and rfc822 format available.

Message #30 received at 676563@bugs.debian.org (full text, mbox):

From: Andreas Metzler <ametzler@downhill.at.eu.org>
To: Eric Cooper <ecc@cmu.edu>, 676563@bugs.debian.org
Subject: Re: Bug#676563: exim4: new minimumum Diffie-Hellman length breaks sending, not configurable
Date: Thu, 21 Jun 2012 19:47:47 +0200
On 2012-06-21 Eric Cooper <ecc@cmu.edu> wrote:
> Package: exim4
> Followup-For: Bug #676563

> This problem still exists for me in version 4.80-3.
> I'm using smtp.srv.cs.cmu.edu as smarthost, and I get this error:

> 2012-06-20 18:40:40 1ShRfu-0001AA-8c TLS error on connection to smtp.srv.cs.cmu.edu [128.2.217.15] (gnutls_handshake): The Diffie-Hellman prime sent by the server is not acceptable (not long enough).
> 2012-06-20 18:40:40 1ShRfu-0001AA-8c TLS session failure: delivering unencrypted to smtp.srv.cs.cmu.edu [128.2.217.15] (not in hosts_require_tls)

> I downgraded to 4.77-1 and my configuration works again.

> I tried setting tls_dh_min_bits to several lower values, but it didn't
> help. (Perhaps I was doing it wrong.)

Hello,
With the default setting, I also see the error:

(SID)root@argenau:/# exim4 -bP transport remote_smtp_smarthost | grep tls_dh_min
tls_dh_min_bits = 1024
(SID)root@argenau:/# echo foo | exim -f '<>' -d+all  invalid@example.com
[...]
28546   SMTP>> STARTTLS
28546 waiting for data on socket
28546 read response data: size=30
28546   SMTP<< 220 2.0.0 Ready to start TLS
28546 initialising GnuTLS as a client on fd 7
28546 GnuTLS global init required.
28546 initialising GnuTLS client session
28546 Expanding various TLS configuration options for session credentials.
28546 TLS: no client certificate specified; okay
28546 TLS: tls_verify_certificates not set or empty, ignoring
28546 GnuTLS using default session cipher/priority "NORMAL"
28546 Setting D-H prime minimum acceptable bits to 1024
28546 TLS: server certificate verification not required
28546 LOG: MAIN
28546   TLS error on connection to smtp.srv.cs.cmu.edu [128.2.217.15] (gnutls_handshake): The Diffie-Hellman prime sent by the server is not acceptable (not long enough).


However downgrading the security works for me:

(SID)root@argenau:/# echo TLS_DH_MIN_BITS = 512 >> /etc/exim4/exim4.conf.localmacros
(SID)root@argenau:/# /etc/init.d/exim4 restart
[...]
(SID)root@argenau:/# exim4 -bP transport remote_smtp_smarthost | grep tls_dh_min
tls_dh_min_bits = 512
(SID)root@argenau:/# echo foo | exim -f '<>' -d+all  invalid@example.com
[...]
28546   SMTP>> STARTTLS
28546 waiting for data on socket
28546 read response data: size=30
28546   SMTP<< 220 2.0.0 Ready to start TLS
28546 initialising GnuTLS as a client on fd 7
28546 GnuTLS global init required.
28546 initialising GnuTLS client session
28546 Expanding various TLS configuration options for session credentials.
28546 TLS: no client certificate specified; okay
28546 TLS: tls_verify_certificates not set or empty, ignoring
28546 GnuTLS using default session cipher/priority "NORMAL"
28546 Setting D-H prime minimum acceptable bits to 512
28546 TLS: server certificate verification not required
28546 gnutls_handshake was successful
28546 cipher: TLS1.0:DHE_RSA_AES_128_CBC_SHA1:128

How did you try to downgrade the tls_dh_min_bits setting and to which
value?


> Also, is there a debugging
> option that would allow me to determine the prime size that the CMU
> server is using?

You can use gnutls-cli as debugging tool:

ametzler@argenau:~$ gnutls-cli -s smtp.srv.cs.cmu.edu -p 25
[...]
220 smtp03.srv.cs.cmu.edu ESMTP Sendmail 8.13.6/8.13.6; Thu, 21 Jun 2012 13:09:17 -0400 (EDT)
ehlo foo
250-smtp03.srv.cs.cmu.edu Hello 91-115-38-95.adsl.highway.telekom.at [91.115.38.95], pleased to meet you
250-ENHANCEDSTATUSCODES
[...]
STARTTLS
220 2.0.0 Ready to start TLS
[Press <Ctrl>-D now]
*** Starting TLS handshake
[...]
- Ephemeral Diffie-Hellman parameters
 - Using prime: 512 bits
 - Secret key: 511 bits
 - Peer's public key: 512 bits
- Version: TLS1.0
- Key Exchange: DHE-RSA
- Cipher: AES-128-CBC
- MAC: SHA1
- Compression: NULL
[...]

cu andreas
-- 
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'




Information forwarded to debian-bugs-dist@lists.debian.org, Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>:
Bug#676563; Package src:exim4. (Thu, 21 Jun 2012 19:27:05 GMT) Full text and rfc822 format available.

Acknowledgement sent to Eric Cooper <ecc@cmu.edu>:
Extra info received and forwarded to list. Copy sent to Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>. (Thu, 21 Jun 2012 19:27:05 GMT) Full text and rfc822 format available.

Message #35 received at 676563@bugs.debian.org (full text, mbox):

From: Eric Cooper <ecc@cmu.edu>
To: Andreas Metzler <ametzler@downhill.at.eu.org>
Cc: 676563@bugs.debian.org
Subject: Re: Bug#676563: exim4: new minimumum Diffie-Hellman length breaks sending, not configurable
Date: Thu, 21 Jun 2012 15:23:21 -0400
On Thu, Jun 21, 2012 at 07:47:47PM +0200, Andreas Metzler wrote:
> How did you try to downgrade the tls_dh_min_bits setting and to which
> value?

I added a line of the form
    tls_dh_min_bits = N
to the file
    /etc/exim4/conf.d/transport/30_exim4-config_remote_smtp_smarthost
for N = 512, 256, and 64.  Each time I ran update-exim4.conf and restarted exim4.

I'll try your way and see if that works for me.  (I'll also let CMU
know about their short key length).  Thanks.

-- 
Eric Cooper             e c c @ c m u . e d u




Information forwarded to debian-bugs-dist@lists.debian.org, Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>:
Bug#676563; Package src:exim4. (Thu, 21 Jun 2012 21:15:13 GMT) Full text and rfc822 format available.

Acknowledgement sent to Eric Cooper <ecc@cmu.edu>:
Extra info received and forwarded to list. Copy sent to Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>. (Thu, 21 Jun 2012 21:15:14 GMT) Full text and rfc822 format available.

Message #40 received at 676563@bugs.debian.org (full text, mbox):

From: Eric Cooper <ecc@cmu.edu>
To: Andreas Metzler <ametzler@downhill.at.eu.org>
Cc: 676563@bugs.debian.org
Subject: Re: Bug#676563: exim4: new minimumum Diffie-Hellman length breaks sending, not configurable
Date: Thu, 21 Jun 2012 17:10:17 -0400
On Thu, Jun 21, 2012 at 07:47:47PM +0200, Andreas Metzler wrote:
> However downgrading the security works for me:
> 
> (SID)root@argenau:/# echo TLS_DH_MIN_BITS = 512 >> /etc/exim4/exim4.conf.localmacros

This method worked for me too, thanks.

-- 
Eric Cooper             e c c @ c m u . e d u




Information forwarded to debian-bugs-dist@lists.debian.org, Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>:
Bug#676563; Package src:exim4. (Fri, 22 Jun 2012 17:09:02 GMT) Full text and rfc822 format available.

Acknowledgement sent to Andreas Metzler <ametzler@downhill.at.eu.org>:
Extra info received and forwarded to list. Copy sent to Exim4 Maintainers <pkg-exim4-maintainers@lists.alioth.debian.org>. (Fri, 22 Jun 2012 17:09:02 GMT) Full text and rfc822 format available.

Message #45 received at 676563@bugs.debian.org (full text, mbox):

From: Andreas Metzler <ametzler@downhill.at.eu.org>
To: Eric Cooper <ecc@cmu.edu>, 676563@bugs.debian.org
Subject: Re: Bug#676563: exim4: new minimumum Diffie-Hellman length breaks sending, not configurable
Date: Fri, 22 Jun 2012 19:03:54 +0200
On 2012-06-21 Eric Cooper <ecc@cmu.edu> wrote:
> On Thu, Jun 21, 2012 at 07:47:47PM +0200, Andreas Metzler wrote:
> > How did you try to downgrade the tls_dh_min_bits setting and to which
> > value?

> I added a line of the form
>     tls_dh_min_bits = N
> to the file
>     /etc/exim4/conf.d/transport/30_exim4-config_remote_smtp_smarthost
> for N = 512, 256, and 64.  Each time I ran update-exim4.conf and restarted exim4.

> I'll try your way and see if that works for me.  (I'll also let CMU
> know about their short key length).  Thanks.

Thanks for the feedback (refering to the later mail where it worked
for you).

Whether the files under /etc/exim4/conf.d or
/etc/exim4/exim4.conf.localmacros together with
/etc/exim4/exim4.conf.template are used depends on whether you are
using split config.

file:///usr/share/doc/exim4-base/README.Debian.html#idp82720

cu andreas
-- 
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'




Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Wed, 01 Aug 2012 07:30:52 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Sun Apr 20 09:27:30 2014; Machine Name: beach.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.