Still getting Diffie-Hellman ephemeral key error after fixing server
I began getting the weak key (Logjam) error after an upgrade to Thunderbird 38.1.
The server has a 2,048 bit key and I have now restricted it to strong cipher suites (no export-grade ones) and it STILL reports the same error.
REPORTED ERROR: Timestamp: 7/23/2015 7:36:34 PM Error: An error occurred during a connection to mail.[snip]:993.
SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message.
(Error code: ssl_error_weak_server_ephemeral_dh_key)
So, on the mail server, I have changed the cipher suite string to no longer use any export-grade, or Diffie-Hellman ephemeral ciphers. Or any ciphers with less than HIGH strength: ALL:!ADH:!kDHE:!DHE:!TLS_RSA_WITH_IDEA_CBC_SHA:RC4+RSA:+HIGH:-MEDIUM:-LOW:-SSLv2:-EXP
I have used a script with nmap to confirm that all ciphers are strong:
nmap --script ssl-enum-ciphers -p<MAIL PORT> <MAIL HOST>
script here: http://nmap.org/svn/scripts/ssl-enum-ciphers.nse info here: http://nmap.org/nsedoc/scripts/ssl-enum-ciphers.html
I believe Thunderbird is reporting a weak cipher when none exists. Why doesn't the error console simply report what the weak cipher is so that it could be blocked in the cipher string of the mail server? As it is, I'm stuck: Thunderbird won't connect, but I believe the problem is fixed and without further info I have no way to fix it. Our company is stuck with T-bird 31 until I can understand why 38 complains.
Troubleshooting info:
Application Basics
Name: Thunderbird Version: 38.1.0 User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.1.0 Profile Folder: Show Folder
(Local drive) Application Build ID: 20150707103124 Enabled Plugins: about:plugins Build Configuration: about:buildconfig Memory Use: about:memory
Mail and News Accounts
account1:
INCOMING: account1, , (imap) mail.[snip]:993, SSL, passwordCleartext
OUTGOING: mail.[snip]:465, SSL, passwordCleartext, true
account2:
INCOMING: account2, , (none) Local Folders, plain, passwordCleartext
Crash Reports
Extensions
Lightning, 4.0.1, false, {e2fda1a4-762b-4020-b5ad-a41df1933103}
Important Modified Preferences
Name: Value
browser.cache.disk.capacity: 358400
browser.cache.disk.smart_size_cached_value: 358400
browser.cache.disk.smart_size.first_run: false
browser.cache.disk.smart_size.use_old_max: false
extensions.lastAppVersion: 38.1.0
font.name.monospace.el: Consolas
font.name.monospace.x-cyrillic: Consolas
font.name.monospace.x-unicode: Consolas
font.name.monospace.x-western: Consolas
font.name.sans-serif.el: Calibri
font.name.sans-serif.x-cyrillic: Calibri
font.name.sans-serif.x-unicode: Calibri
font.name.sans-serif.x-western: Calibri
font.name.serif.el: Cambria
font.name.serif.x-cyrillic: Cambria
font.name.serif.x-unicode: Cambria
font.name.serif.x-western: Cambria
font.size.fixed.el: 14
font.size.fixed.x-cyrillic: 14
font.size.fixed.x-unicode: 14
font.size.fixed.x-western: 14
font.size.variable.el: 17
font.size.variable.x-cyrillic: 17
font.size.variable.x-unicode: 17
font.size.variable.x-western: 17
gfx.direct3d.last_used_feature_level_idx: 0
mail.openMessageBehavior.version: 1
mail.winsearch.firstRunDone: true
mailnews.database.global.datastore.id: 95a1e376-28a1-47bd-863f-44701b2f644
network.cookie.prefsMigrated: true
network.predictor.cleaned-up: true
places.database.lastMaintenance: 1437407106
places.history.expiration.transient_current_max_pages: 104858
plugin.importedState: true
security.disable_button.openCertManager: false
Graphics
Adapter Description: Intel(R) HD Graphics 3000
Vendor ID: 0x8086
Device ID: 0x0122
Adapter RAM: Unknown
Adapter Drivers: igdumd64 igd10umd64 igd10umd64 igdumd32 igd10umd32 igd10umd32
Driver Version: 9.17.10.3347
Driver Date: 1-29-2014
Direct2D Enabled: true
DirectWrite Enabled: true (6.2.9200.17292)
ClearType Parameters: ClearType parameters not found
WebGL Renderer: false
GPU Accelerated Windows: 2/2 Direct3D 11
AzureCanvasBackend: direct2d 1.1
AzureSkiaAccelerated: 0
AzureFallbackCanvasBackend: cairo
AzureContentBackend: direct2d 1.1
JavaScript
Incremental GC: 1
Accessibility
Activated: 0 Prevent Accessibility: 0
Library Versions
Expected minimum version
Version in use
NSPR
4.10.8
4.10.8
NSS
3.19.2 Basic ECC
3.19.2 Basic ECC
NSS Util
3.19.2
3.19.2
NSS SSL
3.19.2 Basic ECC
3.19.2 Basic ECC
NSS S/MIME
3.19.2 Basic ECC
3.19.2 Basic ECC
Modificato da guygreg il
Tutte le risposte (7)
As a workaround you can install this add-on. https://addons.mozilla.org/en-US/firefox/addon/disable-dhe/
Check this article if you are having difficulties installing the add-on for Thunderbird. http://xenos-email-notes.simplesite.com/416814616
Wrt the server config you may ask in a forum for your server software.
It's great that that addon is available. I'd rather not have to get in installed on the machines of all our users, some of which are at remote locations.
According to the server, and the third party nmap tool, the server software is correctly configured and secure. I believe that Thunderbird is reporting an error incorrectly. I don't understand key exchanges well enough to submit a bug report.
According to the server, and the third party nmap tool, the server software is correctly configured and secure.
I doubt that, but this isn't the right forum to discuss this any further.
Is it possible there is some caching-related reason for Thunderbird to give this error? Is there any filtering proxy between Thunderbird and the server such as antivirus/antispam?
jscher2000 said
Is it possible there is some caching-related reason for Thunderbird to give this error? Is there any filtering proxy between Thunderbird and the server such as antivirus/antispam?
That seemed like a possibility, or more generically that somehow the changes I made to the server configuration were not being applied to the running software. To test that, I added ":-SSLv3" to the cipher list. That tells the server to refuse to use any SSL 3 ciphers. I restarted the server, fired up T-bird and clicked "Get Messages". It still didn't connect, but the message in the error console was now:
Timestamp: 7/28/2015 2:32:16 PM Error: An error occurred during a connection to mail.[snip]:993.
Cannot communicate securely with peer: no common encryption algorithm(s).
(Error code: ssl_error_no_cypher_overlap)
I then removed ":-SSLv3" from the server's cipher list, restarted the server, and connected to it with T-bird again. The error in the console went back to the Diffie-Hellman one.
This means that changes to the server's configuration are taking effect and T-bird is able to properly communicate with the server and attempt a key exchange each time, and there is no caching of credentials going on.
The only two possibilities I can see are: 1. The open-source Courier mail server software offers weak (export-grade) ephemeral Diffie-Hellman ciphers even when configured not to offer export grade ciphers or ephemeral Diffie-Hellman ciphers, or 2. Version 38 of Thunderbird reports a mail server as offering weak ephemeral Diffie-Hellman ciphers even when it does not, at least under some circumstances.
This is definitely getting over my head...
Could you check this comment in the bug tracking system about a possible workaround for Courier: https://bugzilla.mozilla.org/show_bug.cgi?id=1184488#c13
Thank you, that's very helpful!
I followed the cues given in Comment 45. https://bugzilla.mozilla.org/show_bug.cgi?id=1184488#c45
As root, do:
DH_BITS=1024
Then execute the script mkdhparams, which on my CentOS install is found in /usr/lib/courier-imap/share
The script runs for a while "generating DH parameters".
When it's done, restart Courier.
Thunderbird 38.1 now works as expected.
I agree with Comment 47, in that what's going on here is not actually the Logjam vulnerability, and the error message provided by Thunderbird is not helpful in discovering the issue it's complaining about.
I'm going to quote Comment 12 because it expresses my feelings on this:
"Personally, I wish the mozilla team would quit breaking client-side SSL support in the name of 'security' - it's been a real problem with older (and by 'older', I mean like 2-3 years old, not ancient) appliance-based systems (SOHO firewalls, VoIP ATAs, Storage systems and network equipment that have HTTPS based management interfaces), out-of-band server cards, etc. on the Firefox side. Really need to provide dialogs and options to continue after appropriate warnings, not just break stuff silently."
Modificato da guygreg il