Stephen Borrill <netbsd%precedence.co.uk@localhost> writes: > The upgrade to OpenSSL 1.0.1g included more than just the Heartbleed > fix. A workaround for TLS v1.2 interoperability with F5 load-balancers > was sneaked in too. This causes problems with some IronPort email > appliances and unfortunately, these seem to be annoying > common. Sendmail just fails with TLS handshake failed and does not > fall back to plain text. > > There are a couple of workarounds: > 1) Compile OpenSSL with #define TLSEXT_TYPE_padding 21 commented out > 2) Build sendmail with -D_FFR_TLS_1 and then use ClientSSLOptions to > disable TLS v1.2 (postfix users would need to handle this > differently). This seems like quite a mess. As I understand it, the F5 devices are buggy, and there's a protocol change to avoid that, and that change exposes bugs on the ironport devices (referenced to the older specs, which say this new padding extension should be ignored, presumably). It seems like the right fix is for sendmail to retry without TLS (if it's not configured to require TLS, of course). Taking the extension out of openssl seems reasonable as well, since only buggy peers need it. Downgrading TLS for all mail seems less reasonable, as it has a negative impact on communications with standards-conforming peers. Another idea is to make the openssl use of the extension configurable, so that it can be easily disabled without rebuilding.
Attachment:
pgp3XA6FxFTR8.pgp
Description: PGP signature