On Wed, Sep 25, 2024 at 10:40:30AM +1000, raf via Postfix-users wrote:
> > Sep 24 21:49:18 mxback postfix/smtps/smtpd[24711]: warning: TLS library
> > problem: error:0A00006C:SSL routines::bad key
> > share:../ssl/statem/extensions_srvr.c:646:
>
> But I'm not sure what "bad key" means specifically so I might be wrong.
Above, I "unfolded" the log entry, the message is "bad key share", not
"bad key". Key shares are part of the speculative RTT reduction in TLS
1.3, in which a client tries to anticipate what key agreement methods
the server supports, and sends preƫmptive "key shares" for the guessed
methods.
The code in question is:
if (s->s3.group_id != 0 && PACKET_remaining(&key_share_list) == 0) {
/*
* If we set a group_id already, then we must have sent an HRR
* requesting a new key_share. If we haven't got one then that is an
* error
*/
SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_R_BAD_KEY_SHARE);
return 0;
}
Apparently the remote client reponse to an HRR (Hello Retry Request)
failed to include a key share for the requested mutually supported key
agreement method. That's not expected behaviour from a "normal" TLS
client stack. So increased probability that the client was performing
some sort of protocol test, rather than trying to deliver mail.
--
Viktor.
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
