Comments (21)
I mean, I guess technically I could just allow "scram-*" as a preference instead of specifically looking for "scram-sha-1" and "scram-sha-256" and check the current PHP install to see if there's a matching digest algorithm in both hash_algos() and hash_hmac_algos() as the validation. The hyphen/no hyphen thing's a bit annoying, but not a problem.
You might also actually want to try reporting all this to the actual developers of SquirrelMail, as this is just an edited clone of one branch of the official SourceForge-hosted project.
from squirrelmail.
It is official, it is here: RFC 9266: Channel Bindings for TLS 1.3:
from squirrelmail.
I can add SCRAM-SHA-1 and SCRAM-SHA-256 for IMAP and SMTP fairly easily, but the Channel Binding PLUS variants require access to the TLS layer which PHP tends to hide behind its socket system. I have no idea how to even approach tls-unique, though stream_context_get_params() may potentially help with tls-server-endpoint. Without a test server that supports SCRAM-SHA-1-PLUS, though, I wouldn't even want to attempt an implementation.
I don't imagine any mail servers have SCRAM-SHA-512, but all it would take to include support are a couple of copy/paste actions, same as any other hmac-compatible hashing algorithm.
from squirrelmail.
There is Cyrus SASL since some months with SCRAM-SHA-1 / SCRAM-SHA-1-PLUS / SCRAM-SHA-224 / SCRAM-SHA-224-PLUS / SCRAM-SHA-256 / SCRAM-SHA-256-PLUS / SCRAM-SHA-384 / SCRAM-SHA-384-PLUS / SCRAM-SHA-512 / SCRAM-SHA-512-PLUS
Code:
- https://github.com/cyrusimap/cyrus-sasl/commits/master
** Commits from Sep 2, 2019
** Commits from Sep 4, 2019
from squirrelmail.
Pretty sure I did everything right and followed all the standards. I only tested SHA-1, but since I'm using the method I described above instead of hardcoding the algorithms, I can only assume it'll function identically with any other selection.
I do not want to try adding any other algorithms unless I can find an existing server to test them with. Setting up my own server just for this was way too much for the few lines of code I added.
from squirrelmail.
@RealityRipple: Thanks a lot :)
Yes I would like to see this in main squirrelmail code ^^
But you have not specified for -PLUS variant in the code, please specify :)
In order: SCRAM-SHA-256-PLUS > SCRAM-SHA-256 > SCRAM-SHA-1-PLUS > SCRAM-SHA-1
from squirrelmail.
See my first reply to this bug.
And the idea of "order" does not apply to SquirrelMail. It's reliant on the administrator of the installation to type the exact algorithm they wish all instances of IMAP or SMTP to use into the config file, so there's never any fallback selections.
from squirrelmail.
@RealityRipple: Thanks a lot :)
Yes I would like to see this in main squirrelmail code ^^
You really want to contact Paul Lesniewski, and he'll probably add this as soon as you offer to donate a little via http://squirrelmail.org/donate_paul_lesniewski.php. He fixed a couple of bugs, updated a plugin to work with php 7.3, by my request when I made a small donation.
from squirrelmail.
@jult: I have sent an email to Paul about this ticket and code :)
@RealityRipple: Can you look for PHP 7.4 compatibility?
from squirrelmail.
@RealityRipple: Can you look for PHP 7.4 compatibility?
See commit 28d4844
from squirrelmail.
You have only forgotten to update informations ^^
Can you add in the topic and subject github repository and the README too?
I think SCRAM-SHA-... is missing for POP/POP3, can you add it too?
from squirrelmail.
It already makes mention of supporting PHP 7 and above twice. I see no reason to go into further detail than that, or I'd be making changes to those files every time a new PHP version comes out.
Regarding POP3... POP is not a good protocol to use for webmail. I'd generally discourage trying to go down that route. Also, I could find very little information about implementing SCRAM over POP. I may add it eventually, just in case a server doesn't provide IMAP but does provide SCRAM support... which seems extremely unlikely.
from squirrelmail.
@RealityRipple: For your information, after SCRAM-SHA-1(-PLUS):
- GNU SASL (gsasl) supports SCRAM-SHA-256(-PLUS) since 1.9.1: http://git.savannah.gnu.org/gitweb/?p=gsasl.git;a=blob;f=NEWS;hb=HEAD
- Dovecot supports SCRAM-SHA-256(-PLUS) since 2.3.10: https://doc.dovecot.org/configuration_manual/authentication/authentication_mechanisms/
- Cyrus SASL/IMAP supports SCRAM-SHA-256(-PLUS) and more since 2.1.27: https://www.cyrusimap.org/sasl/sasl/authentication_mechanisms.html
There will be new RFCs soon, can you add it?
- SCRAM-SHA-512(-PLUS): https://tools.ietf.org/html/draft-melnikov-scram-sha-512
- SCRAM-SHA3-512(-PLUS): https://tools.ietf.org/html/draft-melnikov-scram-sha3-512
- Channel Bindings for SCRAM over TLS 1.3: https://tools.ietf.org/html/draft-ietf-kitten-tls-channel-bindings-for-tls13
Of course, you are listed here: scram-sasl/info#1
from squirrelmail.
There are no changes required that I'm aware of. As mentioned before, the code I wrote does not limit the hash algorithm selection - any valid algorithm for your PHP install will be accepted. This includes SHA-512 and SHA3-512, and anything else the hash_hmac_algos()
function returns. I also previously mentioned that Channel Bindings are somewhat beyond PHP's scope and will not be implemented at this time.
from squirrelmail.
@RealityRipple: Hello, I have looked:
- https://github.com/RealityRipple/squirrelmail/search?q=scram-sha-1: OK
- https://github.com/RealityRipple/squirrelmail/search?q=scram-sha-256: OK
- https://github.com/RealityRipple/squirrelmail/search?q=scram-sha-512: NOK
from squirrelmail.
squirrelmail/functions/auth.php
Lines 150 to 160 in 7eb8556
As I said, I don't specifically set any algorithm names in code. It's 100% pass-through from the user-set preference variable. The algorithm is checked against the PHP list and if not found, returns
false
, which is then checked for here and here. If it doesn't fail, (meaning, the PHP install supports the algorithm), then the returned value is the usable algorithm name passed to the subsequent scram_response()
and scram_verify()
functions. No direct use of the algorithm names on my part is required. This also means the project potentially supports SCRAM-MD2
, SCRAM-MD4
, SCRAM-MD5
, SCRAM-SHA-224
, SCRAM-SHA-384
, SCRAM-SHA-512/224
, SCRAM-SHA-512/256
, SCRAM-RIPEMD-128
, SCRAM-RIPEMD-160
, SCRAM-RIPEMD-256
, SCRAM-RIPEMD-320
, SCRAM-WHIRLPOOL
, SCRAM-TIGER-128,3
, SCRAM-TIGER-160,3
, SCRAM-TIGER-192,3
, SCRAM-TIGER-128,4
, SCRAM-TIGER-160,4
, SCRAM-TIGER-192,4
, SCRAM-SNEFRU
, SCRAM-SNEFRU-256
, SCRAM-GOST
, SCRAM-HVAL-128,3
, SCRAM-HVAL-160,3
, SCRAM-HVAL-192,3
, SCRAM-HVAL-224,3
, SCRAM-HVAL-256,3
, SCRAM-HVAL-128,4
, SCRAM-HVAL-160,4
, SCRAM-HVAL-192,4
, SCRAM-HVAL-224,4
, SCRAM-HVAL-256,4
, SCRAM-HVAL-128,5
, SCRAM-HVAL-160,5
, SCRAM-HVAL-192,5
, SCRAM-HVAL-224,5
, and SCRAM-HVAL-256,5
, all without me having to write the specific cases for any of these algorithms.from squirrelmail.
Thanks for your reply!
Note: SCRAM-SHA-512/224, SCRAM-SHA-512/256 are not SCRAM-SHA-512...
The really importants are SCRAM-SHA-1, SCRAM-SHA-224, SCRAM-SHA-256, SCRAM-SHA-384, SCRAM-SHA-512.
Note possible to add in 3 files like others:
- https://github.com/RealityRipple/squirrelmail/search?q=scram-sha-1
- https://github.com/RealityRipple/squirrelmail/search?q=scram-sha-256
Attention for SCRAM-SHA-384 and SCRAM-SHA-512, there is a diff with 1/224/256.
from squirrelmail.
I'm aware of the differences, I literally just listed every algorithm on the hash-hmac-algos() PHP doc page other than sha-1, sha-256, and sha-512 to illustrate my point.
If anything, I'd get rid of the results for scram-sha-1
and scram-sha-256
and replace them with scram-[ANY-HMAC-ALGORITHM-PHP-SUPPORTS]
.
from squirrelmail.
@RealityRipple: Can you look for Channel Binding support?
There is a recent history with jabber.ru MITM and SCRAM-SHA-*-PLUS is the security solution!
Some sources about jabber.ru:
- https://notes.valdikss.org.ru/jabber.ru-mitm/
- https://snikket.org/blog/on-the-jabber-ru-mitm/
- https://www.devever.net/~hl/xmpp-incident
- https://blog.jmp.chat/b/certwatch
Thanks in advance.
from squirrelmail.
It may be possible to use the capture_peer_cert
stream context option to get the certificate from the server, but as far as I know there's still no way to get the TLS messages from a PHP socket. This means I'd only be able to implement tls-server-end-point
and not tls-unique
.
In the same vein, exporting keying material for TLS 1.3's tls-exporter
also doesn't seem to have a path forward without any kind of SSL_export_keying_material
method in PHP.
There's simply nothing I can do until PHP specifically adds a couple methods for the purpose of channel binding into their stream system. This probably won't happen unless someone pushes for it directly with the PHP devs themselves. I even found a PHP 5 keying material export patch from 2009 that's been completely ignored for a decade and a half.
For future notes, the cert method would entail something like this:
sqimap_login():
if (!is_array($stream_options))
$stream_options = array();
if (!array_key_exists('ssl', $stream_options))
$stream_options['ssl'] = array();
$stream_options['ssl']['capture_peer_cert'] = true;
sqimap_create_stream():
$ctxRet = stream_context_get_params($imap_stream);
if (array_key_exists('options', $ctxRet) && array_key_exists('ssl', $ctxRet['options']) && array_key_exists('peer_certificate', $ctxRet['options']['ssl']))
{
openssl_x509_export($ctxRet['options']['ssl']['peer_certificate'], $pem_encoded);
$pem_parsed = openssl_x509_parse($ctxRet['options']['ssl']['peer_certificate'], false);
$alg = false;
if (array_key_exists('signatureTypeLN', $pem_parsed))
$alg = $pem_parsed['signatureTypeLN']; // http://oidref.com/1.2.840.113549.1.1
if ($alg === 'md5WithRSAEncryption')
$alg = 'sha256WithRSAEncryption';
if ($alg === 'sha1-with-rsa-signature')
$alg = 'sha256WithRSAEncryption';
...
// strip the header and footer from $pem_parsed and base64_decode it
// parse the possible $alg values and hash the decoded x509 cert
}
However, I'm not sure the PEM-encoded result from openssl_x509_export
is "octet for octet" as spec requires. They might parse the cert to some extent, and I can't find any way of retrieving the raw bytes from their OpenSSLCertificate
object.
from squirrelmail.
@RealityRipple: SCRAM and -PLUS variants are in mpop and msmtp, maybe you can see for POP3 too?
About PEAR:
Recently SCRAM hashes have been added in:
- https://github.com/pear/Auth_SASL
- https://github.com/pear/Auth_SASL2
- https://github.com/pear/Net_SMTP
A good job done by @schengawegga.
Maybe you can help for -PLUS variants?
And for repositories:
- https://github.com/pear/Net_Sieve
- https://github.com/pear/Net_IMAP
- https://github.com/pear/Mail_IMAPv2
- https://github.com/pear/Net_POP3
- https://github.com/pear/Mail
- https://github.com/pear/Mail2
- https://github.com/pear/Auth
- https://github.com/pear/Auth_HTTP
from squirrelmail.
Related Issues (9)
- wrong brace in imap_messages.php HOT 1
- RFC6331: Moving DIGEST-MD5 to Historic HOT 2
- instalations issues, redirect does not work HOT 3
- enable TLSv1.2 HOT 4
- locales repo for translations HOT 2
- Canβt Open This Page Frames HOT 3
- X-Frame-Options HOT 1
- What's your relationship to the upstream project? HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from squirrelmail.