Bug 423453

Summary: Trojita might not validate TLS certificates in SMTP.
Product: [Unmaintained] trojita Reporter: Damian Poddebniak <93s4m32gd2ab8ax6>
Component: SMTPAssignee: Trojita default assignee <trojita-bugs>
Status: RESOLVED FIXED    
Severity: major    
Priority: NOR    
Version: 0.7   
Target Milestone: ---   
Platform: Other   
OS: Linux   
Latest Commit: https://invent.kde.org/pim/trojita/commit/77ddd5d44f2bf4155d0c9b6f7d05f01713b32d5d Version Fixed In:
Sentry Crash Report:

Description Damian Poddebniak 2020-06-24 16:13:20 UTC 
I have setup an email account, where the server is configured to present valid certificates for both SMTP and IMAP (via Let's Encrypt.)

Now, I exchange the certificate for SMTP to a self-signed certificate and send an email. Trojita does not complain and connects to the SMTP server providing a username and a password via an potentially insecure connection. This is a security issue.

When the IMAP certificate is exchanged to an invalid one, Trojita shows a security warning. Here, everything seems to be fine.

Tested on Trojita 0.7-git in NixOS and Trojita 0.7 in Ubuntu.
Comment 1 Jan Kundrát 2020-06-25 08:22:54 UTC 
Doh, right. There's a FIXME in the code for this. It has remained unchanged since commit 0083eea5ed, "Untested attempt at sending mails via SMTP". That's May 2009 :(.
Comment 2 Jan Kundrát 2020-06-25 10:07:12 UTC 
Patch at https://gerrit.vesnicky.cesnet.cz/r/1035, and I've requested a CVE for this via the oss-security ML. Thanks a lot for catching this, Damian.
Comment 3 Damian Poddebniak 2020-06-25 18:45:54 UTC 
Thank you Jan for your very fast response and patch! Can you already tell when this will find its way into a new release?
Comment 4 Jan Kundrát 2020-06-25 19:56:52 UTC 
Git commit 77ddd5d44f2bf4155d0c9b6f7d05f01713b32d5d by Jan Kundrát.
Committed on 25/06/2020 at 10:56.
Pushed by jkt into branch 'master'.

SMTP: Do not ignore TLS errors

This fixes a CVE-2020-15047 (category: CWE-295). Since commit 0083eea5ed
which added initial, experimental support for SMTP message submission,
we have apparently never implemented proper SSL/TLS error handling, and
the code has ever since just kept silently ignoring any certificate
verification errors.  As a result, Trojita was susceptible to a MITM
attack when sending e-mails. The information leaked include user's
authentication details, including the password, and the content of sent
messages.

Sorry for this :(.

Now, this patch re-enabes proper TLS error handling. It was not possible
to directly re-use our code for TLS key pinning which we are using for
IMAP connections. In the Qt TLS code, the decision to accept or not
accept a TLS connection is a blocking one, so the IMAP code relies upon
the protocol state machine (i.e., another layer) for deciding whether to
use or not to use the just-established TLS connection. Implementing an
equivalent code in the SMTP library would be nice, but this hot-fix has
a priority. As a result, SMTP connections to hosts with, e.g.,
self-signed TLS certs, are no longer possible. Let's hope that this is
not a practical problem with Lets Encrypt anymore.

Thanks to Damian Poddebniak for reporting this bug.

Change-Id: Icd6bbb2b0fb3e45159fc9699ebd07ab84262fe37
CVE: CVE-2020-15047

M  +9    -2    src/MSA/SMTP.cpp
M  +1    -0    src/MSA/SMTP.h

https://invent.kde.org/pim/trojita/commit/77ddd5d44f2bf4155d0c9b6f7d05f01713b32d5d