mirror of
https://github.com/drwetter/testssl.sh.git
synced 2025-01-03 23:39:45 +01:00
Merge pull request #1758 from drwetter/fix_1754
Fix run_freak() when sslv2 server hello is empty
This commit is contained in:
commit
084a29409d
56
testssl.sh
56
testssl.sh
@ -803,6 +803,10 @@ count_ciphers() {
|
|||||||
echo $(wc -w <<< "${1//:/ }")
|
echo $(wc -w <<< "${1//:/ }")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
count_chars() {
|
||||||
|
echo $(wc -c <<< "$1")
|
||||||
|
}
|
||||||
|
|
||||||
newline_to_spaces() {
|
newline_to_spaces() {
|
||||||
tr '\n' ' ' <<< "$1" | sed 's/ $//'
|
tr '\n' ' ' <<< "$1" | sed 's/ $//'
|
||||||
}
|
}
|
||||||
@ -14274,19 +14278,18 @@ parse_tls13_new_session_ticket() {
|
|||||||
# 1,4,6,7: see return value of parse_sslv2_serverhello()
|
# 1,4,6,7: see return value of parse_sslv2_serverhello()
|
||||||
sslv2_sockets() {
|
sslv2_sockets() {
|
||||||
local ret
|
local ret
|
||||||
local client_hello cipher_suites len_client_hello
|
local cipher_suites="$1"
|
||||||
|
local client_hello len_client_hello
|
||||||
local len_ciph_suites_byte len_ciph_suites
|
local len_ciph_suites_byte len_ciph_suites
|
||||||
local server_hello sock_reply_file2
|
local server_hello sock_reply_file2
|
||||||
local -i response_len server_hello_len
|
local -i response_len server_hello_len
|
||||||
local parse_complete=false
|
local parse_complete=false
|
||||||
|
|
||||||
# this could be empty so swe use '=='
|
# this could be empty so we use '=='
|
||||||
if [[ "$2" == true ]]; then
|
if [[ "$2" == true ]]; then
|
||||||
parse_complete=true
|
parse_complete=true
|
||||||
fi
|
fi
|
||||||
if [[ -n "$1" ]]; then
|
if [[ -z "$cipher_suites" ]]; then
|
||||||
cipher_suites="$1"
|
|
||||||
else
|
|
||||||
cipher_suites="
|
cipher_suites="
|
||||||
05,00,80, # 1st cipher 9 cipher specs, only classical V2 ciphers are used here, see FIXME below
|
05,00,80, # 1st cipher 9 cipher specs, only classical V2 ciphers are used here, see FIXME below
|
||||||
03,00,80, # 2nd there are v3 in v2!!! : https://tools.ietf.org/html/rfc6101#appendix-E
|
03,00,80, # 2nd there are v3 in v2!!! : https://tools.ietf.org/html/rfc6101#appendix-E
|
||||||
@ -14330,22 +14333,24 @@ sslv2_sockets() {
|
|||||||
|
|
||||||
sockread_serverhello 32768
|
sockread_serverhello 32768
|
||||||
if "$parse_complete"; then
|
if "$parse_complete"; then
|
||||||
server_hello=$(hexdump -v -e '16/1 "%02X"' "$SOCK_REPLY_FILE")
|
if [[ -s "$SOCK_REPLY_FILE" ]]; then
|
||||||
server_hello_len=2+$(hex2dec "${server_hello:1:3}")
|
server_hello=$(hexdump -v -e '16/1 "%02X"' "$SOCK_REPLY_FILE")
|
||||||
response_len=$(wc -c "$SOCK_REPLY_FILE" | awk '{ print $1 }')
|
server_hello_len=$((2 + $(hex2dec "${server_hello:1:3}") ))
|
||||||
for (( 1; response_len < server_hello_len; 1 )); do
|
response_len=$(count_chars "$SOCK_REPLY_FILE")
|
||||||
sock_reply_file2=${SOCK_REPLY_FILE}.2
|
for (( 1; response_len < server_hello_len; 1 )); do
|
||||||
mv "$SOCK_REPLY_FILE" "$sock_reply_file2"
|
sock_reply_file2=${SOCK_REPLY_FILE}.2
|
||||||
|
mv "$SOCK_REPLY_FILE" "$sock_reply_file2"
|
||||||
|
|
||||||
debugme echo -n "requesting more server hello data... "
|
debugme echo -n "requesting more server hello data... "
|
||||||
socksend "" $USLEEP_SND
|
socksend "" $USLEEP_SND
|
||||||
sockread_serverhello 32768
|
sockread_serverhello 32768
|
||||||
|
|
||||||
[[ ! -s "$SOCK_REPLY_FILE" ]] && break
|
[[ ! -s "$SOCK_REPLY_FILE" ]] && break
|
||||||
cat "$SOCK_REPLY_FILE" >> "$sock_reply_file2"
|
cat "$SOCK_REPLY_FILE" >> "$sock_reply_file2"
|
||||||
mv "$sock_reply_file2" "$SOCK_REPLY_FILE"
|
mv "$sock_reply_file2" "$SOCK_REPLY_FILE"
|
||||||
response_len=$(wc -c "$SOCK_REPLY_FILE" | awk '{ print $1 }')
|
response_len=$(count_chars "$SOCK_REPLY_FILE")
|
||||||
done
|
done
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
debugme echo "reading server hello... "
|
debugme echo "reading server hello... "
|
||||||
if [[ "$DEBUG" -ge 4 ]]; then
|
if [[ "$DEBUG" -ge 4 ]]; then
|
||||||
@ -14361,6 +14366,7 @@ sslv2_sockets() {
|
|||||||
return $ret
|
return $ret
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
# arg1: supported groups extension
|
# arg1: supported groups extension
|
||||||
# arg2: "all" - process full response (including Certificate and certificate_status handshake messages)
|
# arg2: "all" - process full response (including Certificate and certificate_status handshake messages)
|
||||||
# "ephemeralkey" - extract the server's ephemeral key (if any)
|
# "ephemeralkey" - extract the server's ephemeral key (if any)
|
||||||
@ -16823,7 +16829,6 @@ run_freak() {
|
|||||||
else
|
else
|
||||||
nr_supported_ciphers=$(count_ciphers $(actually_supported_osslciphers $exportrsa_cipher_list))
|
nr_supported_ciphers=$(count_ciphers $(actually_supported_osslciphers $exportrsa_cipher_list))
|
||||||
fi
|
fi
|
||||||
#echo "========= ${PIPESTATUS[*]}
|
|
||||||
|
|
||||||
case $nr_supported_ciphers in
|
case $nr_supported_ciphers in
|
||||||
0) prln_local_problem "$OPENSSL doesn't have any EXPORT RSA ciphers configured"
|
0) prln_local_problem "$OPENSSL doesn't have any EXPORT RSA ciphers configured"
|
||||||
@ -16841,7 +16846,9 @@ run_freak() {
|
|||||||
tls_sockets "03" "$exportrsa_tls_cipher_list_hex, 00,ff"
|
tls_sockets "03" "$exportrsa_tls_cipher_list_hex, 00,ff"
|
||||||
sclient_success=$?
|
sclient_success=$?
|
||||||
[[ $sclient_success -eq 2 ]] && sclient_success=0
|
[[ $sclient_success -eq 2 ]] && sclient_success=0
|
||||||
if [[ $sclient_success -ne 0 ]]; then
|
|
||||||
|
# TLS handshake failed with ciphers above. Now we check SSLv2 -- unless we know it's not available
|
||||||
|
if [[ $sclient_success -ne 0 ]] && [[ $(has_server_protocol ssl2) -ne 1 ]]; then
|
||||||
sslv2_sockets "$exportrsa_ssl2_cipher_list_hex" "true"
|
sslv2_sockets "$exportrsa_ssl2_cipher_list_hex" "true"
|
||||||
if [[ $? -eq 3 ]] && [[ "$V2_HELLO_CIPHERSPEC_LENGTH" -ne 0 ]]; then
|
if [[ $? -eq 3 ]] && [[ "$V2_HELLO_CIPHERSPEC_LENGTH" -ne 0 ]]; then
|
||||||
exportrsa_ssl2_cipher_list_hex="$(strip_spaces "${exportrsa_ssl2_cipher_list_hex//,/}")"
|
exportrsa_ssl2_cipher_list_hex="$(strip_spaces "${exportrsa_ssl2_cipher_list_hex//,/}")"
|
||||||
@ -17863,7 +17870,8 @@ run_rc4() {
|
|||||||
return 0
|
return 0
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# get a list of all the cipher suites to test
|
# Get a list of all the cipher suites to test. #FIXME: This is rather ineffective as RC4 ciphers won't change.
|
||||||
|
# We should instead build a fixed list here like @ other functions
|
||||||
if "$using_sockets" || [[ $OSSL_VER_MAJOR -lt 1 ]]; then
|
if "$using_sockets" || [[ $OSSL_VER_MAJOR -lt 1 ]]; then
|
||||||
for (( i=0; i < TLS_NR_CIPHERS; i++ )); do
|
for (( i=0; i < TLS_NR_CIPHERS; i++ )); do
|
||||||
if [[ "${TLS_CIPHER_RFC_NAME[i]}" =~ RC4 ]] && ( "$using_sockets" || "${TLS_CIPHER_OSSL_SUPPORTED[i]}" ); then
|
if [[ "${TLS_CIPHER_RFC_NAME[i]}" =~ RC4 ]] && ( "$using_sockets" || "${TLS_CIPHER_OSSL_SUPPORTED[i]}" ); then
|
||||||
@ -17918,7 +17926,7 @@ run_rc4() {
|
|||||||
done < <($OPENSSL ciphers $OSSL_CIPHERS_S -V 'ALL:COMPLEMENTOFALL:@STRENGTH' 2>>$ERRFILE)
|
done < <($OPENSSL ciphers $OSSL_CIPHERS_S -V 'ALL:COMPLEMENTOFALL:@STRENGTH' 2>>$ERRFILE)
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if "$using_sockets" && [[ -n "$sslv2_ciphers_hex" ]]; then
|
if "$using_sockets" && [[ -n "$sslv2_ciphers_hex" ]] && [[ $(has_server_protocol ssl2) -ne 1 ]]; then
|
||||||
sslv2_sockets "${sslv2_ciphers_hex:2}" "true"
|
sslv2_sockets "${sslv2_ciphers_hex:2}" "true"
|
||||||
if [[ $? -eq 3 ]] && [[ "$V2_HELLO_CIPHERSPEC_LENGTH" -ne 0 ]]; then
|
if [[ $? -eq 3 ]] && [[ "$V2_HELLO_CIPHERSPEC_LENGTH" -ne 0 ]]; then
|
||||||
supported_sslv2_ciphers="$(grep "Supported cipher: " "$TEMPDIR/$NODEIP.parse_sslv2_serverhello.txt")"
|
supported_sslv2_ciphers="$(grep "Supported cipher: " "$TEMPDIR/$NODEIP.parse_sslv2_serverhello.txt")"
|
||||||
@ -17931,7 +17939,7 @@ run_rc4() {
|
|||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
fi
|
fi
|
||||||
elif "$HAS_SSL2" && [[ -n "$sslv2_ciphers_ossl" ]]; then
|
elif "$HAS_SSL2" && [[ -n "$sslv2_ciphers_ossl" ]] && [[ $(has_server_protocol ssl2) -ne 1 ]]; then
|
||||||
$OPENSSL s_client -cipher "${sslv2_ciphers_ossl:1}" $STARTTLS $BUGS -connect $NODEIP:$PORT $PROXY -ssl2 >$TMPFILE 2>$ERRFILE </dev/null
|
$OPENSSL s_client -cipher "${sslv2_ciphers_ossl:1}" $STARTTLS $BUGS -connect $NODEIP:$PORT $PROXY -ssl2 >$TMPFILE 2>$ERRFILE </dev/null
|
||||||
sclient_connect_successful $? "$TMPFILE"
|
sclient_connect_successful $? "$TMPFILE"
|
||||||
if [[ $? -eq 0 ]]; then
|
if [[ $? -eq 0 ]]; then
|
||||||
|
Loading…
Reference in New Issue
Block a user