mirror of
https://github.com/drwetter/testssl.sh.git
synced 2025-10-30 21:35:26 +01:00
Merge pull request #920 from dcooper16/client_auth_and_assume_http
HTTP-related checks and certificate based client authentication
This commit is contained in:
Dirk Wetter
26
testssl.sh
26
testssl.sh
@@ -3945,14 +3945,14 @@ run_client_simulation() {
|
|||||||
|
|
||||||
if [[ $SERVICE != "" ]]; then
|
if [[ $SERVICE != "" ]]; then
|
||||||
client_service="$SERVICE"
|
client_service="$SERVICE"
|
||||||
else
|
elif [[ -n "$STARTTLS_PROTOCOL" ]]; then
|
||||||
# Can we take the service from STARTTLS?
|
# Can we take the service from STARTTLS?
|
||||||
if [[ -n "$STARTTLS_PROTOCOL" ]]; then
|
client_service=$(toupper "${STARTTLS_PROTOCOL%s}") # strip trailing 's' in ftp(s), smtp(s), pop3(s), etc
|
||||||
client_service=$(toupper "${STARTTLS_PROTOCOL%s}") # strip trailing 's' in ftp(s), smtp(s), pop3(s), etc
|
elif "$ASSUME_HTTP"; then
|
||||||
else
|
client_service="HTTP"
|
||||||
outln "Could not determine the protocol, only simulating generic clients."
|
else
|
||||||
client_service="undetermined"
|
outln "Could not determine the protocol, only simulating generic clients."
|
||||||
fi
|
client_service="undetermined"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
outln
|
outln
|
||||||
@@ -6237,7 +6237,7 @@ certificate_transparency() {
|
|||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [[ $SERVICE != "HTTP" ]]; then
|
if [[ $SERVICE != "HTTP" ]] && ! "$CLIENT_AUTH"; then
|
||||||
# At the moment Certificate Transparency only applies to HTTPS.
|
# At the moment Certificate Transparency only applies to HTTPS.
|
||||||
tm_out "N/A"
|
tm_out "N/A"
|
||||||
else
|
else
|
||||||
@@ -6299,7 +6299,7 @@ certificate_info() {
|
|||||||
case $cert_sig_algo in
|
case $cert_sig_algo in
|
||||||
sha1WithRSAEncryption)
|
sha1WithRSAEncryption)
|
||||||
pr_svrty_medium "SHA1 with RSA"
|
pr_svrty_medium "SHA1 with RSA"
|
||||||
if [[ "$SERVICE" == HTTP ]]; then
|
if [[ "$SERVICE" == HTTP ]] || "$ASSUME_HTTP"; then
|
||||||
out " -- besides: users will receive a "; pr_svrty_high "strong browser WARNING"
|
out " -- besides: users will receive a "; pr_svrty_high "strong browser WARNING"
|
||||||
fi
|
fi
|
||||||
outln
|
outln
|
||||||
@@ -6547,7 +6547,7 @@ certificate_info() {
|
|||||||
prln_italic "$(out_row_aligned_max_width "$all_san" "$indent " $TERM_WIDTH)"
|
prln_italic "$(out_row_aligned_max_width "$all_san" "$indent " $TERM_WIDTH)"
|
||||||
fileout "${json_prefix}san" "INFO" "subjectAltName (SAN) : $all_san"
|
fileout "${json_prefix}san" "INFO" "subjectAltName (SAN) : $all_san"
|
||||||
else
|
else
|
||||||
if [[ $SERVICE == "HTTP" ]]; then
|
if [[ $SERVICE == "HTTP" ]] || "$ASSUME_HTTP"; then
|
||||||
pr_svrty_high "missing (NOT ok)"; outln " -- Browsers are complaining"
|
pr_svrty_high "missing (NOT ok)"; outln " -- Browsers are complaining"
|
||||||
fileout "${json_prefix}san" "HIGH" "subjectAltName (SAN) : -- Browsers are complaining"
|
fileout "${json_prefix}san" "HIGH" "subjectAltName (SAN) : -- Browsers are complaining"
|
||||||
else
|
else
|
||||||
@@ -6639,7 +6639,7 @@ certificate_info() {
|
|||||||
pr_svrty_high "$trustfinding"
|
pr_svrty_high "$trustfinding"
|
||||||
trust_sni_finding="HIGH"
|
trust_sni_finding="HIGH"
|
||||||
elif ( [[ $trust_sni -eq 4 ]] || [[ $trust_sni -eq 8 ]] ); then
|
elif ( [[ $trust_sni -eq 4 ]] || [[ $trust_sni -eq 8 ]] ); then
|
||||||
if [[ $SERVICE == "HTTP" ]]; then
|
if [[ $SERVICE == "HTTP" ]] || "$ASSUME_HTTP"; then
|
||||||
# https://bugs.chromium.org/p/chromium/issues/detail?id=308330
|
# https://bugs.chromium.org/p/chromium/issues/detail?id=308330
|
||||||
# https://bugzilla.mozilla.org/show_bug.cgi?id=1245280
|
# https://bugzilla.mozilla.org/show_bug.cgi?id=1245280
|
||||||
# https://www.chromestatus.com/feature/4981025180483584
|
# https://www.chromestatus.com/feature/4981025180483584
|
||||||
@@ -6704,7 +6704,7 @@ certificate_info() {
|
|||||||
fi
|
fi
|
||||||
if [[ -n "$sni_used" ]] || [[ $trust_nosni -eq 0 ]] || ( [[ $trust_nosni -ne 4 ]] && [[ $trust_nosni -ne 8 ]] ); then
|
if [[ -n "$sni_used" ]] || [[ $trust_nosni -eq 0 ]] || ( [[ $trust_nosni -ne 4 ]] && [[ $trust_nosni -ne 8 ]] ); then
|
||||||
outln "$trustfinding_nosni"
|
outln "$trustfinding_nosni"
|
||||||
elif [[ $SERVICE == "HTTP" ]]; then
|
elif [[ $SERVICE == "HTTP" ]] || "$ASSUME_HTTP"; then
|
||||||
prln_svrty_high "$trustfinding_nosni"
|
prln_svrty_high "$trustfinding_nosni"
|
||||||
else
|
else
|
||||||
prln_svrty_medium "$trustfinding_nosni"
|
prln_svrty_medium "$trustfinding_nosni"
|
||||||
@@ -11096,7 +11096,7 @@ run_crime() {
|
|||||||
fi
|
fi
|
||||||
ret=0
|
ret=0
|
||||||
else
|
else
|
||||||
if [[ $SERVICE == "HTTP" ]]; then
|
if [[ $SERVICE == "HTTP" ]] || "$CLIENT_AUTH"; then
|
||||||
pr_svrty_high "VULNERABLE (NOT ok)"
|
pr_svrty_high "VULNERABLE (NOT ok)"
|
||||||
fileout "crime" "HIGH" "CRIME, TLS: VULNERABLE" "$cve" "$cwe" "$hint"
|
fileout "crime" "HIGH" "CRIME, TLS: VULNERABLE" "$cve" "$cwe" "$hint"
|
||||||
else
|
else
|
||||||
|
|||||||
Reference in New Issue
Block a user