Merge branch '2.9dev' into cipher_order_sockets

This commit is contained in:
David Cooper 2017-01-23 11:22:42 -05:00
commit 156787adec
3 changed files with 691 additions and 189 deletions

View File

@ -110,3 +110,263 @@ F8D5CCE87A3961B5F5CBC83440C51856E0E6FA6D5AB2831078C867621CA46CA87D7FA3B1AF75B834
## taken from https://github.com/cryptosense/diffie-hellman-groups/blob/master/gen/common.json
# to be continued
# "Oakley 1 from RFC 2409"
1552518092300708935130918131258481755631334049434514313202351194902966239949102107258669453876591642442910007680288864229150803718918046342632727613031282983744380820890196288509170691316593175367469551763119843371637221007210577919
# "Oakley 2 from RFC 2409"
179769313486231590770839156793787453197860296048756011706444423684197180216158519368947833795864925541502180565485980503646440548199239100050792877003355816639229553136239076508735759914822574862575007425302077447712589550957937778424442426617334727629299387668709205606050270810842907692932019128194467627007
# "MODP from RFC 3526"
2410312426921032588552076022197566074856950548502459942654116941958108831682612228890093858261341614673227141477904012196503648957050582631942730706805009223062734745341073406696246014589361659774041027169249453200378729434170325843778659198143763193776859869524088940195577346119843545301547043747207749969763750084308926339295559968882457872412993810129130294592999947926365264059284647209730384947211681434464714438488520940127459844288859336526896320919633919
# "MODP from RFC 3526"
32317006071311007300338913926423828248817941241140239112842009751400741706634354222619689417363569347117901737909704191754605873209195028853758986185622153212175412514901774520270235796078236248884246189477587641105928646099411723245426622522193230540919037680524235519125679715870117001058055877651038861847280257976054903569732561526167081339361799541336476559160368317896729073178384589680639671900977202194168647225871031411336429319536193471636533209717077448227988588565369208645296636077250268955505928362751121174096972998068410554359584866583291642136218231078990999448652468262416972035911852507045361090559
# "MODP from RFC 3526"

# "MODP from RFC 3526"
1044388881413152506679602719846529545831269060992135009022588756444338172022322690710444046669809783930111585737890362691860127079270495454517218673016928427459146001866885779762982229321192368303346235204368051010309155674155697460347176946394076535157284994895284821633700921811716738972451834979455897010306333468590751358365138782250372269117968985194322444535687415522007151638638141456178420621277822674995027990278673458629544391736919766299005511505446177668154446234882665961680796576903199116089347634947187778906528008004756692571666922964122566174582776707332452371001272163776841229318324903125740713574141005124561965913888899753461735347970011693256316751660678950830027510255804846105583465055446615090444309583050775808509297040039680057435342253926566240898195863631588888936364129920059308455669454034010391478238784189888594672336242763795138176353222845524644040094258962433613354036104643881925238489224010194193088911666165584229424668165441688927790460608264864204237717002054744337988941974661214699689706521543006262604535890998125752275942608772174376107314217749233048217904944409836238235772306749874396760463376480215133461333478395682746608242585133953883882226786118030184028136755970045385534758453247
# "MODP from RFC 3526"

# "MODP from RFC 3526"

# "MODP from RFC 5114"
124325339146889384540494091085456630009856882741872806181731279018491820800119460022367403769795008250021191767583423221479185609066059226301250167164084041279837566626881119772675984258163062926954046545485368458404445166682380071370274810671501916789361956272226105723317679562001235501455748016154805420913
# "MODP from RFC 5114"
21847359589888208475506724917162265063571401985325370367631361781114029653025956815157605328190411141044160689815741319381196532979871500038979862309158738250945118554961626824152307536605872616502884288878062467052777605227846709781850614792748458838951342204812601838112937805371782600380106020522884406452823818824455683982042882928183431194593189171431066371138510252979648513553078762584596147427456837289623008879364829477705183636149304120998948654278133874026711188494311770883514889363351380064520413459602696141353949407971810071848354127868725934057811052285511726070951954828625761984797831079801857828431
# "MODP from RFC 5114"
17125458317614137930196041979257577826408832324037508573393292981642667139747621778802438775238728592968344613589379932348475613503476932163166973813218698343816463289144185362912602522540494983090531497232965829536524507269848825658311420299335922295709743267508322525966773950394919257576842038771632742044142471053509850123605883815857162666917775193496157372656195558305727009891276006514000409365877218171388319923896309377791762590614311849642961380224851940460421710449368927252974870395873936387909672274883295377481008150475878590270591798350563488168080923804611822387520198054002990623911454389104774092183
# "FFDHE group from RFC 7919"
32317006071311007300153513477825163362488057133489075174588434139269806834136210002792056362640164685458556357935330816928829023080573472625273554742461245741026202527916572972862706300325263428213145766931414223654220941111348629991657478268034230553086349050635557712219187890332729569696129743856241741236237225197346402691855797767976823014625397933058015226858730761197532436467475855460715043896844940366130497697812854295958659597567051283852132784468522925504568272879113720098931873959143374175837826000278034973198552060607533234122603254684088120031105907484281003994966956119696956248629032338072839127039
# "FFDHE group from RFC 7919"

# "FFDHE group from RFC 7919"
1044388881413152506673611132423542708364181673367771525125030890756881099188024532056304793061869328458723091803972939229793654985168401497491717574483844225116618212565649899896238061528255690984013755361148305106047581812557457571303413897964307070369153233034916545609049161117676542252417034306148432734874401682098205055813065377495410934435776008569464677021023433005437163880753068613673525551966829473007537177831003494630326494021352410947409155250518131329542947165352164089215019548909074312164647627938366550236314760864116934087960021077839688388383033906117940935023026686459274599124189299486771919466921436930468113859003854695674493896608503326776616230412252016237753188005160515672431703429026925450722225213972891936880551722374424500117253400391608019951133386097176734162660461073160502839490488652900367939577292447038637156268014222959401811270825513710710113193757653852931049810187522670964988718456427706279024201400130351029277257873323362974483425793829163819060563081096261611614988801585554385004830748976181157545121697905898543562330970182151097394600286811868072516047394404389555706298311761588649133904051123770516767707951778179308436153604841663369568605395358405635911568855382987714763476172799
# "FFDHE group from RFC 7919"

# "FFDHE group from RFC 7919"

# "OpenSSL"
11435638110073884015312138951374632602058080675070521707579703088370446597672067452229024566834732449017970455481029703480957707976441965258194321262569523
# "Apache httpd"
11141973616799305182672125953821539621789863864652082189484418383755797726500394212227314338509410225240621127512913527972129628050063918116985983184044619
# "Apache httpd"
161924636724157236995539194603424135829045460791094305399572880130740597902511283656435607474782334562452295847429354234894102736530695296652601242468041123426186888474417097353027907965636446587415802158180476224678572126072378632347236490658815309740591429281572158171557380347843452583426729104575168890987
# "Apache httpd"
8372421755538377327377912526045445423027732035562313241965800453667849685158691589507936013805295187219621475007123900107532269487803598942841993804845107
# "Apache httpd"
150621238998402554141426358892807528070450929584024050594746304264729573805267992507071188730865440785012329520820489313721494359461887733932969896388657569112847289565683617995554301683431835378300250205597326665273328905597509521195196490490065048848345935446963329447852572726043146337361398005701852368563
# "Nginx"
131832052042219009527839525934268128127355300704472845128573174908898587826481581974548040446189688518070214483643209695723925616113897243950922364670371766056432630785982773485713108424273657672047098239473476944390258716112687012012440120129627988472009949456811428528912427249964927042573604085259319733147
# "SKIP"
171718397966129586011229151993178480901904202533705695869569760169920539808075437788747086722975900425740754301098468647941395164593810074170462799608062493021989285837416815548721035874378548121236050948528229416139585571568998066586304075565145536350296006867635076744949977849997684222020336013226588207303
# "SKIP"
31087337795061487877547416545715496334920954980132212151448781444321393445568157959166911302972918628838917381555939620290244963511997037011253946065678925033455872043721454426215650798450188675325621498188688302603627388365642425546473761584899398546726625631228589029183157123265299738241899897560139599077166257814263354432724020387267456594044458497157226037520021564951601668256091905149808373739011153824316842260356584928931097012930709279713696588076097146536216639697002502410139891180002231258705541413293860269631209702305813614701588402302998104362562812340366960005570331931340105075488237470969553357627
# "SUN JDK"
13232376895198612407547930718267435757728527029623408872245156039757713029036368719146452186041204237350521785240337048752071462798273003935646236777459223
# "SUN JDK"
1418488780399624169246918906980830188668962659968489177172519612007411971965075884911751185624649475197807409457369163882960326663412481439463507475025544888587052733646843233033458377686354235239579046252542291754237282749312023983
# "SUN JDK"
178011905478542266528237562450159990145232156369120674273274450314442865788737020770612695252123463079567156784778466449970650770920727857050009668388144034129745221171818506047231150039301079959358067395348717066319802262019714966524135060945913707594956514672855690606794135837542707371727429551343320695239
# "Postfix"
11351928295969362153680318143899638392634652084406809180721126850912534429957010348519890331306577360308702381391458869083885638571113632680200730760851979
# "Postfix"
24131293777886374118584606661678552444065113984688942136778980647818164970852105655088429124396761599838827087514740364394273667387502830998781367142799184218851559149661801594513163362372771874046737233840092368303597660206162593808771774336440959680029703901794663844140996661787853155797815168383327259460283094609626756009315263214901338027934420086863770577133358328638467072634923150631754665130537846660356778764277584029327763941442223552847441902193518153870526066148265594588320847125072665688996554047265314983737297427106179945662121632266549409922372350824775582437869586864262636578117679890847409111979
# "Postfix"
7135787487680160723158987360172009509857780973879356519050893028700610616910042141909504379139750530669840288414588708459507347709411497939019689914055259
# "Postfix"
124290078192881725888826880475608268121546479080319401588411202759306021711058769574616590974367222833180545066528602465043919413058514740355249599358163921882995239255028847197529491772541340375114213691923735762979921709723984230280341119838110698845565638766769901880452341248731603339034272624514428481179
# "Postfix"
10096187981066053559335535449169282457945760362469786309557937686443731234028465097513776908358954978429010128113292083701478593065474911189952431940546219
# "Postfix"
1089090311023821486807062646667755441663974766415146023889746307964280220954453097088413985218587552379044355794097665552117500934098507055783139454648372005227264905074027069250089786740659823130740976279817510828079511169071325147
# "Postfix"
136123388004568009176875286135055183919622133760505398783397401047902962378621318101100481790979982216519828483232429970364693220922572981049575270176219908104060081734736799288400844770528117178481382626351711182233806272597979705666996232841536687325828096814721669135261423885453987983624180097457782693179
# "Postfix"
2056362021987869040866222775971525526713848817411256130367970754396969557869817702606903423615283059303930616438676624104640204217164473099856199216305279508718747202276171819868432314839088974911801002129018672739575945202076259230302103370863451826447174518117143102638489276724376611076549917224491477706108610356540170718925518289818980666063927549928069325768537343367153162067020241995073818799850549182710199952635278668959071457969808520304484680273215899
# "Postfix"
26371476087150474532132008655311203525984191621650037797335673054271351883338792851526864908736384515015553905714370466910888328281569556512680757420248619460502802406103896590120987564792497073052858573915284877543392830972701922295410164673203260676695786443597509581751209037220443274164352656996468549138046641990095766583932817878707309357841837078365072329679282667717608853872093084680474764076406402800742626159266353107911079809322117978690117000544919386308980746878875294902444713440174790300512221828280260208844137639082842338734111456679990753248043046594738798915627967835625360741492443851601099267219
# "Postfix"
13337623048342799034827489986910318393008849763036733997149839779963204489425757309012715340523200875542318060972273326641217824631730700039857742855624939
# "Postfix"
1533772406382956570152763108431991954831079405833258610827703555135606586893527939272614759361191561110646045114047738154033517920758341678370617073220477513898951427441733234099780163358327483548965595558112565701277519466897981283
# "Postfix"
144637424961850425159905784027136014061880826531818983352585061296526368581179214296922065913823633724228503264147831887830254308079169948903074953931411083056118836353233843818642834810107342452429640402033606357719495510563519638658174142659182338760323238086948118168424439691568418572594944219477298153263
# "Postfix"
2042713559934185643384327549527952458750622217167335751028047396411788957162246741725543190665668416817031839560334887966601364296103416314875607373600606218726870529318758852284243260138607080937306070901820694908266357001271027028958097194186248177918896517910126113641694455442417769493899505072159312860025674661873706392362014784672110060931972136138821276444318148803052032775491121430546126966329795445327961129787860725363402062777363244414680356473486443
# "Postfix"
9759154167025958083571250365552992993534466195928785797208140837064455011559008409756152457212745575772062478546361342515389863167056447063023865399211283
# "Postfix"
1364948145886991617895978559358903167966290416143667578394285325644381185372799885861597343368522645272011717362014967121205629440617659315582294484305490057030886926126158500711976814177825019653800069743928883494887162161622087307
# "Postfix"
170509805985945428967563804421085700024309580001072283516862390953398284789689265180987459434776023075205610950717188546433293071493512609789324612714292386941858855686900608567108340703947439969571374674464812699728499679347745006429584325043673764959755753323095048465275743217839659384932866032300078439107
# "Postfix"
1399756687522921964208442265587277224590999291970020878117413585753624587517145241012458149142229516760446050107835226455178997986671341265900784797102850306784040754165031733011704700434845054226208232294383130796490713540743213929432845289812563992089777728134866354306530112982376728691670345857960914971155568106763073589329112068058914650276150476331492500275579709331992458078664551226290003097390552576077474939787303074332596329599148724157114197518536243
# "Postfix"
30665078773665433984679390022488424719778975164146202083131251833892119277576018817470613424046186801389172270027910937409609108491794879785967303818331364169223881734218065480981193865887637105068086059746777211418404547623912175779761293496184572560489062892861925196800372347853683709369252088792223794330075784696968081981902086985383387978231015947493852904756936918233163868719135240372874496529063971007348736606704972376420631489422417247291206292728386525387923483221986802035152273686134933880580692993177449671583228524148903686102484113995181746319098939406274514609994062637696036007964340964533117834243
# "ProFTPD"
132996212497555757714839577520009599982229563766990814349170419213831793150518344581415624091585295362723791618044438047032948658522696342563919889163541989736011703719977966038136834855002285771085403405914099274079071528415842277349009763640550881468502896685974195502523576590837887774944220227692918505803
# "ProFTPD"
18858581929742317527029478184638854842724462225720836179117188808917671531240871347611118225573584796605541571727033806983637845587663011540549398931093362137864722376547296516821251924303406852009430817109406449016925627536728768913299637717356641023929230337606449236348118535296673960534958260471470936207746899744229699227402402594684686990419598035403972292138232693389441133450887303721307090039985977409326551114653393248153491003945999649497125303737739578242143102865505268997450435612946830940154792978896702775943651552752271560923011637181201283076815030600233147165141152749108754455161316496472774445347
# "ProFTPD"
1690599963976092471219037714997293855906302310875281420968063614328589925828056077695246555017889987035500367344808224338477443561578625431475483707580988822589648483623980475499118810285212591091135830604537640714865512873460169015344343192483199148216608008625051676959634598080985210766854387762630074527385892020512178705520293062481006218780660207277235008828769064469617081682669959711930850913832434916213132582786972860232373841378773014990861911716877783
# "ProFTPD"
104550704091518462875794517239932803228795640080961293447673045687504879049730788416000819314820105958147984905210586942301309304289196753528645175163277955936437052460041407055113432460397792985373298283729666329986343854287860035912543769966125530991956674119731252342212248133977944642911919848432245755403
# "ProFTPD"
123120551618399898699275185207010546211742537321803360244900958280768207448346752310214792790377162714025492878116518422402416452790435000574976635965888758275326899087155471405218243739016862932542478973649475145841047404561698683215439607643411122685696959117693582083223293718196252180492595190774509386403
# "ProFTPD"
2072532323310501692602322388268833396123289164730332267469573021914276523184450666618978234290563818735721031645764083012063719326736169342391072129575572421888510449733093943436432405362027186491718086792358334086233189779026493592066693945045050284042918422370589842816833223211080055541474219925354652062740315569261166622364419630766422792649520961544329870455119648896215813081694106880913531338140089714955197662175239587929209024190072822404107630757857067
# "ProFTPD"
104853848541625611565027567937000048853298267079325188824720224546354701006518045430304636072499713382704797349764784338122087988075844159399738334488490583340241104498736369527027446023860951495356349935003007271644770819847539446840368531546048297372864850341715016643407939469252235645642453257754265084027
# "ProFTPD"
2147497872306889053504904888759358275602695222009945054108052972067120354595691834400135034995896341236547003124573230676535767835278508796798134916404709542900609890895920026678765629400534329817345465508784448555078707537307882450019948089258345775683170910399405732489472619533026653306913904331961818133065102121154500321487478024465642145780362841606890007568595945037955647568957020977173073532849222461327972617348846814678566932700323274394446127558666907
# "ProFTPD"
111213710907361843217505524310927976465342092915425056395273336147179504107691110941903277407929302520103543347451222500858487011084274592106195452422261247548928103551991676417076675303218099117588229418345583422831960086789112908165814516444053324246610424153249337581410600100580389709994157679621299828623
# "ProFTPD"
30654731759923165109068549394646174606854727560270885171118455001834361039508262661339420809312767964610651844011506730705488517327796540861106897019325049871148405402236945049178642616972180268973325675055028097791829107978290394470119050766353933419488529294688328656740595673735495568398070771353558240253633506948715867154144045422013754218964484403591502950454747491574863086439822125629822452768189179177186539594550005550512898625828856416703741709780468562505839527127374406418271774990679091276656962041750605852553264770538287381580788100834107772346595084204530201157938144045756467942963206230969457893123
# "ProFTPD"
560453074889691084801508706747087803540613692838919659785572557415210631700643171604008221497013769908348013955874542884136354619137507720741899179238077988760004797077407812589900838688215076167450301205296447158745926229854739807818394106988261586396065090531475950636513903415267816803946418255520553693928436321340106430173695312279494235116237531042948629210283927454523812977173250155350409330845643548406174146370597398556675488785763553330369703618129430493080622359701457094947003591314994652685327155023420916183839907422844528253242557377002612852746197024635489493049498059762863383013077143319094717952017020036623946911388362291925754554145419902368333149508480700775304575863975993149105461894793388252798498052849927907736752612092770718880461605439373769712890534662083206525052790244797011392130835414585618712008750755694714606901923862380817372512163207489817525845729942023195028797148511734227873744682215926584339267728914054388398633829371406140091339600806643048726940156953947581944854744710145129208742582630965096415508072574658541836819320370543388222808743323853519111716840418501630881509493931126128051519749175014728034045603456558927435106155725323305574697528346609104862763919932824531184872477603
# "ProFTPD"
150247087203561355396392008605529599655265834016635685469479449170859963959446007961115768712036600163521320731233612979799726616542001443845031140881081476904672802767897302854393730990568959543431711914873544079199847213133315505824087329022680038499751501391472888045916637294419666350825877503188897147459
# "ProFTPD"

# "ProFTPD"

# "ProFTPD"
128460946572822262057359109306605120772451327533031647046625697221005732816665725901582946504212374736582818589836761178529999012485342871381674433934353393937303106712438735820534568896236420093178574902954502039513652666078431761586990279191008772869049831986918279797303432637267752244583339163523262623643
# "ProFTPD"
144925986429746329552319820211520001198989689176458552347438337389405507299463218365770747208357804009826749164370407427351276485954367950795093335821830458863503379180661384347840601756810647040055797609071953593697579555534066046571617409999432650177627552951650427754499891734160186052184139722486900923483
# "ProFTPD"
115162289007948959755657135233438729113808855787722937014935613706821575983337028768883681648388956686229161829703909111979084624504403672089018965372485741289747502371975937088906812611362368895727043787370958107098559031733347943729595606679849892712753349171734318745015574338866049075316732439658885274307
# "ProFTPD"
136796884348914309433608566178313687173477692302500107653566211211886143478606291610252339969266161044433128956125387787447345706509140162356735699069609133141538999649842144594045984234748008239998576251245899854136813090217059279013819988558531082979779602360431032271817804377771999740652865493583728547303
# "ProFTPD"
167751911251691477400879168696973893472387251048307155134997654386932267855467967675338388425759898758981392239026462776070750197535524070674716116167771442673416216658566234928237166647224963890836829465768360527937853986670204218960020207654931004080097826367749677059265522971537599345586589563008771305059
# "ProFTPD"
90164112263583338872045552783608529087937979270683138336948143992111523095218561519057070103401534340240697917506462801522299075514460931473642651447181996848483449888359288699250956320806573454874473973166568685155864072031363366921611564598072165832915957792883701137348264610414343290967731930063824725523
# "ProFTPD"
1442082006420025285159048195407350832162451354970727441133114815200914015675297262845335883189790640384931267049070886793124058848180908982173726908054069855043135110045340492943413515577525797209781974671102061281077459318689101368052740455819513045346254302071645059475553268741739489000477622236056274600429885650766582188185564690881741381462043125996673253248961545216598867257791307298215427433001483949235232717793476313459024860432728272050874931213595543
# "ProFTPD"
1585267470767244273044107663411169303444883303191939904174462520657404014028566831965120807716340792526253441221740134643826007654998109460881572295636122928199853275034486996345453512356656712709629564297195683210604077436291604158194789653214040565692878135040130963708681515701288131697612156474638618573223280842292723454482563231109090559440909013349743163959067476699032060125379522318966848788470719660815660412055027428122460054977514444278077846789140699
# "ProFTPD"
2027766136735054769692379678403255418818352577167303861335714333049379030090903093887869111474427579026561918086896224997168323675945249165494863186546471863929461941407265046037911955365720627362818156592478752178915959040090408810560235675280619805603404439626888305039177460099695421975520079420001810213018995340062647953760877418185168989345014659622446222339712804272314984374647918446112020640013288816174836923301139404463463159658546593644846797623482923
# "ProFTPD"
29484431161230878152548870180958612754250230197705809571290478589909187981720717685327735273387416511274057781294076748771444807842553242819102107757103675878102175387855561386503916507221692084302102359372588227910590771528112112856108416996288552081116686364356381435943745142719402860898585982794136162970587185956742225497736703577210839049706015718648500509085628043135139402801209501498241421336809228371150021215528408022319773340435671934310371912646075629079601730607295032571519366354063983890572309223314476915221032441338898377696388617564377362158157334188156699167381895735324335732582041667913252512339
# "ProFTPD"
20688119750554625784709846317430718604169888731173941060581442021098396942101427300358256348908553454806288636971267059394068813630582665414307851229838617027065211823085367080874124091537030423091584189698731707608557359950179235778276430021081065695196384877883587752768974269274074180903734141862488218377743758988416168389576813181864016049843544101343494860617717109149721309615800057724024705772317174615817205727113392329227090895224468437228745291852197014264433563112388673140491448319770113906687867727988355155701700335344209966921434310712825277548504570050704170163646175008580262305320441541340196602703
# "ProFTPD"

# "ProFTPD"

# "ProFTPD"
842583000993045072637278642109901152103261923931236175788452043395835931872848482669580216429166310471893963002813982523507744183298035638380633699708788872007339195053363676210543188458982814648244285781891977789350854145845098767617917105439116573111107035713188720795327868690656824703579200074379067793808150376553099987803804062916278558688049193255223197184566162760070112846375799470594721161807479862158946955386596628536212815471482014247214513855881948470070791860002882588595556426782479616904272003587260891105308747001427205143410668530481850441975443068998762424989279375170481022004413516522026179757627369105917089325647184882951700083963497493525907573983062565422732475779643483560757033174230275171854369260515982564284558350426664891192930108154986087328112229293571621203441594349831442705426364202644536996077010112617051367371064084652438935604841234964912659138743739041431129200444928047130102954349346924659898296062267241077089892252283481159087533143061715075886314960787135245606388142954893159629656874505520343164833970456391996719250239756800849389727710302745421395697831477996940551839957110177892706519603094970138252930404570091890868494473034640779001880720250621626160122361360957600205875229974984765052104576962073906145469829806988741037404682346915918868247985475386777043652184076056075266432579619819843583483912192964862050178460166612303892771730993644094803736153930194451391094174838154400870059520143467898002852746911676266052857342128737513327388606257353970560411505075314710468391209342555665824899345489319400327140237283631183721278412481250255675770072765717605270444344602304767192635834999918745562496880294620898158754640701488018939456852939480684562565907219397080802741584232790265448896765357000388625159482028737161115217778260089059925769844896898457401102148237004351214279658006655945162471509279769621477001618734509392661225025427494080610698768725431986210060156537977812536098473372555128858118524663410057866784971094191896608754164811842347647862656062193237071472596009345104467720936174369502112957735120605230796536550526073320107058503539363665491662843858007004414547619637692127649556924570381450258194999012433531463917738796372800143851458398329058266603497557872154278268111650749903192875364273234576142545565560132387939493677439588722552015918122167805855557322418557066911853301356571738165573273023707816337475166068640316082202616532954193827365634369494484973753516615125445659
# "LibTomCrypt"
101745825697019260773923519755878567461315282017759829107608914364075275235254395622580447400994175578963163918967182013639660669771108475957692810857098847138903161308502419410142185759152435680068435915159402496058513611411688900243039
# "LibTomCrypt"
736335108039604595805923406147184530889923370574768772191969612422073040099331944991573923112581267542507986451953227192970402893063850485730703075899286013451337291468249027691733891486704001513279827771740183629161065194874727962517148100775228363421083691764065477590823919364012917984605619526140821798437127
# "LibTomCrypt"
5328861283668172329945723047610411795771014270600552860323385523406647326552760472582266594166949982639319866344591875989188385919141614032967632182106788230617154308807280817035869875026730777842155223320417183340387162699544821179884800708832389269366962629279314344211669291534466869589107113928150426545698929768007946765669598970231274510785562045304927693165937003804520022122096407
# "LibTomCrypt"
38564998830736521417281865696453025806593491967131023221754800625044118265468851210705360385717536794615180260494208076605798671660719333199513807806252394423283413430106003596332513246682903994829528690198205120921557533726473585751382193953592127439965050261476810842071573684505878854588706623484573925925903505747545471088867712185004135201289273405614415899438276535626346098904241020877974002916168099951885406379295536200413493190419727789712076165162175783
# "LibTomCrypt"

# "LibTomCrypt"

# "LibTomCrypt"

# "LibTomCrypt"

# "Socat"
27788893276069724796504555675597658900595616769773727063231875314156885361379100133264804184710789407128574011804155595735704837674243828066040543912171576627544718762752948158991754559261759162739343094515270757451837630913502740443023902769553802723685440839891240497710460941757089246131322686180648463540974702859210630184042730717698427486397505787974799692901205514386555272667298045803284972074823213104807295638814082142694729938965663710648170010420323923305528998108799706139846097432481556448740855888110797022123731105964852194684036975049177742094726795060211226322344210328442014189175085444396370522979
# "Socat"
143319364394905942617148968085785991039146683740268996579566827015580969124702493833109074343879894586653465192222251909074832038151585448034731101690454685781999248641772509287801359980318348021809541131200479989220793925941518568143721972993251823166164933334796625008174851430377966394594186901123322297453
# "HAProxy"
176239444111649184001807886764937833964048435503795244999892081768789022375735129915740662180068334018339161388592958930526963170519019882900807402416607478066376591136260438873107131022267101489325892860968978786211058103300402499464852578205304343633112813894051715807017599329349818891389130497782833296267
# "HAProxy"
29858796390615156579005888939269198307245905232681039735701203577782476926154873335426127695897301754922870128756842593030151414119709262645229012441727298368711743410459247864230844928652844066470778453407016731127877523140218134153576484186182950525935914709244296481672185142305068112555406408976796124878635827772120777258550853683439376087177772896228263369772738298975007811505514162302230875939649849577860441810207979136789694197146933683702582561144371423098825724758001276881551281910063375037847674958425455182508146273563179524764981626911867808039229817688516441992282273960105156684293367156005318653939
# "HAProxy"

# "HAProxy"
102700630561259395087032918003696203215413680966205093401719261420927348617434421199810037690244910311348546427618773468138363558097981635746622031353236427233047123501573548251948502109660464742170278233192733579208742792462937581596612734833735829907594549504874993126473577377037753456164875577780679800659

View File

@ -892,6 +892,13 @@ hex2dec() {
echo $((16#$1))
}
# convert 414243 into ABC
hex2ascii() {
for (( i=0; i<${#1}; i+=2 )); do
printf "\x${1:$i:2}"
done
}
# trim spaces for BSD and old sed
count_lines() {
#echo "${$(wc -l <<< "$1")// /}"
@ -4580,15 +4587,18 @@ read_dhbits_from_file() {
run_server_preference() {
local cipher1 cipher2
local default_cipher default_proto
local remark4default_cipher
local remark4default_cipher supported_sslv2_ciphers
local -a cipher proto
local p i
local -i ret=0
local -i ret=0 j
local list_fwd="DES-CBC3-SHA:RC4-MD5:DES-CBC-SHA:RC4-SHA:AES128-SHA:AES128-SHA256:AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-RSA-AES128-SHA:ECDH-RSA-AES256-SHA:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:DHE-DSS-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:AES256-SHA256"
# now reversed offline via tac, see https://github.com/thomassa/testssl.sh/commit/7a4106e839b8c3033259d66697893765fc468393 :
local list_reverse="AES256-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-DSS-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDH-RSA-AES256-SHA:ECDH-RSA-AES128-SHA:ECDH-RSA-DES-CBC3-SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-AES128-SHA:AES256-SHA:AES128-SHA256:AES128-SHA:RC4-SHA:DES-CBC-SHA:RC4-MD5:DES-CBC3-SHA"
local has_cipher_order=true
local isok addcmd="" addcmd2="" sni=""
local using_sockets=true
"$SSL_NATIVE" && using_sockets=false
outln
pr_headlineln " Testing server preferences "
@ -4747,18 +4757,52 @@ run_server_preference() {
i=1
for p in ssl2 ssl3 tls1 tls1_1 tls1_2; do
if [[ $p == ssl2 ]] && ! "$HAS_SSL2"; then
if ! "$using_sockets" || [[ $TLS_NR_CIPHERS -eq 0 ]]; then
out " (SSLv2: "; local_problem "$OPENSSL doesn't support \"s_client -ssl2\""; outln ")";
continue
else
sslv2_sockets "" "true"
if [[ $? -eq 3 ]] && [[ "$V2_HELLO_CIPHERSPEC_LENGTH" -ne 0 ]]; then
# Just arbitrarily pick the first cipher in the cipher-mapping.txt list.
proto[i]="SSLv2"
supported_sslv2_ciphers="$(grep "Supported cipher: " "$TEMPDIR/$NODEIP.parse_sslv2_serverhello.txt")"
for (( j=0; j < TLS_NR_CIPHERS; j++ )); do
if [[ "${TLS_CIPHER_SSLVERS[j]}" == "SSLv2" ]]; then
cipher1="${TLS_CIPHER_HEXCODE[j]}"
cipher1="$(tolower "x${cipher1:2:2}${cipher1:7:2}${cipher1:12:2}")"
if [[ "$supported_sslv2_ciphers" =~ "$cipher1" ]]; then
cipher[i]="${TLS_CIPHER_OSSL_NAME[j]}"
break
fi
if [[ $p == ssl3 ]] && ! "$HAS_SSL3"; then
fi
done
[[ $DEBUG -ge 2 ]] && outln "Default cipher for ${proto[i]}: ${cipher[i]}"
else
proto[i]=""
cipher[i]=""
fi
fi
elif [[ $p == ssl3 ]] && ! "$HAS_SSL3"; then
if ! "$using_sockets"; then
out " (SSLv3: "; local_problem "$OPENSSL doesn't support \"s_client -ssl3\"" ; outln ")";
continue
fi
if [[ "$p" =~ ssl ]]; then
$OPENSSL s_client $STARTTLS -"$p" $BUGS -connect $NODEIP:$PORT $PROXY </dev/null 2>>$ERRFILE >$TMPFILE
else
$OPENSSL s_client $STARTTLS -"$p" $BUGS -connect $NODEIP:$PORT $PROXY $SNI </dev/null 2>>$ERRFILE >$TMPFILE
tls_sockets "00" "$TLS_CIPHER"
if [[ $? -eq 0 ]]; then
proto[i]="SSLv3"
cipher[i]=""
cipher1=$(awk '/Cipher *:/ { print $3 }' "$TEMPDIR/$NODEIP.parse_tls_serverhello.txt")
[[ $TLS_NR_CIPHERS -ne 0 ]] && cipher[i]="$(rfc2openssl "$cipher1")"
[[ -z "${cipher[i]}" ]] && cipher[i]="$cipher1"
[[ $DEBUG -ge 2 ]] && outln "Default cipher for ${proto[i]}: ${cipher[i]}"
else
proto[i]=""
cipher[i]=""
fi
fi
else
[[ "$p" =~ ssl ]] && sni="" || sni="$SNI"
$OPENSSL s_client $STARTTLS -"$p" $BUGS -connect $NODEIP:$PORT $PROXY $sni </dev/null 2>>$ERRFILE >$TMPFILE
if sclient_connect_successful $? $TMPFILE; then
proto[i]=$(grep -aw "Protocol" $TMPFILE | sed -e 's/^.*Protocol.*://' -e 's/ //g')
cipher[i]=$(grep -aw "Cipher" $TMPFILE | egrep -avw "New|is" | sed -e 's/^.*Cipher.*://' -e 's/ //g')
@ -4768,6 +4812,7 @@ run_server_preference() {
proto[i]=""
cipher[i]=""
fi
fi
i=$(($i + 1))
done
@ -5870,7 +5915,7 @@ certificate_info() {
cnfinding="Common Name (CN) : "
cn="$(get_cn_from_cert $HOSTCERT)"
if [[ -n "$cn" ]]; then
pr_dquoted "$cn"
pr_italic "$cn"
cnfinding="$cn"
else
cn="no CN field in subject"
@ -5908,7 +5953,7 @@ certificate_info() {
outln ", (request w/o SNI: $cn_nosni)"
cnfinding+=", (request w/o SNI: $cn_nosni)"
else
out " (CN in response to request w/o SNI: "; pr_dquoted "$cn_nosni"; outln ")"
out " (CN in response to request w/o SNI: "; pr_italic "$cn_nosni"; outln ")"
cnfinding+=" (CN in response to request w/o SNI: \"$cn_nosni\")"
fi
fileout "${json_prefix}cn" "$cnok" "$cnfinding"
@ -5922,7 +5967,7 @@ certificate_info() {
out "$indent"; pr_bold " subjectAltName (SAN) "
if [[ -n "$sans" ]]; then
while read san; do
[[ -n "$san" ]] && pr_dquoted "$san"
[[ -n "$san" ]] && pr_italic "$san"
out " "
done <<< "$sans"
fileout "${json_prefix}san" "INFO" "subjectAltName (SAN) : $sans"
@ -5943,7 +5988,7 @@ certificate_info() {
pr_svrty_criticalln "self-signed (NOT ok)"
fileout "${json_prefix}issuer" "CRITICAL" "Issuer: selfsigned"
else
issuerfinding="$(pr_dquoted "$issuer_CN")"
issuerfinding="$(pr_italic "$issuer_CN")"
if [[ -z "$issuer_O" ]] && [[ -n "$issuer_DC" ]]; then
for san in $issuer_DC; do
if [[ -z "$issuer_O" ]]; then
@ -5955,10 +6000,10 @@ certificate_info() {
fi
if [[ -n "$issuer_O" ]]; then
issuerfinding+=" ("
issuerfinding+="$(pr_dquoted "$issuer_O")"
issuerfinding+="$(pr_italic "$issuer_O")"
if [[ -n "$issuer_C" ]]; then
issuerfinding+=" from "
issuerfinding+="$(pr_dquoted "$issuer_C")"
issuerfinding+="$(pr_italic "$issuer_C")"
fi
issuerfinding+=")"
fi
@ -6181,20 +6226,17 @@ certificate_info() {
fi
outln
if "$EXPERIMENTAL"; then
out "$indent"; pr_bold " DNS CAA RR record "
out "$indent"; pr_bold " DNS CAA RR"; out " (experimental) "
caa="$(get_caa_rr_record $NODE)"
if [[ -n "$caa" ]]; then
pr_done_good "OK ($caa)"
pr_done_good "OK"; out " (" ; pr_italic "$caa"; out ")"
fileout "${json_prefix}CAA_record" "OK" "DNS Certification Authority Authorization (CAA) Resource Record / RFC6844 : offered"
else
pr_svrty_minor "--"
fileout "${json_prefix}CAA_record" "LOW" "DNS Certification Authority Authorization (CAA) Resource Record / RFC6844 : not offered"
fi
fi
outln "\n"
return $ret
}
# FIXME: revoked, see checkcert.sh
@ -9436,27 +9478,51 @@ run_breach() {
# Padding Oracle On Downgraded Legacy Encryption, in a nutshell: don't use CBC Ciphers in SSLv3
run_ssl_poodle() {
local -i sclient_success=0
local cbc_ciphers="ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:SRP-DSS-AES-256-CBC-SHA:SRP-RSA-AES-256-CBC-SHA:SRP-AES-256-CBC-SHA:DHE-PSK-AES256-CBC-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DH-RSA-AES256-SHA:DH-DSS-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:DH-RSA-CAMELLIA256-SHA:DH-DSS-CAMELLIA256-SHA:AECDH-AES256-SHA:ADH-AES256-SHA:ADH-CAMELLIA256-SHA:ECDH-RSA-AES256-SHA:ECDH-ECDSA-AES256-SHA:AES256-SHA:ECDHE-PSK-AES256-CBC-SHA:CAMELLIA256-SHA:RSA-PSK-AES256-CBC-SHA:PSK-AES256-CBC-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:SRP-DSS-AES-128-CBC-SHA:SRP-RSA-AES-128-CBC-SHA:SRP-AES-128-CBC-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:DH-RSA-AES128-SHA:DH-DSS-AES128-SHA:DHE-RSA-SEED-SHA:DHE-DSS-SEED-SHA:DH-RSA-SEED-SHA:DH-DSS-SEED-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-DSS-CAMELLIA128-SHA:DH-RSA-CAMELLIA128-SHA:DH-DSS-CAMELLIA128-SHA:AECDH-AES128-SHA:ADH-AES128-SHA:ADH-SEED-SHA:ADH-CAMELLIA128-SHA:ECDH-RSA-AES128-SHA:ECDH-ECDSA-AES128-SHA:AES128-SHA:ECDHE-PSK-AES128-CBC-SHA:DHE-PSK-AES128-CBC-SHA:SEED-SHA:CAMELLIA128-SHA:IDEA-CBC-SHA:IDEA-CBC-MD5:RC2-CBC-MD5:RSA-PSK-AES128-CBC-SHA:PSK-AES128-CBC-SHA:KRB5-IDEA-CBC-SHA:KRB5-IDEA-CBC-MD5:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:SRP-DSS-3DES-EDE-CBC-SHA:SRP-RSA-3DES-EDE-CBC-SHA:SRP-3DES-EDE-CBC-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DH-RSA-DES-CBC3-SHA:DH-DSS-DES-CBC3-SHA:AECDH-DES-CBC3-SHA:ADH-DES-CBC3-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-ECDSA-DES-CBC3-SHA:DES-CBC3-SHA:DES-CBC3-MD5:RSA-PSK-3DES-EDE-CBC-SHA:PSK-3DES-EDE-CBC-SHA:KRB5-DES-CBC3-SHA:KRB5-DES-CBC3-MD5:ECDHE-PSK-3DES-EDE-CBC-SHA:DHE-PSK-3DES-EDE-CBC-SHA:EXP1024-DHE-DSS-DES-CBC-SHA:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DH-RSA-DES-CBC-SHA:DH-DSS-DES-CBC-SHA:ADH-DES-CBC-SHA:EXP1024-DES-CBC-SHA:DES-CBC-SHA:DES-CBC-MD5:KRB5-DES-CBC-SHA:KRB5-DES-CBC-MD5:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-ADH-DES-CBC-SHA:EXP-DES-CBC-SHA:EXP-RC2-CBC-MD5:EXP-RC2-CBC-MD5:EXP-KRB5-RC2-CBC-SHA:EXP-KRB5-DES-CBC-SHA:EXP-KRB5-RC2-CBC-MD5:EXP-KRB5-DES-CBC-MD5"
local cbc_ciphers="ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:SRP-DSS-AES-256-CBC-SHA:SRP-RSA-AES-256-CBC-SHA:SRP-AES-256-CBC-SHA:DHE-PSK-AES256-CBC-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DH-RSA-AES256-SHA:DH-DSS-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:DH-RSA-CAMELLIA256-SHA:DH-DSS-CAMELLIA256-SHA:AECDH-AES256-SHA:ADH-AES256-SHA:ADH-CAMELLIA256-SHA:ECDH-RSA-AES256-SHA:ECDH-ECDSA-AES256-SHA:AES256-SHA:ECDHE-PSK-AES256-CBC-SHA:CAMELLIA256-SHA:RSA-PSK-AES256-CBC-SHA:PSK-AES256-CBC-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:SRP-DSS-AES-128-CBC-SHA:SRP-RSA-AES-128-CBC-SHA:SRP-AES-128-CBC-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:DH-RSA-AES128-SHA:DH-DSS-AES128-SHA:DHE-RSA-SEED-SHA:DHE-DSS-SEED-SHA:DH-RSA-SEED-SHA:DH-DSS-SEED-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-DSS-CAMELLIA128-SHA:DH-RSA-CAMELLIA128-SHA:DH-DSS-CAMELLIA128-SHA:AECDH-AES128-SHA:ADH-AES128-SHA:ADH-SEED-SHA:ADH-CAMELLIA128-SHA:ECDH-RSA-AES128-SHA:ECDH-ECDSA-AES128-SHA:AES128-SHA:ECDHE-PSK-AES128-CBC-SHA:DHE-PSK-AES128-CBC-SHA:SEED-SHA:CAMELLIA128-SHA:IDEA-CBC-SHA:RSA-PSK-AES128-CBC-SHA:PSK-AES128-CBC-SHA:KRB5-IDEA-CBC-SHA:KRB5-IDEA-CBC-MD5:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:SRP-DSS-3DES-EDE-CBC-SHA:SRP-RSA-3DES-EDE-CBC-SHA:SRP-3DES-EDE-CBC-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DH-RSA-DES-CBC3-SHA:DH-DSS-DES-CBC3-SHA:AECDH-DES-CBC3-SHA:ADH-DES-CBC3-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-ECDSA-DES-CBC3-SHA:DES-CBC3-SHA:RSA-PSK-3DES-EDE-CBC-SHA:PSK-3DES-EDE-CBC-SHA:KRB5-DES-CBC3-SHA:KRB5-DES-CBC3-MD5:ECDHE-PSK-3DES-EDE-CBC-SHA:DHE-PSK-3DES-EDE-CBC-SHA:EXP1024-DHE-DSS-DES-CBC-SHA:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DH-RSA-DES-CBC-SHA:DH-DSS-DES-CBC-SHA:ADH-DES-CBC-SHA:EXP1024-DES-CBC-SHA:DES-CBC-SHA:KRB5-DES-CBC-SHA:KRB5-DES-CBC-MD5:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-ADH-DES-CBC-SHA:EXP-DES-CBC-SHA:EXP-RC2-CBC-MD5:EXP-KRB5-RC2-CBC-SHA:EXP-KRB5-DES-CBC-SHA:EXP-KRB5-RC2-CBC-MD5:EXP-KRB5-DES-CBC-MD5:EXP-DH-DSS-DES-CBC-SHA:EXP-DH-RSA-DES-CBC-SHA"
local cbc_ciphers_hex="c0,14, c0,0a, c0,22, c0,21, c0,20, 00,91, 00,39, 00,38, 00,37, 00,36, 00,88, 00,87, 00,86, 00,85, c0,19, 00,3a, 00,89, c0,0f, c0,05, 00,35, c0,36, 00,84, 00,95, 00,8d, c0,13, c0,09, c0,1f, c0,1e, c0,1d, 00,33, 00,32, 00,31, 00,30, 00,9a, 00,99, 00,98, 00,97, 00,45, 00,44, 00,43, 00,42, c0,18, 00,34, 00,9b, 00,46, c0,0e, c0,04, 00,2f, c0,35, 00,90, 00,96, 00,41, 00,07, 00,94, 00,8c, 00,21, 00,25, c0,12, c0,08, c0,1c, c0,1b, c0,1a, 00,16, 00,13, 00,10, 00,0d, c0,17, 00,1b, c0,0d, c0,03, 00,0a, 00,93, 00,8b, 00,1f, 00,23, c0,34, 00,8f, 00,63, 00,15, 00,12, 00,0f, 00,0c, 00,1a, 00,62, 00,09, 00,1e, 00,22, 00,14, 00,11, 00,19, 00,08, 00,06, 00,27, 00,26, 00,2a, 00,29, 00,0b, 00,0e"
local cve="CVE-2014-3566"
local cwe="CWE-310"
local hint=""
local -i nr_cbc_ciphers=0
local using_sockets=true
[[ $VULN_COUNT -le $VULN_THRESHLD ]] && outln && pr_headlineln " Testing for SSLv3 POODLE (Padding Oracle On Downgraded Legacy Encryption) " && outln
pr_bold " POODLE, SSL"; out " ($cve) "
locally_supported "-ssl3" || return 0
cbc_ciphers=$(actually_supported_ciphers $cbc_ciphers)
debugme echo $cbc_ciphers
"$SSL_NATIVE" && using_sockets=false
# The openssl binary distributed has almost everything we need (PSK and KRB5 ciphers are typically missing).
# Measurements show that there's little impact whether we use sockets or TLS here, so the default is sockets here
if "$using_sockets"; then
tls_sockets "00" "$cbc_ciphers_hex"
sclient_success=$?
else
if ! "$HAS_SSL3"; then
local_problem_ln "Your $OPENSSL doesn't support SSLv3"
return 1
fi
nr_cbc_ciphers=$(count_ciphers $cbc_ciphers)
nr_supported_ciphers=$(count_ciphers $(actually_supported_ciphers $cbc_ciphers))
$OPENSSL s_client -ssl3 $STARTTLS $BUGS -cipher $cbc_ciphers -connect $NODEIP:$PORT $PROXY >$TMPFILE 2>$ERRFILE </dev/null
sclient_connect_successful $? $TMPFILE
sclient_success=$?
[[ "$DEBUG" -eq 2 ]] && egrep -q "error|failure" $ERRFILE | egrep -av "unable to get local|verify error"
fi
if [[ $sclient_success -eq 0 ]]; then
pr_svrty_high "VULNERABLE (NOT ok)"; out ", uses SSLv3+CBC (check TLS_FALLBACK_SCSV mitigation below)"
fileout "poodle_ssl" "HIGH" "POODLE, SSL: VULNERABLE, uses SSLv3+CBC" "$cve" "$cwe" "$hint"
else
pr_done_best "not vulnerable (OK)"
pr_done_best "not vulnerable (OK)";
if "$using_sockets"; then
fileout "poodle_ssl" "OK" "POODLE, SSL: not vulnerable" "$cve" "$cwe"
else
if [[ "$nr_supported_ciphers" -ge 83 ]]; then
# Likely only KRB and PSK cipher are missing: display discrepancy but no warning
out ", $nr_supported_ciphers/$nr_cbc_ciphers local ciphers"
else
pr_warning ", $nr_supported_ciphers/$nr_cbc_ciphers local ciphers"
fi
fileout "poodle_ssl" "OK" "POODLE, SSL: not vulnerable ($nr_supported_ciphers of $nr_cbc_ciphers local ciphers" "$cve" "$cwe"
fi
fi
outln
tmpfile_handle $FUNCNAME.txt
@ -9557,11 +9623,10 @@ run_freak() {
local hint=""
local using_sockets=true
"$SSL_NATIVE" && using_sockets=false
[[ $VULN_COUNT -le $VULN_THRESHLD ]] && outln && pr_headlineln " Testing for FREAK attack " && outln
pr_bold " FREAK"; out " ($cve) "
"$SSL_NATIVE" && using_sockets=false
if "$using_sockets"; then
nr_supported_ciphers=$(count_words "$exportrsa_tls_cipher_list_hex")+$(count_words "$exportrsa_ssl2_cipher_list_hex")
else
@ -9570,17 +9635,16 @@ run_freak() {
#echo "========= ${PIPESTATUS[*]}
case $nr_supported_ciphers in
0)
local_problem_ln "$OPENSSL doesn't have any EXPORT RSA ciphers configured"
0) local_problem_ln "$OPENSSL doesn't have any EXPORT RSA ciphers configured"
fileout "freak" "WARN" "FREAK: Not tested. $OPENSSL doesn't have any EXPORT RSA ciphers configured" "$cve" "$cwe"
return 7
;;
1|2|3)
addtl_warning=" ($magenta""tested only with $nr_supported_ciphers out of 9 ciphers only!$off)" ;;
8|9|10|11)
addtl_warning="" ;;
4|5|6|7)
addtl_warning=" (tested with $nr_supported_ciphers/9 ciphers)" ;;
8|9|10|11)
addtl_warning="" ;;
esac
if "$using_sockets"; then
tls_sockets "03" "$exportrsa_tls_cipher_list_hex"
@ -9643,63 +9707,64 @@ run_freak() {
}
# see https://weakdh.org/logjam.html
# see https://weakdh.org/upported_ciphers/ogjam.html
run_logjam() {
local -i sclient_success=0
local exportdhe_cipher_list="EXP1024-DHE-DSS-DES-CBC-SHA:EXP1024-DHE-DSS-RC4-SHA:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA"
local exportdhe_cipher_list_hex="00,63, 00,65, 00,14, 00,11"
local all_dhe_ciphers="cc,15, 00,b3, 00,91, c0,97, 00,a3, 00,9f, cc,aa, c0,a3, c0,9f, 00,6b, 00,6a, 00,39, 00,38, 00,c4, 00,c3, 00,88, 00,87, 00,a7, 00,6d, 00,3a, 00,c5, 00,89, 00,ab, cc,ad, c0,a7, c0,43, c0,45, c0,47, c0,53, c0,57, c0,5b, c0,67, c0,6d, c0,7d, c0,81, c0,85, c0,91, 00,a2, 00,9e, c0,a2, c0,9e, 00,aa, c0,a6, 00,67, 00,40, 00,33, 00,32, 00,be, 00,bd, 00,9a, 00,99, 00,45, 00,44, 00,a6, 00,6c, 00,34, 00,bf, 00,9b, 00,46, 00,b2, 00,90, c0,96, c0,42, c0,44, c0,46, c0,52, c0,56, c0,5a, c0,66, c0,6c, c0,7c, c0,80, c0,84, c0,90, 00,66, 00,18, 00,8e, 00,16, 00,13, 00,1b, 00,8f, 00,63, 00,15, 00,12, 00,1a, 00,65, 00,14, 00,11, 00,19, 00,17, 00,b5, 00,b4, 00,2d"
local -i i nr_supported_ciphers=0 server_key_exchange_len=0 ephemeral_pub_len=0
local exportdh_cipher_list="EXP1024-DHE-DSS-DES-CBC-SHA:EXP1024-DHE-DSS-RC4-SHA:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA"
local exportdh_cipher_list_hex="00,63, 00,65, 00,14, 00,11"
local all_dh_ciphers="cc,15, 00,b3, 00,91, c0,97, 00,a3, 00,9f, cc,aa, c0,a3, c0,9f, 00,6b, 00,6a, 00,39, 00,38, 00,c4, 00,c3, 00,88, 00,87, 00,a7, 00,6d, 00,3a, 00,c5, 00,89, 00,ab, cc,ad, c0,a7, c0,43, c0,45, c0,47, c0,53, c0,57, c0,5b, c0,67, c0,6d, c0,7d, c0,81, c0,85, c0,91, 00,a2, 00,9e, c0,a2, c0,9e, 00,aa, c0,a6, 00,67, 00,40, 00,33, 00,32, 00,be, 00,bd, 00,9a, 00,99, 00,45, 00,44, 00,a6, 00,6c, 00,34, 00,bf, 00,9b, 00,46, 00,b2, 00,90, c0,96, c0,42, c0,44, c0,46, c0,52, c0,56, c0,5a, c0,66, c0,6c, c0,7c, c0,80, c0,84, c0,90, 00,66, 00,18, 00,8e, 00,16, 00,13, 00,1b, 00,8f, 00,63, 00,15, 00,12, 00,1a, 00,65, 00,14, 00,11, 00,19, 00,17, 00,b5, 00,b4, 00,2d" # 93 ciphers
local -i i nr_supported_ciphers=0 server_key_exchange_len=0 ephemeral_pub_len=0 len_dh_p=0
local addtl_warning="" hexc
local cve="CVE-2015-4000"
local cwe="CWE-310"
local hint=""
local server_key_exchange ephemeral_pub key_bitstring="" dh_p
local using_sockets=true
local server_key_exchange ephemeral_pub key_bitstring=""
local dh_p=""
local spaces=" "
"$SSL_NATIVE" && using_sockets=false
local vuln_exportdh_ciphers=false
local common_primes_file="$TESTSSL_INSTALL_DIR/etc/common-primes.txt"
local comment="" str=""
local -i lineno_matched=0
local -i ret
local using_sockets=true
[[ $VULN_COUNT -le $VULN_THRESHLD ]] && outln && pr_headlineln " Testing for LOGJAM vulnerability " && outln
pr_bold " LOGJAM"; out " ($cve), experimental "
if "$using_sockets"; then
nr_supported_ciphers=$(count_words "$exportdhe_cipher_list_hex")
else
nr_supported_ciphers=$(count_ciphers $(actually_supported_ciphers $exportdhe_cipher_list))
fi
"$SSL_NATIVE" && using_sockets=false
# Also as the openssl binary distributed has everything we need measurements show that
# there's no impact whether we use sockets or TLS here, so the default is sockets here
if ! "$using_sockets"; then
nr_supported_ciphers=$(count_ciphers $(actually_supported_ciphers $exportdh_cipher_list))
debugme echo $nr_supported_ciphers
case $nr_supported_ciphers in
0) local_problem_ln "$OPENSSL doesn't have any DHE EXPORT ciphers configured"
fileout "logjam" "WARN" "LOGJAM: Not tested. $OPENSSL doesn't have any DHE EXPORT ciphers configured" "$cve" "$cwe"
return 3
0) local_problem_ln "$OPENSSL doesn't have any DH EXPORT ciphers configured"
fileout "logjam" "WARN" "LOGJAM: Not tested. $OPENSSL doesn't have any DH EXPORT ciphers configured" "$cve" "$cwe"
return 1 # we could continue here testing common primes but the logjam test would be not complete and it's misleading/hard to code+display
;;
1|2) addtl_warning=" ($magenta""tested w/ $nr_supported_ciphers/4 ciphers only!$off)" ;;
3) addtl_warning=" (tested w/ $nr_supported_ciphers/4 ciphers)" ;;
1|2|3) addtl_warning=" ($magenta""tested w/ $nr_supported_ciphers/4 ciphers only!$off)" ;;
4) ;;
esac
fi
# test for DH export ciphers first
if "$using_sockets"; then
tls_sockets "03" "$exportdhe_cipher_list_hex"
tls_sockets "03" "$exportdh_cipher_list_hex"
sclient_success=$?
[[ $sclient_success -eq 2 ]] && sclient_success=0
else
$OPENSSL s_client $STARTTLS $BUGS -cipher $exportdhe_cipher_list -connect $NODEIP:$PORT $PROXY $SNI >$TMPFILE 2>$ERRFILE </dev/null
$OPENSSL s_client $STARTTLS $BUGS -cipher $exportdh_cipher_list -connect $NODEIP:$PORT $PROXY $SNI >$TMPFILE 2>$ERRFILE </dev/null
sclient_connect_successful $? $TMPFILE
sclient_success=$?
debugme egrep -a "error|failure" $ERRFILE | egrep -av "unable to get local|verify error"
fi
if [[ $sclient_success -eq 0 ]]; then
pr_svrty_high "VULNERABLE (NOT ok):"; out " uses DHE EXPORT ciphers"
fileout "logjam" "HIGH" "LOGJAM: VULNERABLE, uses DHE EXPORT ciphers" "$cve" "$cwe" "$hint"
else
pr_done_good "not vulnerable (OK):"; out " no DHE EXPORT ciphers"; out "$addtl_warning"
fileout "logjam" "OK" "LOGJAM: not vulnerable (no DHE EXPORT ciphers) $addtl_warning" "$cve" "$cwe"
fi
[[ $sclient_success -eq 0 ]] && \
vuln_exportdh_ciphers=true || \
vuln_exportdh_ciphers=false
if [[ $DEBUG -ge 2 ]]; then
if "$using_sockets"; then
for hexc in $(sed 's/, / /g' <<< "$exportdhe_cipher_list_hex"); do
for hexc in $(sed 's/, / /g' <<< "$exportdh_cipher_list_hex"); do
hexc="0x${hexc:0:2},0x${hexc:3:2}"
for (( i=0; i < TLS_NR_CIPHERS; i++ )); do
[[ "$hexc" == "${TLS_CIPHER_HEXCODE[i]}" ]] && break
@ -9708,24 +9773,29 @@ run_logjam() {
done
outln
else
echo $(actually_supported_ciphers $exportdhe_cipher_list)
echo $(actually_supported_ciphers $exportdh_cipher_list)
fi
fi
debugme echo $nr_supported_ciphers
# Try all ciphers that use an ephemeral DH key. If successful, check whether the key uses a weak prime.
if "$using_sockets"; then
tls_sockets "03" "$all_dhe_ciphers" "ephemeralkey"
tls_sockets "03" "$all_dh_ciphers" "ephemeralkey"
sclient_success=$?
if [[ $sclient_success -eq 0 ]] || [[ $sclient_success -eq 2 ]]; then
cp "$TEMPDIR/$NODEIP.parse_tls_serverhello.txt" $TMPFILE
key_bitstring="$(awk '/-----BEGIN PUBLIC KEY/,/-----END PUBLIC KEY/ { print $0 }' $TMPFILE)"
fi
else
# FIXME: determine # of ciphers supported, 48 only are the shipped binaries
$OPENSSL s_client $STARTTLS $BUGS -cipher kEDH -msg -connect $NODEIP:$PORT $PROXY $SNI >$TMPFILE 2>$ERRFILE </dev/null
sclient_connect_successful $? $TMPFILE
if [[ $? -eq 0 ]] && grep -q ServerKeyExchange $TMPFILE; then
server_key_exchange_len=$(hex2dec "$(grep ServerKeyExchange $TMPFILE | sed -e 's/<<< TLS 1.2 Handshake \[length //g' -e 's/], ServerKeyExchange//g')")
# Example: '<<< TLS 1.0 Handshake [length 010b], ServerKeyExchange'
# get line with ServerKeyExchange, cut from the beginning to "length ". cut from the end to ']'
str="$(awk '/<<< TLS 1.[0-2].*ServerKeyExchange$/' $TMPFILE)"
str="${str#<*length }"
str="${str%]*}"
server_key_exchange_len=$(hex2dec "$str")
server_key_exchange_len=2+$server_key_exchange_len/16
server_key_exchange="$(grep -A $server_key_exchange_len ServerKeyExchange $TMPFILE | tail -n +2)"
server_key_exchange="$(toupper "$(strip_spaces "$(newline_to_spaces "$server_key_exchange")")")"
@ -9735,55 +9805,107 @@ run_logjam() {
[[ $ephemeral_pub_len -ne 0 ]] && [[ $ephemeral_pub_len -le $server_key_exchange_len ]] && key_bitstring="$(get_dh_ephemeralkey "${server_key_exchange:8}")"
fi
fi
# now the final test for common primes
if [[ -n "$key_bitstring" ]]; then
dh_p="$($OPENSSL pkey -pubin -text -noout <<< "$key_bitstring" | awk '/prime:/,/generator:/' | tail -n +2 | head -n -1)"
dh_p="$(strip_spaces "$(colon_to_spaces "$(newline_to_spaces "$dh_p")")")"
[[ "${dh_p:0:2}" == "00" ]] && dh_p="${dh_p:2}"
debugme outln "dh_p: $dh_p"
len_dh_p="$((4*${#dh_p}))"
debugme outln "len(dh_p): $len_dh_p | dh_p: $dh_p"
echo "$dh_p" > $TEMPDIR/dh_p.txt
# attention: file etc/common-primes.txt is not correct!
common_primes_test $dh_p "$spaces"
else
out ", no DH key detected"
fileout "LOGJAM_common primes" "OK" "no DH key detected"
fi
outln
tmpfile_handle $FUNCNAME.txt
return $sclient_success
}
# takes one arg and compares against a predefined set in $TESTSSL_INSTALL_DIR
# spaces to indent
common_primes_test() {
local common_primes_file="$TESTSSL_INSTALL_DIR/etc/common-primes.txt"
local -i lineno_matched=0
local comment=""
local dhp="$1"
if [[ ! -s "$common_primes_file" ]]; then
outln
pr_warning "${2}couldn't read common primes file $common_primes_file"
local_problem_ln "couldn't read common primes file $common_primes_file"
out "${spaces}"
fileout "LOGJAM_common primes" "WARN" "couldn't read common primes file $common_primes_file"
return 1
ret=7
else
dh_p="$(toupper "$dh_p")"
# the most elegant thing to get the previous line " awk '/regex/ { print x }; { x=$0 }' " doesn't work with GNU grep
# this is bascially the hint we want to echo
# In the previous line of the match is bascially the hint we want to echo
# the most elegant thing to get the previous line [ awk '/regex/ { print x }; { x=$0 }' ] doesn't work with GNU grep
lineno_matched=$(grep -n "$dh_p" "$common_primes_file" 2>/dev/null | awk -F':' '{ print $1 }')
if [[ "$lineno_matched" -ne 0 ]]; then
# get comment
comment="$(awk "NR == $lineno_matched-1" "$common_primes_file" | awk -F'"' '{ print $2 }')"
#FiXME: probably the high groups/bit sizes whould get a different rating, see paper
out "\n${2}"
pr_svrty_high "common prime \"$comment\" detected"
fileout "LOGJAM_common primes" "HIGH" "common prime \"$comment\" detected"
ret=1 # vulnerable: common prime
else
out ", "
pr_done_good " no common primes detected"
ret=0 # not vulnerable: no known common prime
fi
fi
else
ret=3 # no DH key detected
fi
# now the final verdict
# we only use once the color here on the screen, so screen and fileout SEEM to be inconsistent
if "$vuln_exportdh_ciphers"; then
pr_svrty_high "VULNERABLE (NOT ok):"; out " uses DH EXPORT ciphers"
fileout "logjam" "HIGH" "LOGJAM: VULNERABLE, uses DH EXPORT ciphers" "$cve" "$cwe" "$hint"
if [[ $ret -eq 3 ]]; then
out ", no DH key detected"
fileout "LOGJAM_common primes" "OK" "no DH key detected"
elif [[ $ret -eq 1 ]]; then
out "\n${spaces}"
# now size matters -- i.e. the bit size ;-)
if [[ $len_dh_p -le 512 ]]; then
pr_svrty_critical "VULNERABLE (NOT ok):"; out " common prime \"$comment\" detected ($len_dh_p bits)"
fileout "LOGJAM_common primes" "CRITICAL" "common prime \"$comment\" detected"
elif [[ $len_dh_p -le 1024 ]]; then
pr_svrty_high "VULNERABLE (NOT ok):"; out " common prime \"$comment\" detected ($len_dh_p bits)"
fileout "LOGJAM_common primes" "HIGH" "common prime \"$comment\" detected"
elif [[ $len_dh_p -le 1536 ]]; then
pr_svrty_medium "common prime with $len_dh_p bits detected: \"$comment\""
fileout "LOGJAM_common primes" "MEDIUM" "common prime \"$comment\" detected"
elif [[ $len_dh_p -le 2048 ]]; then
pr_svrty_minor "common prime with $len_dh_p bits detected: \"$comment\""
fileout "LOGJAM_common primes" "LOW" "common prime \"$comment\" detected"
else
out "common prime with $len_dh_p bits detected: \"$comment\""
fileout "LOGJAM_common primes" "INFO" "common prime \"$comment\" detected"
fi
elif [[ $ret -eq 0 ]]; then
out " no common primes detected"
fileout "LOGJAM_common primes" "INFO" "no common primes detected"
elif [[ $ret -eq 7 ]]; then
out "FIXME 1"
fi
else
if [[ $ret -eq 1 ]]; then
# now size matters -- i.e. the bit size ;-)
if [[ $len_dh_p -le 512 ]]; then
pr_svrty_critical "VULNERABLE (NOT ok):" ; out " uses common prime \"$comment\" ($len_dh_p bits)"
fileout "LOGJAM_common primes" "CRITICAL" "common prime \"$comment\" detected"
elif [[ $len_dh_p -le 1024 ]]; then
pr_svrty_high "VULNERABLE (NOT ok):"; out " common prime \"$comment\" detected ($len_dh_p bits)"
fileout "LOGJAM_common primes" "HIGH" "common prime \"$comment\" detected"
elif [[ $len_dh_p -le 1536 ]]; then
pr_svrty_medium "Common prime with $len_dh_p bits detected: \"$comment\""
fileout "LOGJAM_common primes" "MEDIUM" "common prime \"$comment\" detected"
elif [[ $len_dh_p -le 2048 ]]; then
pr_svrty_minor "Common prime with $len_dh_p bits detected: \"$comment\""
fileout "LOGJAM_common primes" "LOW" "common prime \"$comment\" detected"
else
out "Common prime with $len_dh_p bits detected: \"$comment\""
fileout "LOGJAM_common primes" "INFO" "common prime \"$comment\" detected"
fi
out ", but no DH EXPORT ciphers${addtl_warning}"
fileout "logjam" "OK" "LOGJAM: not vulnerable, no DH EXPORT ciphers, $addtl_warning" "$cve" "$cwe"
elif [[ $ret -eq 3 ]]; then
pr_done_good "not vulnerable (OK):"; out " no DH EXPORT ciphers${addtl_warning}"
fileout "logjam" "OK" "LOGJAM: not vulnerable, no DH EXPORT ciphers, $addtl_warning" "$cve" "$cwe"
out ", no DH key detected"
fileout "LOGJAM_common primes" "OK" "no DH key detected"
elif [[ $ret -eq 0 ]]; then
pr_done_good "not vulnerable (OK):"; out " no DH EXPORT ciphers${ddtl_warning}"
fileout "logjam" "OK" "LOGJAM: not vulnerable, no DH EXPORT ciphers, $addtl_warning" "$cve" "$cwe"
out ", no common primes detected"
fileout "LOGJAM_common primes" "OK" "no common primes detected"
elif [[ $ret -eq 7 ]]; then
pr_done_good "partly not vulnerable:"; out " no DH EXPORT ciphers${ddtl_warning}"
fileout "logjam" "OK" "LOGJAM: not vulnerable, no DH EXPORT ciphers, $addtl_warning" "$cve" "$cwe"
fi
fi
outln
tmpfile_handle $FUNCNAME.txt
return 0
}
@ -9863,18 +9985,21 @@ run_drown() {
# Browser Exploit Against SSL/TLS: don't use CBC Ciphers in SSLv3 TLSv1.0
run_beast(){
local hexcode dash cbc_cipher sslvers kx auth enc mac export addcmd
local detected_proto
local -i sclient_success=0
local detected_cbc_ciphers=""
local hexc dash cbc_cipher sslvers auth mac export sni
local -a ciph hexcode normalized_hexcode kx enc export2
local proto proto_hex
local -i i nr_ciphers=0 sclient_success=0
local detected_cbc_ciphers="" ciphers_to_test
local higher_proto_supported=""
local -i sclient_success=0
local vuln_beast=false
local spaces=" "
local cr=$'\n'
local first=true
local continued=false
local cbc_cipher_list="EXP-RC2-CBC-MD5:IDEA-CBC-SHA:EXP-DES-CBC-SHA:DES-CBC-SHA:DES-CBC3-SHA:EXP-DH-DSS-DES-CBC-SHA:DH-DSS-DES-CBC-SHA:DH-DSS-DES-CBC3-SHA:EXP-DH-RSA-DES-CBC-SHA:DH-RSA-DES-CBC-SHA:DH-RSA-DES-CBC3-SHA:EXP-EDH-DSS-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:EDH-DSS-DES-CBC3-SHA:EXP-EDH-RSA-DES-CBC-SHA:EDH-RSA-DES-CBC-SHA:EDH-RSA-DES-CBC3-SHA:EXP-ADH-DES-CBC-SHA:ADH-DES-CBC-SHA:ADH-DES-CBC3-SHA:KRB5-DES-CBC-SHA:KRB5-DES-CBC3-SHA:KRB5-IDEA-CBC-SHA:KRB5-DES-CBC-MD5:KRB5-DES-CBC3-MD5:KRB5-IDEA-CBC-MD5:EXP-KRB5-DES-CBC-SHA:EXP-KRB5-RC2-CBC-SHA:EXP-KRB5-DES-CBC-MD5:EXP-KRB5-RC2-CBC-MD5:AES128-SHA:DH-DSS-AES128-SHA:DH-RSA-AES128-SHA:DHE-DSS-AES128-SHA:DHE-RSA-AES128-SHA:ADH-AES128-SHA:AES256-SHA:DH-DSS-AES256-SHA:DH-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ADH-AES256-SHA:AES128-SHA256:AES256-SHA256:DH-DSS-AES128-SHA256:DH-RSA-AES128-SHA256:DHE-DSS-AES128-SHA256:CAMELLIA128-SHA:DH-DSS-CAMELLIA128-SHA:DH-RSA-CAMELLIA128-SHA:DHE-DSS-CAMELLIA128-SHA:DHE-RSA-CAMELLIA128-SHA:ADH-CAMELLIA128-SHA:EXP1024-DES-CBC-SHA:EXP1024-DHE-DSS-DES-CBC-SHA:DHE-RSA-AES128-SHA256:DH-DSS-AES256-SHA256:DH-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:DHE-RSA-AES256-SHA256:ADH-AES128-SHA256:ADH-AES256-SHA256:CAMELLIA256-SHA:DH-DSS-CAMELLIA256-SHA:DH-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:DHE-RSA-CAMELLIA256-SHA:ADH-CAMELLIA256-SHA:PSK-3DES-EDE-CBC-SHA:PSK-AES128-CBC-SHA:PSK-AES256-CBC-SHA:SEED-SHA:DH-DSS-SEED-SHA:DH-RSA-SEED-SHA:DHE-DSS-SEED-SHA:DHE-RSA-SEED-SHA:ADH-SEED-SHA:ECDH-ECDSA-DES-CBC3-SHA:ECDH-ECDSA-AES128-SHA:ECDH-ECDSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-RSA-AES128-SHA:ECDH-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AECDH-DES-CBC3-SHA:AECDH-AES128-SHA:AECDH-AES256-SHA:SRP-3DES-EDE-CBC-SHA:SRP-RSA-3DES-EDE-CBC-SHA:SRP-DSS-3DES-EDE-CBC-SHA:SRP-AES-128-CBC-SHA:SRP-RSA-AES-128-CBC-SHA:SRP-DSS-AES-128-CBC-SHA:SRP-AES-256-CBC-SHA:SRP-RSA-AES-256-CBC-SHA:SRP-DSS-AES-256-CBC-SHA:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDH-ECDSA-AES128-SHA256:ECDH-ECDSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDH-RSA-AES128-SHA256:ECDH-RSA-AES256-SHA384:RC2-CBC-MD5:EXP-RC2-CBC-MD5:IDEA-CBC-MD5:DES-CBC-MD5:DES-CBC3-MD5"
local cbc_cipher_list="ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:SRP-DSS-AES-256-CBC-SHA:SRP-RSA-AES-256-CBC-SHA:SRP-AES-256-CBC-SHA:DHE-PSK-AES256-CBC-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DH-RSA-AES256-SHA:DH-DSS-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:DH-RSA-CAMELLIA256-SHA:DH-DSS-CAMELLIA256-SHA:AECDH-AES256-SHA:ADH-AES256-SHA:ADH-CAMELLIA256-SHA:ECDH-RSA-AES256-SHA:ECDH-ECDSA-AES256-SHA:AES256-SHA:ECDHE-PSK-AES256-CBC-SHA:CAMELLIA256-SHA:RSA-PSK-AES256-CBC-SHA:PSK-AES256-CBC-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:SRP-DSS-AES-128-CBC-SHA:SRP-RSA-AES-128-CBC-SHA:SRP-AES-128-CBC-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:DH-RSA-AES128-SHA:DH-DSS-AES128-SHA:DHE-RSA-SEED-SHA:DHE-DSS-SEED-SHA:DH-RSA-SEED-SHA:DH-DSS-SEED-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-DSS-CAMELLIA128-SHA:DH-RSA-CAMELLIA128-SHA:DH-DSS-CAMELLIA128-SHA:AECDH-AES128-SHA:ADH-AES128-SHA:ADH-SEED-SHA:ADH-CAMELLIA128-SHA:ECDH-RSA-AES128-SHA:ECDH-ECDSA-AES128-SHA:AES128-SHA:ECDHE-PSK-AES128-CBC-SHA:DHE-PSK-AES128-CBC-SHA:SEED-SHA:CAMELLIA128-SHA:IDEA-CBC-SHA:RSA-PSK-AES128-CBC-SHA:PSK-AES128-CBC-SHA:KRB5-IDEA-CBC-SHA:KRB5-IDEA-CBC-MD5:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:SRP-DSS-3DES-EDE-CBC-SHA:SRP-RSA-3DES-EDE-CBC-SHA:SRP-3DES-EDE-CBC-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DH-RSA-DES-CBC3-SHA:DH-DSS-DES-CBC3-SHA:AECDH-DES-CBC3-SHA:ADH-DES-CBC3-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-ECDSA-DES-CBC3-SHA:DES-CBC3-SHA:RSA-PSK-3DES-EDE-CBC-SHA:PSK-3DES-EDE-CBC-SHA:KRB5-DES-CBC3-SHA:KRB5-DES-CBC3-MD5:ECDHE-PSK-3DES-EDE-CBC-SHA:DHE-PSK-3DES-EDE-CBC-SHA:EXP1024-DHE-DSS-DES-CBC-SHA:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DH-RSA-DES-CBC-SHA:DH-DSS-DES-CBC-SHA:ADH-DES-CBC-SHA:EXP1024-DES-CBC-SHA:DES-CBC-SHA:KRB5-DES-CBC-SHA:KRB5-DES-CBC-MD5:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-ADH-DES-CBC-SHA:EXP-DES-CBC-SHA:EXP-RC2-CBC-MD5:EXP-KRB5-RC2-CBC-SHA:EXP-KRB5-DES-CBC-SHA:EXP-KRB5-RC2-CBC-MD5:EXP-KRB5-DES-CBC-MD5:EXP-DH-DSS-DES-CBC-SHA:EXP-DH-RSA-DES-CBC-SHA"
local cbc_ciphers_hex="c0,14, c0,0a, c0,22, c0,21, c0,20, 00,91, 00,39, 00,38, 00,37, 00,36, 00,88, 00,87, 00,86, 00,85, c0,19, 00,3a, 00,89, c0,0f, c0,05, 00,35, c0,36, 00,84, 00,95, 00,8d, c0,13, c0,09, c0,1f, c0,1e, c0,1d, 00,33, 00,32, 00,31, 00,30, 00,9a, 00,99, 00,98, 00,97, 00,45, 00,44, 00,43, 00,42, c0,18, 00,34, 00,9b, 00,46, c0,0e, c0,04, 00,2f, c0,35, 00,90, 00,96, 00,41, 00,07, 00,94, 00,8c, 00,21, 00,25, c0,12, c0,08, c0,1c, c0,1b, c0,1a, 00,16, 00,13, 00,10, 00,0d, c0,17, 00,1b, c0,0d, c0,03, 00,0a, 00,93, 00,8b, 00,1f, 00,23, c0,34, 00,8f, 00,63, 00,15, 00,12, 00,0f, 00,0c, 00,1a, 00,62, 00,09, 00,1e, 00,22, 00,14, 00,11, 00,19, 00,08, 00,06, 00,27, 00,26, 00,2a, 00,29, 00,0b, 00,0e"
local has_dh_bits="$HAS_DH_BITS"
local using_sockets=true
local cve="CVE-2011-3389"
local cwe="CWE-20"
local hint=""
@ -9887,9 +10012,48 @@ run_beast(){
outln
fi
pr_bold " BEAST"; out " ($cve) "
# output in wide mode if cipher doesn't exist is not ok
>$ERRFILE
"$SSL_NATIVE" && using_sockets=false
[[ $TLS_NR_CIPHERS == 0 ]] && using_sockets=false
if "$using_sockets" || [[ $OSSL_VER_MAJOR -lt 1 ]]; then
for (( i=0; i < TLS_NR_CIPHERS; i++ )); do
hexc="${TLS_CIPHER_HEXCODE[i]}"
if [[ ${#hexc} -eq 9 ]] && [[ "${TLS_CIPHER_RFC_NAME[i]}" =~ CBC ]] && \
[[ ! "${TLS_CIPHER_RFC_NAME[i]}" =~ "SHA256" ]] && [[ ! "${TLS_CIPHER_RFC_NAME[i]}" =~ "SHA384" ]]; then
cbc_cipher_list_hex+=", ${hexc:2:2},${hexc:7:2}"
ciph[nr_ciphers]="${TLS_CIPHER_OSSL_NAME[i]}"
hexcode[nr_ciphers]="${hexc:2:2},${hexc:7:2}"
rfc_ciph[nr_ciphers]="${TLS_CIPHER_RFC_NAME[i]}"
kx[nr_ciphers]="${TLS_CIPHER_KX[i]}"
enc[nr_ciphers]="${TLS_CIPHER_ENC[i]}"
export2[nr_ciphers]="${TLS_CIPHER_EXPORT[i]}"
ossl_supported[nr_ciphers]=${TLS_CIPHER_OSSL_SUPPORTED[i]}
if "$using_sockets" && "$WIDE" && ! "$has_dh_bits" && \
( [[ ${kx[nr_ciphers]} == "Kx=ECDH" ]] || [[ ${kx[nr_ciphers]} == "Kx=DH" ]] || [[ ${kx[nr_ciphers]} == "Kx=EDH" ]] ); then
ossl_supported[nr_ciphers]=false
fi
if [[ "${hexc:2:2}" == "00" ]]; then
normalized_hexcode[nr_ciphers]="x${hexc:7:2}"
else
normalized_hexcode[nr_ciphers]="x${hexc:2:2}${hexc:7:2}"
fi
nr_ciphers+=1
fi
done
cbc_cipher_list_hex="${cbc_cipher_list_hex:2}"
else
while read hexc dash ciph[nr_ciphers] sslvers kx[nr_ciphers] auth enc[nr_ciphers] mac export2[nr_ciphers]; do
if [[ ":${cbc_cipher_list}:" =~ ":${ciph[nr_ciphers]}:" ]]; then
ossl_supported[nr_ciphers]=true
if [[ "${hexc:2:2}" == "00" ]]; then
normalized_hexcode[nr_ciphers]="x${hexc:7:2}"
else
normalized_hexcode[nr_ciphers]="x${hexc:2:2}${hexc:7:2}"
fi
nr_ciphers+=1
fi
done < <($OPENSSL ciphers -tls1 -V 'ALL:COMPLEMENTOFALL:@STRENGTH' 2>>$ERRFILE)
fi
# first determine whether it's mitigated by higher protocols
for proto in tls1_1 tls1_2; do
@ -9900,17 +10064,21 @@ run_beast(){
done
for proto in ssl3 tls1; do
if [[ "$proto" == "ssl3" ]] && ! locally_supported "-$proto"; then
if [[ "$proto" == "ssl3" ]] && ! "$using_sockets" && ! locally_supported "-$proto"; then
continued=true
out " "
continue
fi
addcmd=""
[[ ! "$proto" =~ ssl ]] && addcmd="$SNI"
$OPENSSL s_client -"$proto" $STARTTLS $BUGS -connect $NODEIP:$PORT $PROXY $addcmd >$TMPFILE 2>>$ERRFILE </dev/null
if ! sclient_connect_successful $? $TMPFILE; then # protocol supported?
if [[ "$proto" != "ssl3" ]] || "$HAS_SSL3"; then
[[ ! "$proto" =~ ssl ]] && sni="$SNI" || sni=""
$OPENSSL s_client -"$proto" $STARTTLS $BUGS -connect $NODEIP:$PORT $PROXY $sni >$TMPFILE 2>>$ERRFILE </dev/null
sclient_connect_successful $? $TMPFILE
else
tls_sockets "00" "$TLS_CIPHER"
fi
if [[ $? -ne 0 ]]; then # protocol supported?
if "$continued"; then # second round: we hit TLS1
if "$HAS_SSL3"; then
if "$HAS_SSL3" || "$using_sockets"; then
pr_done_goodln "no SSL3 or TLS1 (OK)"
fileout "beast" "OK" "BEAST: not vulnerable, no SSL3 or TLS1" "$cve" "$cwe"
else
@ -9921,59 +10089,108 @@ run_beast(){
else # protocol not succeeded but it's the first time
continued=true
continue # protocol not supported, so we do not need to check each cipher with that protocol
"$WIDE" && outln
fi
fi # protocol succeeded
# now we test in one shot with the precompiled ciphers
$OPENSSL s_client -"$proto" -cipher "$cbc_cipher_list" $STARTTLS $BUGS -connect $NODEIP:$PORT $PROXY $addcmd >$TMPFILE 2>>$ERRFILE </dev/null
if "$using_sockets"; then
case "$proto" in
"ssl3") proto_hex="00" ;;
"tls1") proto_hex="01" ;;
esac
tls_sockets "$proto_hex" "$cbc_cipher_list_hex"
[[ $? -eq 0 ]] || continue
else
$OPENSSL s_client -"$proto" -cipher "$cbc_cipher_list" $STARTTLS $BUGS -connect $NODEIP:$PORT $PROXY $sni >$TMPFILE 2>>$ERRFILE </dev/null
sclient_connect_successful $? $TMPFILE || continue
fi
if "$WIDE"; then
detected_cbc_ciphers=""
for ((i=0; i<nr_ciphers; i++)); do
ciphers_found[i]=false
sigalg[nr_ciphers]=""
done
while true; do
ciphers_to_test=""
for (( i=0; i < nr_ciphers; i++ )); do
! "${ciphers_found[i]}" && "${ossl_supported[i]}" && ciphers_to_test+=":${ciph[i]}"
done
[[ -z "$ciphers_to_test" ]] && break
$OPENSSL s_client -cipher "${ciphers_to_test:1}" -"$proto" $STARTTLS $BUGS -connect $NODEIP:$PORT $PROXY $sni >$TMPFILE 2>>$ERRFILE </dev/null
sclient_connect_successful $? $TMPFILE || break
cbc_cipher=$(awk '/Cipher *:/ { print $3 }' $TMPFILE)
[[ -z "$cbc_cipher" ]] && break
for (( i=0; i < nr_ciphers; i++ )); do
[[ "$cbc_cipher" == "${ciph[i]}" ]] && break
done
ciphers_found[i]=true
detected_cbc_ciphers+=" ${ciph[i]}"
vuln_beast=true
if "$WIDE" && ( [[ ${kx[i]} == "Kx=ECDH" ]] || [[ ${kx[i]} == "Kx=DH" ]] || [[ ${kx[i]} == "Kx=EDH" ]] ); then
dhlen=$(read_dhbits_from_file "$TMPFILE" quiet)
kx[i]="${kx[i]} $dhlen"
fi
"$WIDE" && "$SHOW_SIGALGO" && grep -q "\-\-\-\-\-BEGIN CERTIFICATE\-\-\-\-\-" $TMPFILE && \
sigalg[i]="$($OPENSSL x509 -noout -text -in $TMPFILE | awk -F':' '/Signature Algorithm/ { print $2 }' | head -1)"
done
if "$using_sockets"; then
while true; do
ciphers_to_test=""
for (( i=0; i < nr_ciphers; i++ )); do
! "${ciphers_found[i]}" && ciphers_to_test+=", ${hexcode[i]}"
done
[[ -z "$ciphers_to_test" ]] && break
if "$SHOW_SIGALGO"; then
tls_sockets "$proto_hex" "${ciphers_to_test:2}, 00,ff" "all"
else
tls_sockets "$proto_hex" "${ciphers_to_test:2}, 00,ff" "ephemeralkey"
fi
[[ $? -ne 0 ]] && break
cbc_cipher=$(awk '/Cipher *:/ { print $3 }' "$TEMPDIR/$NODEIP.parse_tls_serverhello.txt")
for (( i=0; i < nr_ciphers; i++ )); do
[[ "$cbc_cipher" == "${rfc_ciph[i]}" ]] && break
done
ciphers_found[i]=true
if [[ "${ciph[i]}" != "-" ]]; then
detected_cbc_ciphers+=" ${ciph[i]}"
else
detected_cbc_ciphers+=" ${rfc_ciph[i]}"
fi
vuln_beast=true
if "$WIDE" && ( [[ ${kx[i]} == "Kx=ECDH" ]] || [[ ${kx[i]} == "Kx=DH" ]] || [[ ${kx[i]} == "Kx=EDH" ]] ); then
dhlen=$(read_dhbits_from_file "$TEMPDIR/$NODEIP.parse_tls_serverhello.txt" quiet)
kx[i]="${kx[i]} $dhlen"
fi
"$WIDE" && "$SHOW_SIGALGO" && [[ -r "$HOSTCERT" ]] && \
sigalg[i]="$($OPENSSL x509 -noout -text -in "$HOSTCERT" | awk -F':' '/Signature Algorithm/ { print $2 }' | head -1)"
done
fi
if "$WIDE" && [[ -n "$detected_cbc_ciphers" ]]; then
out "\n "; pr_underline "$(toupper $proto):\n";
if "$first"; then
neat_header # NOT_THAT_NICE: we display the header also if in the end no cbc cipher is available on the client side
neat_header
fi
fi
for ciph in $(colon_to_spaces "$cbc_cipher_list"); do
read hexcode dash cbc_cipher sslvers kx auth enc mac < <($OPENSSL ciphers -V "$ciph" 2>>$ERRFILE) # -V doesn't work with openssl < 1.0
# ^^^^^ process substitution as shopt will either segfault or doesn't work with old bash versions
$OPENSSL s_client -cipher "$cbc_cipher" -"$proto" $STARTTLS $BUGS -connect $NODEIP:$PORT $PROXY $addcmd >$TMPFILE 2>>$ERRFILE </dev/null
sclient_connect_successful $? $TMPFILE
sclient_success=$?
if [[ $sclient_success -eq 0 ]]; then
vuln_beast=true
"$WIDE" && first=false
fi
if "$WIDE"; then
normalize_ciphercode "$hexcode"
first=false
for (( i=0; i < nr_ciphers; i++ )); do
if "${ciphers_found[i]}" || "$SHOW_EACH_C"; then
export="${export2[i]}"
neat_list "$(tolower "${normalized_hexcode[i]}")" "${ciph[i]}" "${kx[i]}" "${enc[i]}"
if "$SHOW_EACH_C"; then
[[ -z "$hexcode" ]] && continue
neat_list "$HEXC" "$cbc_cipher" "$kx" "$enc" #why this is needed?
if [[ $sclient_success -eq 0 ]]; then
if "${ciphers_found[i]}"; then
if [[ -n "$higher_proto_supported" ]]; then
pr_svrty_minorln "available"
pr_svrty_minor "available"
else
pr_svrty_mediumln "available"
fi
else
outln "not a/v"
pr_svrty_medium "available"
fi
else
if [[ $sclient_success -eq 0 ]]; then
neat_list "$HEXC" "$cbc_cipher" "$kx" "$enc"
outln
out "not a/v"
fi
fi
else # short display:
if [[ $sclient_success -eq 0 ]]; then
detected_cbc_ciphers="$detected_cbc_ciphers ""$(grep -aw "Cipher" $TMPFILE | egrep -avw "New|is" | sed -e 's/^.*Cipher.*://' -e 's/ //g')"
vuln_beast=true
fi
outln "${sigalg[i]}"
fi
done
fi
if ! "$WIDE"; then
if [[ -n "$detected_cbc_ciphers" ]]; then
@ -10029,6 +10246,7 @@ run_beast(){
fi
"$first" && ! "$vuln_beast" && pr_done_goodln "no CBC ciphers found for any protocol (OK)"
"$using_sockets" && HAS_DH_BITS="$has_dh_bits"
tmpfile_handle $FUNCNAME.txt
return 0
}
@ -11135,14 +11353,22 @@ get_caa_rr_record() {
# No dig, host, or nslookup --> complaint was elsewhere already and except for one which has drill only we don't get here
fi
OPENSSL_CONF="$saved_openssl_conf" # see https://github.com/drwetter/testssl.sh/issues/134
# try to convert old return values
if [[ "$caa" =~ ^[A-F0-9]+$ ]]; then
caa=${caa:4:100} # ignore the first 4 bytes
caa=$(hex2ascii "$caa" | sed 's/^issue//g')
else
caa=${caa//\"/} # strip "
fi
echo "$caa"
return 0
# to do:
# 1: check old binaries whether they support this record at all
# 2: check whether hexstring is returned and deal with it
# done (2: check whether hexstring is returned and deal with it)
# 3: check more than domainname, see https://tools.ietf.org/html/rfc6844#section-3
# 4: check whether $1 is a CNAME and take this
# 5: query with drill
return 0
}
get_mx_record() {

View File

@ -324,6 +324,21 @@ get_weak_dh_ciphers() {
outln "exportdhe_cipher_list_hex=\"${exportdhe_cipher_list_hex:2}\""
}
get_dhe_ciphers() {
local -i
local hexc all_dhe_ciphers=""
for (( i=0; i < TLS_NR_CIPHERS; i++ )); do
if [[ "${TLS_CIPHER_RFC_NAME[i]}" == "TLS_DHE_"* ]] || [[ "${TLS_CIPHER_RFC_NAME[i]}" == "TLS_DH_anon_"* ]]; then
hexc="${TLS_CIPHER_HEXCODE[i]}"
all_dhe_ciphers+=", ${hexc:2:2},${hexc:7:2}"
fi
done
outln; pr_underline "All DHE ciphers for run_logjam()"; outln
outln "all_dhe_ciphers=\"$(tolower "${all_dhe_ciphers:2}")\""
}
get_mapping_file
get_robust_pfs_ciphers
get_std_cipherlists
@ -331,6 +346,7 @@ get_cbc_ciphers
get_sslv3_tls1_cbc_ciphers
get_export_rsa_ciphers
get_weak_dh_ciphers
get_dhe_ciphers
outln
exit $?