mirror of
https://github.com/drwetter/testssl.sh.git
synced 2025-01-22 08:29:31 +01:00
commit
15e6fb4c9c
37
CHANGELOG.md
37
CHANGELOG.md
@ -21,7 +21,7 @@
|
|||||||
* Detect better when no STARTTLS is offered
|
* Detect better when no STARTTLS is offered
|
||||||
* Rating (SSL Labs, not complete)
|
* Rating (SSL Labs, not complete)
|
||||||
* Don't penalize missing trust in rating when CA not in Java store
|
* Don't penalize missing trust in rating when CA not in Java store
|
||||||
* Added support for certificates with EdDSA signatures and pubilc keys
|
* Added support for certificates with EdDSA signatures and public keys
|
||||||
* --add-ca can also now be a directory with \*.pem files
|
* --add-ca can also now be a directory with \*.pem files
|
||||||
* Warning of 398 day limit for certificates issued after 2020/9/1
|
* Warning of 398 day limit for certificates issued after 2020/9/1
|
||||||
* Added environment variable for amount of attempts for ssl renegotiation check
|
* Added environment variable for amount of attempts for ssl renegotiation check
|
||||||
@ -32,7 +32,6 @@
|
|||||||
* Added --reqheader to support custom headers in HTTP requests
|
* Added --reqheader to support custom headers in HTTP requests
|
||||||
* Test for support for RFC 8879 certificate compression
|
* Test for support for RFC 8879 certificate compression
|
||||||
|
|
||||||
|
|
||||||
### Features implemented / improvements in 3.0
|
### Features implemented / improvements in 3.0
|
||||||
|
|
||||||
* Full support of TLS 1.3, shows also drafts supported
|
* Full support of TLS 1.3, shows also drafts supported
|
||||||
@ -48,7 +47,7 @@
|
|||||||
* Socket timeouts (``--connect-timeout``)
|
* Socket timeouts (``--connect-timeout``)
|
||||||
* IDN/IDN2 servername/URI + emoji support, supposed libidn/idn2 is installed and DNS resolver is recent) support
|
* IDN/IDN2 servername/URI + emoji support, supposed libidn/idn2 is installed and DNS resolver is recent) support
|
||||||
* Initial support for certificate compression
|
* Initial support for certificate compression
|
||||||
* Better JSON output: renamed IDs and findings shorter/better parsable, also includes certficate
|
* Better JSON output: renamed IDs and findings shorter/better parsable, also includes certificate
|
||||||
* JSON output now valid also for non-responding servers
|
* JSON output now valid also for non-responding servers
|
||||||
* Testing now per default 370 ciphers
|
* Testing now per default 370 ciphers
|
||||||
* Further improving the robustness of TLS sockets (sending and parsing)
|
* Further improving the robustness of TLS sockets (sending and parsing)
|
||||||
@ -82,7 +81,7 @@
|
|||||||
* Support for NNTP and LMTP via STARTTLS, fixes for MySQL and PostgresQL
|
* Support for NNTP and LMTP via STARTTLS, fixes for MySQL and PostgresQL
|
||||||
* Support for SNI and STARTTLS
|
* Support for SNI and STARTTLS
|
||||||
* More robustness for any STARTTLS protocol (fall back to plaintext while in TLS caused problems)
|
* More robustness for any STARTTLS protocol (fall back to plaintext while in TLS caused problems)
|
||||||
* Renegotiation checks improved, also no false potive for Node.js anymore
|
* Renegotiation checks improved, also no false positive for Node.js anymore
|
||||||
* Major update of client simulations with self-collected up-to-date data
|
* Major update of client simulations with self-collected up-to-date data
|
||||||
* Update of CA certificate stores
|
* Update of CA certificate stores
|
||||||
* Lots of bug fixes
|
* Lots of bug fixes
|
||||||
@ -93,7 +92,7 @@
|
|||||||
|
|
||||||
* Way better coverage of ciphers as most checks are done via bash sockets where ever possible
|
* Way better coverage of ciphers as most checks are done via bash sockets where ever possible
|
||||||
* Further tests via TLS sockets and improvements (handshake parsing, completeness, robustness)
|
* Further tests via TLS sockets and improvements (handshake parsing, completeness, robustness)
|
||||||
* Testing 359 default ciphers (``testssl.sh -e/-E``) with a mixture of sockets and openssl. Same speed as with openssl only but addtional ciphers such as post-quantum ciphers, new CHAHA20/POLY1305, CamelliaGCM etc.
|
* Testing 359 default ciphers (``testssl.sh -e/-E``) with a mixture of sockets and openssl. Same speed as with openssl only but additional ciphers such as post-quantum ciphers, new CHAHA20/POLY1305, CamelliaGCM etc.
|
||||||
* TLS 1.2 protocol check via sockets in production
|
* TLS 1.2 protocol check via sockets in production
|
||||||
* Finding more TLS extensions via sockets
|
* Finding more TLS extensions via sockets
|
||||||
* TLS Supported Groups Registry (RFC 7919), key shares extension
|
* TLS Supported Groups Registry (RFC 7919), key shares extension
|
||||||
@ -115,7 +114,6 @@
|
|||||||
* Postgres und MySQL STARTTLS support
|
* Postgres und MySQL STARTTLS support
|
||||||
* Man page
|
* Man page
|
||||||
|
|
||||||
|
|
||||||
### New in 2.8
|
### New in 2.8
|
||||||
|
|
||||||
* Trust chain check against certificate stores from Apple (OS), Linux (OS),
|
* Trust chain check against certificate stores from Apple (OS), Linux (OS),
|
||||||
@ -137,7 +135,7 @@
|
|||||||
* Even more compatibility improvements for FreeBSD, NetBSD, Gentoo, RH-ish, F5 and Cisco systems
|
* Even more compatibility improvements for FreeBSD, NetBSD, Gentoo, RH-ish, F5 and Cisco systems
|
||||||
* Considerable speed improvements for each cipher runs (-e/-E)
|
* Considerable speed improvements for each cipher runs (-e/-E)
|
||||||
* More robust SSLv2 + TLS socket interface
|
* More robust SSLv2 + TLS socket interface
|
||||||
* seperate check for curves
|
* separate check for curves
|
||||||
* OpenSSL 1.1.0 compliant
|
* OpenSSL 1.1.0 compliant
|
||||||
* check for DROWN
|
* check for DROWN
|
||||||
* Whole number of bugs squashed
|
* Whole number of bugs squashed
|
||||||
@ -156,7 +154,7 @@
|
|||||||
* (HTTP) proxy support! Also with sockets -- thx @jnewbigin
|
* (HTTP) proxy support! Also with sockets -- thx @jnewbigin
|
||||||
* Extended validation certificate detection
|
* Extended validation certificate detection
|
||||||
* Run in default mode through all ciphers at the end of a default run
|
* Run in default mode through all ciphers at the end of a default run
|
||||||
* will test multiple IP adresses of one supplied server name in one shot, --ip= restricts it accordingly
|
* will test multiple IP addresses of one supplied server name in one shot, --ip= restricts it accordingly
|
||||||
* new mass testing file option --file option where testssl.sh commands are being read from, see https://twitter.com/drwetter/status/627619848344989696
|
* new mass testing file option --file option where testssl.sh commands are being read from, see https://twitter.com/drwetter/status/627619848344989696
|
||||||
* TLS time and HTTP time stamps
|
* TLS time and HTTP time stamps
|
||||||
* TLS time displayed also for STARTTLS protocols
|
* TLS time displayed also for STARTTLS protocols
|
||||||
@ -169,7 +167,6 @@
|
|||||||
|
|
||||||
Full log @ https://github.com/drwetter/testssl.sh/commits/2.6/testssl.sh
|
Full log @ https://github.com/drwetter/testssl.sh/commits/2.6/testssl.sh
|
||||||
|
|
||||||
|
|
||||||
### New in 2.4
|
### New in 2.4
|
||||||
* "only one cmd line option at a time" is completely gone
|
* "only one cmd line option at a time" is completely gone
|
||||||
* several tuning parameters on the cmd line (only available through environment variables b4): --assuming-http, --ssl-native, --sneaky, --warnings, --color, -- debug, --long
|
* several tuning parameters on the cmd line (only available through environment variables b4): --assuming-http, --ssl-native, --sneaky, --warnings, --color, -- debug, --long
|
||||||
@ -212,7 +209,7 @@ Full changelog @ https://github.com/drwetter/testssl.sh/commits/2.2/testssl.sh
|
|||||||
* tests ciphers per protocol
|
* tests ciphers per protocol
|
||||||
* HSTS
|
* HSTS
|
||||||
* web and application server banner
|
* web and application server banner
|
||||||
* server prefereences
|
* server preferences
|
||||||
* TLS server extensions
|
* TLS server extensions
|
||||||
* server key size
|
* server key size
|
||||||
* cipher suite mapping from openssl to RFC
|
* cipher suite mapping from openssl to RFC
|
||||||
@ -225,10 +222,10 @@ Full changelog @ https://github.com/drwetter/testssl.sh/commits/2.2/testssl.sh
|
|||||||
- IPv6 display fix
|
- IPv6 display fix
|
||||||
|
|
||||||
1.111
|
1.111
|
||||||
- NEW: tested unter FreeBSD (works with exception of xxd in CCS)
|
- NEW: tested under FreeBSD (works with exception of xxd in CCS)
|
||||||
- getent now works under Linux and FreeBSD
|
- getent now works under Linux and FreeBSD
|
||||||
- sed -i in hsts sacrificed for compatibility
|
- sed -i in hsts sacrificed for compatibility
|
||||||
- reomved query for IP for finishing banner, is now called once in parse_hn_port
|
- removed query for IP for finishing banner, is now called once in parse_hn_port
|
||||||
- GOST warning after banner
|
- GOST warning after banner
|
||||||
- empty build date is not displayed anymore
|
- empty build date is not displayed anymore
|
||||||
- long build date strings minimized
|
- long build date strings minimized
|
||||||
@ -318,16 +315,15 @@ Full changelog @ https://github.com/drwetter/testssl.sh/commits/2.2/testssl.sh
|
|||||||
1.91
|
1.91
|
||||||
- replaced most lcyan to brown (=not really bad but somehow)
|
- replaced most lcyan to brown (=not really bad but somehow)
|
||||||
- empty server string better displayed
|
- empty server string better displayed
|
||||||
- prefered CBC TLS 1.2 cipher is now brown (lucky13)
|
- preferred CBC TLS 1.2 cipher is now brown (lucky13)
|
||||||
|
|
||||||
1.90
|
1.90
|
||||||
- fix for netweaver banner (server is lowercase)
|
- fix for netweaver banner (server is lowercase)
|
||||||
- no server banner is no disadvantage (color code)
|
- no server banner is no disadvantage (color code)
|
||||||
|
|
||||||
|
|
||||||
1.89
|
1.89
|
||||||
- reordered! : protocols + cipher come first
|
- reordered! : protocols + cipher come first
|
||||||
- colorized prefered server preference (e.g. CBC+RC4 is light red now, TLSv1.2 green)
|
- colorized preferred server preference (e.g. CBC+RC4 is light red now, TLSv1.2 green)
|
||||||
- SSLv3 is now light cyan
|
- SSLv3 is now light cyan
|
||||||
- NEW: -P|--preference now in help menu
|
- NEW: -P|--preference now in help menu
|
||||||
- light cyan is more appropriate than red for HSTS
|
- light cyan is more appropriate than red for HSTS
|
||||||
@ -362,10 +358,10 @@ Full changelog @ https://github.com/drwetter/testssl.sh/commits/2.2/testssl.sh
|
|||||||
- headline of -V / PFS+RC4 ciphers unified
|
- headline of -V / PFS+RC4 ciphers unified
|
||||||
|
|
||||||
1.82
|
1.82
|
||||||
- NEW: output for -V now better (bits seperate, spacing improved)
|
- NEW: output for -V now better (bits separate, spacing improved)
|
||||||
|
|
||||||
1.81
|
1.81
|
||||||
- output for RC4+PFS now better (with headline, bits seperate, spacing improved)
|
- output for RC4+PFS now better (with headline, bits separate, spacing improved)
|
||||||
- both also sorted by encr. strength .. umm ..err bits!
|
- both also sorted by encr. strength .. umm ..err bits!
|
||||||
|
|
||||||
1.80
|
1.80
|
||||||
@ -390,7 +386,7 @@ Full changelog @ https://github.com/drwetter/testssl.sh/commits/2.2/testssl.sh
|
|||||||
- removed legacy code (PROD_REL var)
|
- removed legacy code (PROD_REL var)
|
||||||
|
|
||||||
1.76
|
1.76
|
||||||
- bash was gone!! desaster for Ubuntu, fixed
|
- bash was gone!! disaster for Ubuntu, fixed
|
||||||
- starttls+rc4 check: bottom line was wrong
|
- starttls+rc4 check: bottom line was wrong
|
||||||
- starttls had too much output (certificate) at first a/v check
|
- starttls had too much output (certificate) at first a/v check
|
||||||
|
|
||||||
@ -471,7 +467,6 @@ Full changelog @ https://github.com/drwetter/testssl.sh/commits/2.2/testssl.sh
|
|||||||
default now and there's a comment
|
default now and there's a comment
|
||||||
* openssl version + path to it in the banner
|
* openssl version + path to it in the banner
|
||||||
|
|
||||||
|
|
||||||
1.20
|
1.20
|
||||||
* bugfix (ssl in ssl handshake failure is sometimes too much)
|
* bugfix (ssl in ssl handshake failure is sometimes too much)
|
||||||
* date in output
|
* date in output
|
||||||
@ -480,13 +475,13 @@ Full changelog @ https://github.com/drwetter/testssl.sh/commits/2.2/testssl.sh
|
|||||||
1.19
|
1.19
|
||||||
* bugfix
|
* bugfix
|
||||||
1.18
|
1.18
|
||||||
* Rearragement of arguments: URL comes now always last!
|
* Rearrangement of arguments: URL comes now always last!
|
||||||
* small code cleanups for readability
|
* small code cleanups for readability
|
||||||
* individual cipher test is now with bold headline, not blue
|
* individual cipher test is now with bold headline, not blue
|
||||||
* NOPARANOID flag tells whether medium grade ciphers are ok. NOW they are (=<1.17 was paranoid)
|
* NOPARANOID flag tells whether medium grade ciphers are ok. NOW they are (=<1.17 was paranoid)
|
||||||
|
|
||||||
1.17
|
1.17
|
||||||
* SSL tests now for renegotiation vulnerabilty!
|
* SSL tests now for renegotiation vulnerability!
|
||||||
* version detection of testssl.sh
|
* version detection of testssl.sh
|
||||||
* program has a banner
|
* program has a banner
|
||||||
* fixed bug leading to a file named "1"
|
* fixed bug leading to a file named "1"
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
|
|
||||||
### Contributions / participation
|
### Contributions / participation
|
||||||
|
|
||||||
is always welcome, here @ gihub or via e-mail.
|
is always welcome, here @ github or via e-mail.
|
||||||
|
|
||||||
Note please the following
|
Note please the following
|
||||||
|
|
||||||
|
@ -98,7 +98,7 @@ Full contribution, see git log.
|
|||||||
- LibreSSL patch
|
- LibreSSL patch
|
||||||
|
|
||||||
* Jean Marsault
|
* Jean Marsault
|
||||||
- client auth: ideas, code snipplets
|
- client auth: ideas, code snippets
|
||||||
|
|
||||||
* Thomas Martens
|
* Thomas Martens
|
||||||
- adding colorblind option
|
- adding colorblind option
|
||||||
|
@ -70,4 +70,3 @@ Bash is actually quite powerful -- not only with respect to sockets. It's not as
|
|||||||
* Unit tests are done automatically done with Perl using Travis. The trigger is `~/.travis.yml`. The general documentation for [Test::More](https://perldoc.perl.org/Test/More.html) is a good start. You are encouraged to write own checks. You can use e.g. `t/20_baseline_ipv4_http.t` as an example.
|
* Unit tests are done automatically done with Perl using Travis. The trigger is `~/.travis.yml`. The general documentation for [Test::More](https://perldoc.perl.org/Test/More.html) is a good start. You are encouraged to write own checks. You can use e.g. `t/20_baseline_ipv4_http.t` as an example.
|
||||||
* If it's an OpenSSL feature you want to use and it could be not available for older OpenSSL versions testssl.sh needs to find out whether OpenSSL has that feature. Best do this with OpenSSL itself and not by checking the version as some vendors do backports. See the examples for `HAS_SSL2` or proxy option check of OpenSSL in `check_proxy()`.
|
* If it's an OpenSSL feature you want to use and it could be not available for older OpenSSL versions testssl.sh needs to find out whether OpenSSL has that feature. Best do this with OpenSSL itself and not by checking the version as some vendors do backports. See the examples for `HAS_SSL2` or proxy option check of OpenSSL in `check_proxy()`.
|
||||||
* If a feature of OpenSSL is not available you need to tell this the user by using `pr_warning*()`. Or accordingly with `fatal()` if a continuation of the program doesn't make sense anymore.
|
* If a feature of OpenSSL is not available you need to tell this the user by using `pr_warning*()`. Or accordingly with `fatal()` if a continuation of the program doesn't make sense anymore.
|
||||||
|
|
||||||
|
10
LICENSE
10
LICENSE
@ -1,7 +1,7 @@
|
|||||||
GNU GENERAL PUBLIC LICENSE
|
GNU GENERAL PUBLIC LICENSE
|
||||||
Version 2, June 1991
|
Version 2, June 1991
|
||||||
|
|
||||||
Copyright (C) 1989, 1991 Free Software Foundation, Inc., <http://fsf.org/>
|
Copyright (C) 1989, 1991 Free Software Foundation, Inc.,
|
||||||
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
|
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
|
||||||
Everyone is permitted to copy and distribute verbatim copies
|
Everyone is permitted to copy and distribute verbatim copies
|
||||||
of this license document, but changing it is not allowed.
|
of this license document, but changing it is not allowed.
|
||||||
@ -290,8 +290,8 @@ to attach them to the start of each source file to most effectively
|
|||||||
convey the exclusion of warranty; and each file should have at least
|
convey the exclusion of warranty; and each file should have at least
|
||||||
the "copyright" line and a pointer to where the full notice is found.
|
the "copyright" line and a pointer to where the full notice is found.
|
||||||
|
|
||||||
{description}
|
<one line to give the program's name and a brief idea of what it does.>
|
||||||
Copyright (C) {year} {fullname}
|
Copyright (C) <year> <name of author>
|
||||||
|
|
||||||
This program is free software; you can redistribute it and/or modify
|
This program is free software; you can redistribute it and/or modify
|
||||||
it under the terms of the GNU General Public License as published by
|
it under the terms of the GNU General Public License as published by
|
||||||
@ -329,7 +329,7 @@ necessary. Here is a sample; alter the names:
|
|||||||
Yoyodyne, Inc., hereby disclaims all copyright interest in the program
|
Yoyodyne, Inc., hereby disclaims all copyright interest in the program
|
||||||
`Gnomovision' (which makes passes at compilers) written by James Hacker.
|
`Gnomovision' (which makes passes at compilers) written by James Hacker.
|
||||||
|
|
||||||
{signature of Ty Coon}, 1 April 1989
|
<signature of Ty Coon>, 1 April 1989
|
||||||
Ty Coon, President of Vice
|
Ty Coon, President of Vice
|
||||||
|
|
||||||
This General Public License does not permit incorporating your program into
|
This General Public License does not permit incorporating your program into
|
||||||
|
@ -130,5 +130,3 @@ Enjoy, Dirk
|
|||||||
[1] https://en.wikipedia.org/wiki/GOST_%29block_cipher%29
|
[1] https://en.wikipedia.org/wiki/GOST_%29block_cipher%29
|
||||||
|
|
||||||
[2] http://fossies.org/linux/openssl/engines/ccgost/README.gost
|
[2] http://fossies.org/linux/openssl/engines/ccgost/README.gost
|
||||||
|
|
||||||
|
|
||||||
|
@ -125,7 +125,7 @@ Please note that \fBfname\fR has to be in Unix format\. DOS carriage returns won
|
|||||||
\fB\-\-mode <serial|parallel>\fR\. Mass testing to be done serial (default) or parallel (\fB\-\-parallel\fR is shortcut for the latter, \fB\-\-serial\fR is the opposite option)\. Per default mass testing is being run in serial mode, i\.e\. one line after the other is processed and invoked\. The variable \fBMASS_TESTING_MODE\fR can be defined to be either equal \fBserial\fR or \fBparallel\fR\.
|
\fB\-\-mode <serial|parallel>\fR\. Mass testing to be done serial (default) or parallel (\fB\-\-parallel\fR is shortcut for the latter, \fB\-\-serial\fR is the opposite option)\. Per default mass testing is being run in serial mode, i\.e\. one line after the other is processed and invoked\. The variable \fBMASS_TESTING_MODE\fR can be defined to be either equal \fBserial\fR or \fBparallel\fR\.
|
||||||
.
|
.
|
||||||
.P
|
.P
|
||||||
\fB\-\-warnings <batch|off>\fR\. The warnings parameter determines how testssl\.sh will deal with situations where user input normally will be necessary\. There are two options\. \fBbatch\fR doesn\'t wait for a confirming keypress when a client\- or server\-side probem is encountered\. As of 3\.0 it just then terminates the particular scan\. This is automatically chosen for mass testing (\fB\-\-file\fR)\. \fBoff\fR just skips the warning, the confirmation but continues the scan, independent whether it makes sense or not\. Please note that there are conflicts where testssl\.sh will still ask for confirmation which are the ones which otherwise would have a drastic impact on the results\. Almost any other decision will be made in the future as a best guess by testssl\.sh\. The same can be achieved by setting the environment variable \fBWARNINGS\fR\.
|
\fB\-\-warnings <batch|off>\fR\. The warnings parameter determines how testssl\.sh will deal with situations where user input normally will be necessary\. There are two options\. \fBbatch\fR doesn\'t wait for a confirming keypress when a client\- or server\-side problem is encountered\. As of 3\.0 it just then terminates the particular scan\. This is automatically chosen for mass testing (\fB\-\-file\fR)\. \fBoff\fR just skips the warning, the confirmation but continues the scan, independent whether it makes sense or not\. Please note that there are conflicts where testssl\.sh will still ask for confirmation which are the ones which otherwise would have a drastic impact on the results\. Almost any other decision will be made in the future as a best guess by testssl\.sh\. The same can be achieved by setting the environment variable \fBWARNINGS\fR\.
|
||||||
.
|
.
|
||||||
.P
|
.P
|
||||||
\fB\-\-connect\-timeout <seconds>\fR This is useful for socket TCP connections to a node\. If the node does not complete a TCP handshake (e\.g\. because it is down or behind a firewall or there\'s an IDS or a tarpit) testssl\.sh may usually hang for around 2 minutes or even much more\. This parameter instructs testssl\.sh to wait at most \fBseconds\fR for the handshake to complete before giving up\. This option only works if your OS has a timeout binary installed\. CONNECT_TIMEOUT is the corresponding environment variable\.
|
\fB\-\-connect\-timeout <seconds>\fR This is useful for socket TCP connections to a node\. If the node does not complete a TCP handshake (e\.g\. because it is down or behind a firewall or there\'s an IDS or a tarpit) testssl\.sh may usually hang for around 2 minutes or even much more\. This parameter instructs testssl\.sh to wait at most \fBseconds\fR for the handshake to complete before giving up\. This option only works if your OS has a timeout binary installed\. CONNECT_TIMEOUT is the corresponding environment variable\.
|
||||||
@ -342,7 +342,7 @@ Security headers (X\-Frame\-Options, X\-XSS\-Protection, Expect\-CT,\.\.\. , CSP
|
|||||||
\fB\-g, \-\-grease\fR checks several server implementation bugs like tolerance to size limitations and GREASE, see RFC 8701\. This check doesn\'t run per default\.
|
\fB\-g, \-\-grease\fR checks several server implementation bugs like tolerance to size limitations and GREASE, see RFC 8701\. This check doesn\'t run per default\.
|
||||||
.
|
.
|
||||||
.SS "VULNERABILITIES"
|
.SS "VULNERABILITIES"
|
||||||
\fB\-U, \-\-vulnerable, \-\-vulnerabilities\fR Just tests all (of the following) vulnerabilities\. The environment variable \fBVULN_THRESHLD\fR determines after which value a separate headline for each vulnerability is being displayed\. Default is \fB1\fR which means if you check for two vulnerabilities, only the general headline for vulnerabilities section is displayed \-\- in addition to the vulnerability and the result\. Otherwise each vulnerability or vulnerability section gets its own headline in addition to the output of the name of the vulnerabilty and test result\. A vulnerability section is comprised of more than one check, e\.g\. the renegotiation vulnerability check has two checks, so has Logjam\.
|
\fB\-U, \-\-vulnerable, \-\-vulnerabilities\fR Just tests all (of the following) vulnerabilities\. The environment variable \fBVULN_THRESHLD\fR determines after which value a separate headline for each vulnerability is being displayed\. Default is \fB1\fR which means if you check for two vulnerabilities, only the general headline for vulnerabilities section is displayed \-\- in addition to the vulnerability and the result\. Otherwise each vulnerability or vulnerability section gets its own headline in addition to the output of the name of the vulnerability and test result\. A vulnerability section is comprised of more than one check, e\.g\. the renegotiation vulnerability check has two checks, so has Logjam\.
|
||||||
.
|
.
|
||||||
.P
|
.P
|
||||||
\fB\-H, \-\-heartbleed\fR Checks for Heartbleed, a memory leakage in openssl\. Unless the server side doesn\'t support the heartbeat extension it is likely that this check runs into a timeout\. The seconds to wait for a reply can be adjusted with \fBHEARTBLEED_MAX_WAITSOCK\fR\. 8 is the default\.
|
\fB\-H, \-\-heartbleed\fR Checks for Heartbleed, a memory leakage in openssl\. Unless the server side doesn\'t support the heartbeat extension it is likely that this check runs into a timeout\. The seconds to wait for a reply can be adjusted with \fBHEARTBLEED_MAX_WAITSOCK\fR\. 8 is the default\.
|
||||||
|
@ -178,7 +178,7 @@ host.example.com:631
|
|||||||
|
|
||||||
<p><code>--mode <serial|parallel></code>. Mass testing to be done serial (default) or parallel (<code>--parallel</code> is shortcut for the latter, <code>--serial</code> is the opposite option). Per default mass testing is being run in serial mode, i.e. one line after the other is processed and invoked. The variable <code>MASS_TESTING_MODE</code> can be defined to be either equal <code>serial</code> or <code>parallel</code>.</p>
|
<p><code>--mode <serial|parallel></code>. Mass testing to be done serial (default) or parallel (<code>--parallel</code> is shortcut for the latter, <code>--serial</code> is the opposite option). Per default mass testing is being run in serial mode, i.e. one line after the other is processed and invoked. The variable <code>MASS_TESTING_MODE</code> can be defined to be either equal <code>serial</code> or <code>parallel</code>.</p>
|
||||||
|
|
||||||
<p><code>--warnings <batch|off></code>. The warnings parameter determines how testssl.sh will deal with situations where user input normally will be necessary. There are two options. <code>batch</code> doesn't wait for a confirming keypress when a client- or server-side probem is encountered. As of 3.0 it just then terminates the particular scan. This is automatically chosen for mass testing (<code>--file</code>). <code>off</code> just skips the warning, the confirmation but continues the scan, independent whether it makes sense or not. Please note that there are conflicts where testssl.sh will still ask for confirmation which are the ones which otherwise would have a drastic impact on the results. Almost any other decision will be made in the future as a best guess by testssl.sh.
|
<p><code>--warnings <batch|off></code>. The warnings parameter determines how testssl.sh will deal with situations where user input normally will be necessary. There are two options. <code>batch</code> doesn't wait for a confirming keypress when a client- or server-side problem is encountered. As of 3.0 it just then terminates the particular scan. This is automatically chosen for mass testing (<code>--file</code>). <code>off</code> just skips the warning, the confirmation but continues the scan, independent whether it makes sense or not. Please note that there are conflicts where testssl.sh will still ask for confirmation which are the ones which otherwise would have a drastic impact on the results. Almost any other decision will be made in the future as a best guess by testssl.sh.
|
||||||
The same can be achieved by setting the environment variable <code>WARNINGS</code>.</p>
|
The same can be achieved by setting the environment variable <code>WARNINGS</code>.</p>
|
||||||
|
|
||||||
<p><code>--connect-timeout <seconds></code> This is useful for socket TCP connections to a node. If the node does not complete a TCP handshake (e.g. because it is down or behind a firewall or there's an IDS or a tarpit) testssl.sh may usually hang for around 2 minutes or even much more. This parameter instructs testssl.sh to wait at most <code>seconds</code> for the handshake to complete before giving up. This option only works if your OS has a timeout binary installed. CONNECT_TIMEOUT is the corresponding environment variable.</p>
|
<p><code>--connect-timeout <seconds></code> This is useful for socket TCP connections to a node. If the node does not complete a TCP handshake (e.g. because it is down or behind a firewall or there's an IDS or a tarpit) testssl.sh may usually hang for around 2 minutes or even much more. This parameter instructs testssl.sh to wait at most <code>seconds</code> for the handshake to complete before giving up. This option only works if your OS has a timeout binary installed. CONNECT_TIMEOUT is the corresponding environment variable.</p>
|
||||||
@ -312,7 +312,7 @@ Also for multiple server certificates are being checked for as well as for the c
|
|||||||
|
|
||||||
<h3 id="VULNERABILITIES">VULNERABILITIES</h3>
|
<h3 id="VULNERABILITIES">VULNERABILITIES</h3>
|
||||||
|
|
||||||
<p><code>-U, --vulnerable, --vulnerabilities</code> Just tests all (of the following) vulnerabilities. The environment variable <code>VULN_THRESHLD</code> determines after which value a separate headline for each vulnerability is being displayed. Default is <code>1</code> which means if you check for two vulnerabilities, only the general headline for vulnerabilities section is displayed -- in addition to the vulnerability and the result. Otherwise each vulnerability or vulnerability section gets its own headline in addition to the output of the name of the vulnerabilty and test result. A vulnerability section is comprised of more than one check, e.g. the renegotiation vulnerability check has two checks, so has Logjam.</p>
|
<p><code>-U, --vulnerable, --vulnerabilities</code> Just tests all (of the following) vulnerabilities. The environment variable <code>VULN_THRESHLD</code> determines after which value a separate headline for each vulnerability is being displayed. Default is <code>1</code> which means if you check for two vulnerabilities, only the general headline for vulnerabilities section is displayed -- in addition to the vulnerability and the result. Otherwise each vulnerability or vulnerability section gets its own headline in addition to the output of the name of the vulnerability and test result. A vulnerability section is comprised of more than one check, e.g. the renegotiation vulnerability check has two checks, so has Logjam.</p>
|
||||||
|
|
||||||
<p><code>-H, --heartbleed</code> Checks for Heartbleed, a memory leakage in openssl. Unless the server side doesn't support the heartbeat extension it is likely that this check runs into a timeout. The seconds to wait for a reply can be adjusted with <code>HEARTBLEED_MAX_WAITSOCK</code>. 8 is the default.</p>
|
<p><code>-H, --heartbleed</code> Checks for Heartbleed, a memory leakage in openssl. Unless the server side doesn't support the heartbeat extension it is likely that this check runs into a timeout. The seconds to wait for a reply can be adjusted with <code>HEARTBLEED_MAX_WAITSOCK</code>. 8 is the default.</p>
|
||||||
|
|
||||||
|
@ -101,7 +101,7 @@ Please note that `fname` has to be in Unix format. DOS carriage returns won't be
|
|||||||
|
|
||||||
`--mode <serial|parallel>`. Mass testing to be done serial (default) or parallel (`--parallel` is shortcut for the latter, `--serial` is the opposite option). Per default mass testing is being run in serial mode, i.e. one line after the other is processed and invoked. The variable `MASS_TESTING_MODE` can be defined to be either equal `serial` or `parallel`.
|
`--mode <serial|parallel>`. Mass testing to be done serial (default) or parallel (`--parallel` is shortcut for the latter, `--serial` is the opposite option). Per default mass testing is being run in serial mode, i.e. one line after the other is processed and invoked. The variable `MASS_TESTING_MODE` can be defined to be either equal `serial` or `parallel`.
|
||||||
|
|
||||||
`--warnings <batch|off>`. The warnings parameter determines how testssl.sh will deal with situations where user input normally will be necessary. There are two options. `batch` doesn't wait for a confirming keypress when a client- or server-side probem is encountered. As of 3.0 it just then terminates the particular scan. This is automatically chosen for mass testing (`--file`). `off` just skips the warning, the confirmation but continues the scan, independent whether it makes sense or not. Please note that there are conflicts where testssl.sh will still ask for confirmation which are the ones which otherwise would have a drastic impact on the results. Almost any other decision will be made in the future as a best guess by testssl.sh.
|
`--warnings <batch|off>`. The warnings parameter determines how testssl.sh will deal with situations where user input normally will be necessary. There are two options. `batch` doesn't wait for a confirming keypress when a client- or server-side problem is encountered. As of 3.0 it just then terminates the particular scan. This is automatically chosen for mass testing (`--file`). `off` just skips the warning, the confirmation but continues the scan, independent whether it makes sense or not. Please note that there are conflicts where testssl.sh will still ask for confirmation which are the ones which otherwise would have a drastic impact on the results. Almost any other decision will be made in the future as a best guess by testssl.sh.
|
||||||
The same can be achieved by setting the environment variable `WARNINGS`.
|
The same can be achieved by setting the environment variable `WARNINGS`.
|
||||||
|
|
||||||
`--connect-timeout <seconds>` This is useful for socket TCP connections to a node. If the node does not complete a TCP handshake (e.g. because it is down or behind a firewall or there's an IDS or a tarpit) testssl.sh may usually hang for around 2 minutes or even much more. This parameter instructs testssl.sh to wait at most `seconds` for the handshake to complete before giving up. This option only works if your OS has a timeout binary installed. CONNECT_TIMEOUT is the corresponding environment variable.
|
`--connect-timeout <seconds>` This is useful for socket TCP connections to a node. If the node does not complete a TCP handshake (e.g. because it is down or behind a firewall or there's an IDS or a tarpit) testssl.sh may usually hang for around 2 minutes or even much more. This parameter instructs testssl.sh to wait at most `seconds` for the handshake to complete before giving up. This option only works if your OS has a timeout binary installed. CONNECT_TIMEOUT is the corresponding environment variable.
|
||||||
@ -226,7 +226,7 @@ Also for multiple server certificates are being checked for as well as for the c
|
|||||||
|
|
||||||
### VULNERABILITIES
|
### VULNERABILITIES
|
||||||
|
|
||||||
`-U, --vulnerable, --vulnerabilities` Just tests all (of the following) vulnerabilities. The environment variable `VULN_THRESHLD` determines after which value a separate headline for each vulnerability is being displayed. Default is `1` which means if you check for two vulnerabilities, only the general headline for vulnerabilities section is displayed -- in addition to the vulnerability and the result. Otherwise each vulnerability or vulnerability section gets its own headline in addition to the output of the name of the vulnerabilty and test result. A vulnerability section is comprised of more than one check, e.g. the renegotiation vulnerability check has two checks, so has Logjam.
|
`-U, --vulnerable, --vulnerabilities` Just tests all (of the following) vulnerabilities. The environment variable `VULN_THRESHLD` determines after which value a separate headline for each vulnerability is being displayed. Default is `1` which means if you check for two vulnerabilities, only the general headline for vulnerabilities section is displayed -- in addition to the vulnerability and the result. Otherwise each vulnerability or vulnerability section gets its own headline in addition to the output of the name of the vulnerability and test result. A vulnerability section is comprised of more than one check, e.g. the renegotiation vulnerability check has two checks, so has Logjam.
|
||||||
|
|
||||||
`-H, --heartbleed` Checks for Heartbleed, a memory leakage in openssl. Unless the server side doesn't support the heartbeat extension it is likely that this check runs into a timeout. The seconds to wait for a reply can be adjusted with `HEARTBLEED_MAX_WAITSOCK`. 8 is the default.
|
`-H, --heartbleed` Checks for Heartbleed, a memory leakage in openssl. Unless the server side doesn't support the heartbeat extension it is likely that this check runs into a timeout. The seconds to wait for a reply can be adjusted with `HEARTBLEED_MAX_WAITSOCK`. 8 is the default.
|
||||||
|
|
||||||
|
@ -22,7 +22,3 @@ The whole process is done manually.
|
|||||||
* "ciphersutes" are TLS 1.3 ciphersuites. You can identify them as they currently are like 0x130?. Retrieve them from above see ``~/utils/hexstream2cipher.sh``
|
* "ciphersutes" are TLS 1.3 ciphersuites. You can identify them as they currently are like 0x130?. Retrieve them from above see ``~/utils/hexstream2cipher.sh``
|
||||||
* Figure out the services by applying a good piece of human logic
|
* Figure out the services by applying a good piece of human logic
|
||||||
* Before submitting a PR: test it yourself! You can also watch it again via wireshark
|
* Before submitting a PR: test it yourself! You can also watch it again via wireshark
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
0
etc/tls_data.txt
Executable file → Normal file
0
etc/tls_data.txt
Executable file → Normal file
@ -1,6 +1,6 @@
|
|||||||
#!/usr/bin/env perl
|
#!/usr/bin/env perl
|
||||||
|
|
||||||
# Basics: is there a synatx error where alerady bash hiccups on?
|
# Basics: is there a syntax error where already bash hiccups on?
|
||||||
|
|
||||||
use strict;
|
use strict;
|
||||||
use Test::More;
|
use Test::More;
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
#!/usr/bin/env perl
|
#!/usr/bin/env perl
|
||||||
|
|
||||||
# Basics: is there a synatx error where already bash hiccups on?
|
# Basics: is there a syntax error where already bash hiccups on?
|
||||||
# --banner is equal to --version
|
# --banner is equal to --version
|
||||||
|
|
||||||
use strict;
|
use strict;
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
#!/usr/bin/env perl
|
#!/usr/bin/env perl
|
||||||
|
|
||||||
# Just a functional test, whether ~/etc/client-simulation.txt
|
# Just a functional test, whether ~/etc/client-simulation.txt
|
||||||
# doesn't have any synatx errors
|
# doesn't have any syntax errors
|
||||||
|
|
||||||
use strict;
|
use strict;
|
||||||
use Test::More;
|
use Test::More;
|
||||||
|
@ -49,7 +49,7 @@ $tests++;
|
|||||||
$openssl_out = `$prg --ssl-native $check2run $uri 2>&1`;
|
$openssl_out = `$prg --ssl-native $check2run $uri 2>&1`;
|
||||||
$openssl_json = json('tmp.json');
|
$openssl_json = json('tmp.json');
|
||||||
unlink "tmp.json";
|
unlink "tmp.json";
|
||||||
# With Google only we somtimes encounter an error as they return a 0 char with openssl, so we white list this pattern here:
|
# With Google only we sometimes encounter an error as they return a 0 char with openssl, so we white list this pattern here:
|
||||||
# It should be fixed in the code though so we comment this out
|
# It should be fixed in the code though so we comment this out
|
||||||
# $openssl_out =~ s/testssl.*warning: command substitution: ignored null byte in input\n//g;
|
# $openssl_out =~ s/testssl.*warning: command substitution: ignored null byte in input\n//g;
|
||||||
unlike($openssl_out, qr/$openssl_regex_bl/, "via OpenSSL");
|
unlike($openssl_out, qr/$openssl_regex_bl/, "via OpenSSL");
|
||||||
|
@ -59,4 +59,3 @@ sub json($) {
|
|||||||
unlink $file;
|
unlink $file;
|
||||||
return from_json($file);
|
return from_json($file);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -7,7 +7,7 @@
|
|||||||
# cert_serialNumber, cert_fingerprintSHA1, cert_fingerprintSHA256, cert
|
# cert_serialNumber, cert_fingerprintSHA1, cert_fingerprintSHA256, cert
|
||||||
# cert_expirationStatus, cert_notBefore, cert_notAfter, cert_caIssuers, intermediate_cert
|
# cert_expirationStatus, cert_notBefore, cert_notAfter, cert_caIssuers, intermediate_cert
|
||||||
#
|
#
|
||||||
# help is apreciated here
|
# help is appreciated here
|
||||||
|
|
||||||
use strict;
|
use strict;
|
||||||
use Test::More;
|
use Test::More;
|
||||||
|
96
testssl.sh
96
testssl.sh
@ -17,7 +17,7 @@
|
|||||||
# Main contributions from David Cooper. Further contributors see CREDITS.md .
|
# Main contributions from David Cooper. Further contributors see CREDITS.md .
|
||||||
#
|
#
|
||||||
# License: GPLv2, see https://opensource.org/licenses/gpl-2.0.php and
|
# License: GPLv2, see https://opensource.org/licenses/gpl-2.0.php and
|
||||||
# ccompanying license "LICENSE.txt". Redistribution + modification under this
|
# accompanying license "LICENSE.txt". Redistribution + modification under this
|
||||||
# license permitted.
|
# license permitted.
|
||||||
# If you enclose this program or parts of it in your software, it has to be
|
# If you enclose this program or parts of it in your software, it has to be
|
||||||
# accompanied by the same license (see link). Do not violate the license.
|
# accompanied by the same license (see link). Do not violate the license.
|
||||||
@ -269,11 +269,11 @@ KNOWN_OSSL_PROB=false # We need OpenSSL a few times. This vari
|
|||||||
DETECTED_TLS_VERSION="" # .. as hex string, e.g. 0300 or 0303
|
DETECTED_TLS_VERSION="" # .. as hex string, e.g. 0300 or 0303
|
||||||
APP_TRAF_KEY_INFO="" # Information about the application traffic keys for a TLS 1.3 connection.
|
APP_TRAF_KEY_INFO="" # Information about the application traffic keys for a TLS 1.3 connection.
|
||||||
TLS13_ONLY=false # Does the server support TLS 1.3 ONLY?
|
TLS13_ONLY=false # Does the server support TLS 1.3 ONLY?
|
||||||
OSSL_SHORTCUT=${OSSL_SHORTCUT:-false} # Hack: if during the scan turns out the OpenSSL binary suports TLS 1.3 would be a better choice, this enables it.
|
OSSL_SHORTCUT=${OSSL_SHORTCUT:-false} # Hack: if during the scan turns out the OpenSSL binary supports TLS 1.3 would be a better choice, this enables it.
|
||||||
TLS_EXTENSIONS=""
|
TLS_EXTENSIONS=""
|
||||||
V2_HELLO_CIPHERSPEC_LENGTH=0
|
V2_HELLO_CIPHERSPEC_LENGTH=0
|
||||||
declare -r NPN_PROTOs="spdy/4a2,spdy/3,spdy/3.1,spdy/2,spdy/1,http/1.1"
|
declare -r NPN_PROTOs="spdy/4a2,spdy/3,spdy/3.1,spdy/2,spdy/1,http/1.1"
|
||||||
# alpn_protos needs to be space-separated, not comma-seperated, including odd ones observed @ facebook and others, old ones like h2-17 omitted as they could not be found
|
# alpn_protos needs to be space-separated, not comma-separated, including odd ones observed @ facebook and others, old ones like h2-17 omitted as they could not be found
|
||||||
declare -r ALPN_PROTOs="h2 spdy/3.1 http/1.1 grpc-exp h2-fb spdy/1 spdy/2 spdy/3 stun.turn stun.nat-discovery webrtc c-webrtc ftp"
|
declare -r ALPN_PROTOs="h2 spdy/3.1 http/1.1 grpc-exp h2-fb spdy/1 spdy/2 spdy/3 stun.turn stun.nat-discovery webrtc c-webrtc ftp"
|
||||||
TEMPDIR=""
|
TEMPDIR=""
|
||||||
TMPFILE=""
|
TMPFILE=""
|
||||||
@ -461,7 +461,7 @@ echo A | sed -E 's/A//' >/dev/null 2>&1 && \
|
|||||||
declare -r HAS_SED_E=true || \
|
declare -r HAS_SED_E=true || \
|
||||||
declare -r HAS_SED_E=false
|
declare -r HAS_SED_E=false
|
||||||
|
|
||||||
########### Terminal defintions
|
########### Terminal definitions
|
||||||
tty -s && \
|
tty -s && \
|
||||||
declare -r INTERACTIVE=true || \
|
declare -r INTERACTIVE=true || \
|
||||||
declare -r INTERACTIVE=false
|
declare -r INTERACTIVE=false
|
||||||
@ -962,10 +962,10 @@ get_cipher() {
|
|||||||
# This and two other following instances are not best practice and normally a useless use of "cat", see
|
# This and two other following instances are not best practice and normally a useless use of "cat", see
|
||||||
# https://web.archive.org/web/20160711205930/http://porkmail.org/era/unix/award.html#uucaletter
|
# https://web.archive.org/web/20160711205930/http://porkmail.org/era/unix/award.html#uucaletter
|
||||||
# However there seem to be cases where the preferred $(< "$1") logic has a problem.
|
# However there seem to be cases where the preferred $(< "$1") logic has a problem.
|
||||||
# Esepcially with bash 3.2 (Mac OS X) and when on the server side binary chars
|
# Especially with bash 3.2 (Mac OS X) and when on the server side binary chars
|
||||||
# are returned, see https://stackoverflow.com/questions/7427262/how-to-read-a-file-into-a-variable-in-shell#22607352
|
# are returned, see https://stackoverflow.com/questions/7427262/how-to-read-a-file-into-a-variable-in-shell#22607352
|
||||||
# and https://github.com/drwetter/testssl.sh/issues/1292
|
# and https://github.com/drwetter/testssl.sh/issues/1292
|
||||||
# Performance measurements showed no to barely measureable penalty (1s displayed in 9 tries).
|
# Performance measurements showed no to barely measurable penalty (1s displayed in 9 tries).
|
||||||
|
|
||||||
if [[ "$server_hello" =~ Cipher\ *:\ ([A-Z0-9]+-[A-Za-z0-9\-]+|TLS_[A-Za-z0-9_]+|SSL_[A-Za-z0-9_]+) ]]; then
|
if [[ "$server_hello" =~ Cipher\ *:\ ([A-Z0-9]+-[A-Za-z0-9\-]+|TLS_[A-Za-z0-9_]+|SSL_[A-Za-z0-9_]+) ]]; then
|
||||||
cipher="${BASH_REMATCH##* }"
|
cipher="${BASH_REMATCH##* }"
|
||||||
@ -2054,7 +2054,7 @@ elif "$HAS_FREEBSDDATE"; then # FreeBSD, OS X and newer (~6.6) OpenBSD vers
|
|||||||
LC_ALL=C TZ=GMT date -j -f "$3" "$2" "$1"
|
LC_ALL=C TZ=GMT date -j -f "$3" "$2" "$1"
|
||||||
}
|
}
|
||||||
elif "$HAS_OPENBSDDATE"; then
|
elif "$HAS_OPENBSDDATE"; then
|
||||||
# We bascially echo it as a conversion as we want it is too difficult. Approach for that would be:
|
# We basically echo it as a conversion as we want it is too difficult. Approach for that would be:
|
||||||
# printf '%s\n' "$1" | awk '{ printf "%04d%02d%02d\n", $4, $2, (index("JanFebMarAprMayJunJulAugSepOctNovDec",$1)+2)/3}'
|
# printf '%s\n' "$1" | awk '{ printf "%04d%02d%02d\n", $4, $2, (index("JanFebMarAprMayJunJulAugSepOctNovDec",$1)+2)/3}'
|
||||||
# 4: year, 1: month, 2: day, $3: time (e.g. "Dec 8 10:16:13 2016")
|
# 4: year, 1: month, 2: day, $3: time (e.g. "Dec 8 10:16:13 2016")
|
||||||
# This way we could also kind of convert args to epoch but as newer OpenBSDs "date" behave like FreeBSD
|
# This way we could also kind of convert args to epoch but as newer OpenBSDs "date" behave like FreeBSD
|
||||||
@ -3309,7 +3309,7 @@ run_security_headers() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
# #1: string with 2 opensssl codes, output is same in NSS/ssllabs terminology
|
# #1: string with 2 openssl codes, output is same in NSS/ssllabs terminology
|
||||||
normalize_ciphercode() {
|
normalize_ciphercode() {
|
||||||
if [[ "${1:2:2}" == "00" ]]; then
|
if [[ "${1:2:2}" == "00" ]]; then
|
||||||
tm_out "$(tolower "x${1:7:2}")"
|
tm_out "$(tolower "x${1:7:2}")"
|
||||||
@ -3521,7 +3521,7 @@ neat_list(){
|
|||||||
[[ "$enc" == ChaCha20-Poly1305 ]] && enc="CHACHA20(256)"
|
[[ "$enc" == ChaCha20-Poly1305 ]] && enc="CHACHA20(256)"
|
||||||
[[ "$enc" == GOST-28178-89-CNT ]] && enc="GOST(256)"
|
[[ "$enc" == GOST-28178-89-CNT ]] && enc="GOST(256)"
|
||||||
|
|
||||||
strength="${enc//\)/}" # retrieve (). first remove traling ")"
|
strength="${enc//\)/}" # retrieve (). first remove trailing ")"
|
||||||
strength="${strength#*\(}" # exfiltrate (VAL
|
strength="${strength#*\(}" # exfiltrate (VAL
|
||||||
enc="${enc%%\(*}"
|
enc="${enc%%\(*}"
|
||||||
|
|
||||||
@ -4674,7 +4674,7 @@ client_simulation_sockets() {
|
|||||||
# robustness to the implementation
|
# robustness to the implementation
|
||||||
# see also https://github.com/drwetter/testssl.sh/pull/797
|
# see also https://github.com/drwetter/testssl.sh/pull/797
|
||||||
if [[ "${1:0:4}" == 1603 ]]; then
|
if [[ "${1:0:4}" == 1603 ]]; then
|
||||||
# Extact list of cipher suites from SSLv3 or later ClientHello
|
# Extract list of cipher suites from SSLv3 or later ClientHello
|
||||||
sid_len=4*$(hex2dec "${data:174:2}")
|
sid_len=4*$(hex2dec "${data:174:2}")
|
||||||
offset1=178+$sid_len
|
offset1=178+$sid_len
|
||||||
offset2=182+$sid_len
|
offset2=182+$sid_len
|
||||||
@ -4682,7 +4682,7 @@ client_simulation_sockets() {
|
|||||||
offset1=186+$sid_len
|
offset1=186+$sid_len
|
||||||
code2network "$(tolower "${data:offset1:len}")" # convert CIPHER_SUITES to a "standardized" format
|
code2network "$(tolower "${data:offset1:len}")" # convert CIPHER_SUITES to a "standardized" format
|
||||||
else
|
else
|
||||||
# Extact list of cipher suites from SSLv2 ClientHello
|
# Extract list of cipher suites from SSLv2 ClientHello
|
||||||
len=2*$(hex2dec "${clienthello:12:2}")
|
len=2*$(hex2dec "${clienthello:12:2}")
|
||||||
for (( i=22; i < 22+len; i+=6 )); do
|
for (( i=22; i < 22+len; i+=6 )); do
|
||||||
offset1=$i+2
|
offset1=$i+2
|
||||||
@ -5115,7 +5115,7 @@ run_prototest_openssl() {
|
|||||||
add_proto_offered() {
|
add_proto_offered() {
|
||||||
# the ":" is mandatory here (and @ other places), otherwise e.g. tls1 will match tls1_2
|
# the ":" is mandatory here (and @ other places), otherwise e.g. tls1 will match tls1_2
|
||||||
if [[ "$PROTOS_OFFERED" =~ $1: ]]; then
|
if [[ "$PROTOS_OFFERED" =~ $1: ]]; then
|
||||||
# we got that protcol already
|
# we got that protocol already
|
||||||
:
|
:
|
||||||
else
|
else
|
||||||
PROTOS_OFFERED+="${1}:$2 "
|
PROTOS_OFFERED+="${1}:$2 "
|
||||||
@ -7322,7 +7322,7 @@ determine_trust() {
|
|||||||
notok_was="${certificate_file[i]} $code $notok_was"
|
notok_was="${certificate_file[i]} $code $notok_was"
|
||||||
if ! [[ ${certificate_file[i]} =~ Java ]]; then
|
if ! [[ ${certificate_file[i]} =~ Java ]]; then
|
||||||
# Exemption for Java AND rating, as this store doesn't seem to be as complete.
|
# Exemption for Java AND rating, as this store doesn't seem to be as complete.
|
||||||
# We won't penelize this but we still need to raise a red flag. See #1648
|
# We won't penalize this but we still need to raise a red flag. See #1648
|
||||||
set_grade_cap "T" "Issues with chain of trust $code"
|
set_grade_cap "T" "Issues with chain of trust $code"
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
@ -7707,7 +7707,7 @@ get_server_certificate() {
|
|||||||
extract_stapled_ocsp
|
extract_stapled_ocsp
|
||||||
success=$?
|
success=$?
|
||||||
else
|
else
|
||||||
# For STARTTLS protcols not being implemented yet via sockets this is a bypass otherwise it won't be usable at all (e.g. LDAP)
|
# For STARTTLS protocols not being implemented yet via sockets this is a bypass otherwise it won't be usable at all (e.g. LDAP)
|
||||||
if ( [[ "$STARTTLS" =~ ldap ]] || [[ "$STARTTLS" =~ irc ]] ); then
|
if ( [[ "$STARTTLS" =~ ldap ]] || [[ "$STARTTLS" =~ irc ]] ); then
|
||||||
return 1
|
return 1
|
||||||
elif [[ "$1" =~ tls1_3_RSA ]]; then
|
elif [[ "$1" =~ tls1_3_RSA ]]; then
|
||||||
@ -7794,7 +7794,7 @@ get_server_certificate() {
|
|||||||
cp $TEMPDIR/$NODEIP.parse_tls_serverhello.txt $TMPFILE
|
cp $TEMPDIR/$NODEIP.parse_tls_serverhello.txt $TMPFILE
|
||||||
|
|
||||||
# When "$2" is empty, get_server_certificate() is being called with SNI="".
|
# When "$2" is empty, get_server_certificate() is being called with SNI="".
|
||||||
# In case the extensions returned by the server differ depending on wheter
|
# In case the extensions returned by the server differ depending on whether
|
||||||
# SNI is provided or not, don't collect extensions when SNI="" (unless
|
# SNI is provided or not, don't collect extensions when SNI="" (unless
|
||||||
# no DNS name was provided at the command line).
|
# no DNS name was provided at the command line).
|
||||||
[[ -z "$2" ]] && extract_new_tls_extensions $TMPFILE
|
[[ -z "$2" ]] && extract_new_tls_extensions $TMPFILE
|
||||||
@ -8147,7 +8147,7 @@ etsi_ets_visibility_info() {
|
|||||||
# OpenSSL 1.1.1 and earlier displays all names of type otherName as "othername:<unsupported>".
|
# OpenSSL 1.1.1 and earlier displays all names of type otherName as "othername:<unsupported>".
|
||||||
# As certificates will rarely include a name encoded as an otherName, check the
|
# As certificates will rarely include a name encoded as an otherName, check the
|
||||||
# text version of the certificate for "othername:<unsupported>" before calling
|
# text version of the certificate for "othername:<unsupported>" before calling
|
||||||
# external functions to obtain the DER encoded certficate.
|
# external functions to obtain the DER encoded certificate.
|
||||||
if [[ "$cert_txt" =~ X509v3\ Subject\ Alternative\ Name:.*othername:\<unsupported\> ]] || \
|
if [[ "$cert_txt" =~ X509v3\ Subject\ Alternative\ Name:.*othername:\<unsupported\> ]] || \
|
||||||
[[ "$cert_txt" =~ X509v3\ Subject\ Alternative\ Name:.*othername:\ 0.4.0.3523.3.1 ]]; then
|
[[ "$cert_txt" =~ X509v3\ Subject\ Alternative\ Name:.*othername:\ 0.4.0.3523.3.1 ]]; then
|
||||||
dercert="$($OPENSSL x509 -outform DER 2>>$ERRFILE <<< "$cert" | hexdump -v -e '16/1 "%02X"')"
|
dercert="$($OPENSSL x509 -outform DER 2>>$ERRFILE <<< "$cert" | hexdump -v -e '16/1 "%02X"')"
|
||||||
@ -8343,19 +8343,19 @@ certificate_transparency() {
|
|||||||
local ciphers=""
|
local ciphers=""
|
||||||
local extra_extns=""
|
local extra_extns=""
|
||||||
local -i success
|
local -i success
|
||||||
# Cipher suites that use a certifiate with an RSA (signature) public key
|
# Cipher suites that use a certificate with an RSA (signature) public key
|
||||||
local -r a_rsa="cc,13, cc,15, c0,30, c0,28, c0,14, 00,9f, cc,a8, cc,aa, c0,a3, c0,9f, 00,6b, 00,39, c0,77, 00,c4, 00,88, c0,45, c0,4d, c0,53, c0,61, c0,7d, c0,8b, 16,b7, 16,b9, c0,2f, c0,27, c0,13, 00,9e, c0,a2, c0,9e, 00,67, 00,33, c0,76, 00,be, 00,9a, 00,45, c0,44, c0,4c, c0,52, c0,60, c0,7c, c0,8a, c0,11, c0,12, 00,16, 00,15, 00,14, c0,10"
|
local -r a_rsa="cc,13, cc,15, c0,30, c0,28, c0,14, 00,9f, cc,a8, cc,aa, c0,a3, c0,9f, 00,6b, 00,39, c0,77, 00,c4, 00,88, c0,45, c0,4d, c0,53, c0,61, c0,7d, c0,8b, 16,b7, 16,b9, c0,2f, c0,27, c0,13, 00,9e, c0,a2, c0,9e, 00,67, 00,33, c0,76, 00,be, 00,9a, 00,45, c0,44, c0,4c, c0,52, c0,60, c0,7c, c0,8a, c0,11, c0,12, 00,16, 00,15, 00,14, c0,10"
|
||||||
# Cipher suites that use a certifiate with an RSA (encryption) public key
|
# Cipher suites that use a certificate with an RSA (encryption) public key
|
||||||
local -r e_rsa="00,b7, c0,99, 00,ad, cc,ae, 00,9d, c0,a1, c0,9d, 00,3d, 00,35, 00,c0, 00,84, 00,95, c0,3d, c0,51, c0,69, c0,6f, c0,7b, c0,93, ff,01, 00,ac, c0,a0, c0,9c, 00,9c, 00,3c, 00,2f, 00,ba, 00,b6, 00,96, 00,41, c0,98, 00,07, 00,94, c0,3c, c0,50, c0,68, c0,6e, c0,7a, c0,92, 00,05, 00,04, 00,92, 00,0a, 00,93, fe,ff, ff,e0, 00,62, 00,09, 00,61, fe,fe, ff,e1, 00,64, 00,60, 00,08, 00,06, 00,03, 00,b9, 00,b8, 00,2e, 00,3b, 00,02, 00,01, ff,00"
|
local -r e_rsa="00,b7, c0,99, 00,ad, cc,ae, 00,9d, c0,a1, c0,9d, 00,3d, 00,35, 00,c0, 00,84, 00,95, c0,3d, c0,51, c0,69, c0,6f, c0,7b, c0,93, ff,01, 00,ac, c0,a0, c0,9c, 00,9c, 00,3c, 00,2f, 00,ba, 00,b6, 00,96, 00,41, c0,98, 00,07, 00,94, c0,3c, c0,50, c0,68, c0,6e, c0,7a, c0,92, 00,05, 00,04, 00,92, 00,0a, 00,93, fe,ff, ff,e0, 00,62, 00,09, 00,61, fe,fe, ff,e1, 00,64, 00,60, 00,08, 00,06, 00,03, 00,b9, 00,b8, 00,2e, 00,3b, 00,02, 00,01, ff,00"
|
||||||
# Cipher suites that use a certifiate with a DSA public key
|
# Cipher suites that use a certificate with a DSA public key
|
||||||
local -r a_dss="00,a3, 00,6a, 00,38, 00,c3, 00,87, c0,43, c0,57, c0,81, 00,a2, 00,40, 00,32, 00,bd, 00,99, 00,44, c0,42, c0,56, c0,80, 00,66, 00,13, 00,63, 00,12, 00,65, 00,11"
|
local -r a_dss="00,a3, 00,6a, 00,38, 00,c3, 00,87, c0,43, c0,57, c0,81, 00,a2, 00,40, 00,32, 00,bd, 00,99, 00,44, c0,42, c0,56, c0,80, 00,66, 00,13, 00,63, 00,12, 00,65, 00,11"
|
||||||
# Cipher suites that use a certifiate with a DH public key
|
# Cipher suites that use a certificate with a DH public key
|
||||||
local -r a_dh="00,a5, 00,a1, 00,69, 00,68, 00,37, 00,36, 00,c2, 00,c1, 00,86, 00,85, c0,3f, c0,41, c0,55, c0,59, c0,7f, c0,83, 00,a4, 00,a0, 00,3f, 00,3e, 00,31, 00,30, 00,bc, 00,bb, 00,98, 00,97, 00,43, 00,42, c0,3e, c0,40, c0,54, c0,58, c0,7e, c0,82, 00,10, 00,0d, 00,0f, 00,0c, 00,0b, 00,0e"
|
local -r a_dh="00,a5, 00,a1, 00,69, 00,68, 00,37, 00,36, 00,c2, 00,c1, 00,86, 00,85, c0,3f, c0,41, c0,55, c0,59, c0,7f, c0,83, 00,a4, 00,a0, 00,3f, 00,3e, 00,31, 00,30, 00,bc, 00,bb, 00,98, 00,97, 00,43, 00,42, c0,3e, c0,40, c0,54, c0,58, c0,7e, c0,82, 00,10, 00,0d, 00,0f, 00,0c, 00,0b, 00,0e"
|
||||||
# Cipher suites that use a certifiate with an ECDH public key
|
# Cipher suites that use a certificate with an ECDH public key
|
||||||
local -r a_ecdh="c0,32, c0,2e, c0,2a, c0,26, c0,0f, c0,05, c0,79, c0,75, c0,4b, c0,4f, c0,5f, c0,63, c0,89, c0,8d, c0,31, c0,2d, c0,29, c0,25, c0,0e, c0,04, c0,78, c0,74, c0,4a, c0,4e, c0,5e, c0,62, c0,88, c0,8c, c0,0c, c0,02, c0,0d, c0,03, c0,0b, c0,01"
|
local -r a_ecdh="c0,32, c0,2e, c0,2a, c0,26, c0,0f, c0,05, c0,79, c0,75, c0,4b, c0,4f, c0,5f, c0,63, c0,89, c0,8d, c0,31, c0,2d, c0,29, c0,25, c0,0e, c0,04, c0,78, c0,74, c0,4a, c0,4e, c0,5e, c0,62, c0,88, c0,8c, c0,0c, c0,02, c0,0d, c0,03, c0,0b, c0,01"
|
||||||
# Cipher suites that use a certifiate with an ECDSA public key
|
# Cipher suites that use a certificate with an ECDSA public key
|
||||||
local -r a_ecdsa="cc,14, c0,2c, c0,24, c0,0a, cc,a9, c0,af, c0,ad, c0,73, c0,49, c0,5d, c0,87, 16,b8, 16,ba, c0,2b, c0,23, c0,09, c0,ae, c0,ac, c0,72, c0,48, c0,5c, c0,86, c0,07, c0,08, c0,06"
|
local -r a_ecdsa="cc,14, c0,2c, c0,24, c0,0a, cc,a9, c0,af, c0,ad, c0,73, c0,49, c0,5d, c0,87, 16,b8, 16,ba, c0,2b, c0,23, c0,09, c0,ae, c0,ac, c0,72, c0,48, c0,5c, c0,86, c0,07, c0,08, c0,06"
|
||||||
# Cipher suites that use a certifiate with a GOST public key
|
# Cipher suites that use a certificate with a GOST public key
|
||||||
local -r a_gost="00,80, 00,81, 00,82, 00,83"
|
local -r a_gost="00,80, 00,81, 00,82, 00,83"
|
||||||
|
|
||||||
# First check whether signed certificate timestamps (SCT) are included in the
|
# First check whether signed certificate timestamps (SCT) are included in the
|
||||||
@ -10901,7 +10901,7 @@ starttls_mysql_dialog() {
|
|||||||
# 1 is the timeout value which only MySQL needs. Note, there seems no response whether STARTTLS
|
# 1 is the timeout value which only MySQL needs. Note, there seems no response whether STARTTLS
|
||||||
# succeeded. We could try harder, see https://github.com/openssl/openssl/blob/master/apps/s_client.c
|
# succeeded. We could try harder, see https://github.com/openssl/openssl/blob/master/apps/s_client.c
|
||||||
# but atm this seems sufficient as later we will fail if there's no STARTTLS.
|
# but atm this seems sufficient as later we will fail if there's no STARTTLS.
|
||||||
# BUT: there seeem to be cases when the handshake fails (8S01Bad handshake --> 30 38 53 30 31 42 61 64 20 68 61 6e 64 73 68 61 6b 65).
|
# BUT: there seem to be cases when the handshake fails (8S01Bad handshake --> 30 38 53 30 31 42 61 64 20 68 61 6e 64 73 68 61 6b 65).
|
||||||
# also there's a banner in the reply "<version><somebytes>mysql_native_password"
|
# also there's a banner in the reply "<version><somebytes>mysql_native_password"
|
||||||
# TODO: We could detect if the server supports STARTTLS via the "Server Capabilities"
|
# TODO: We could detect if the server supports STARTTLS via the "Server Capabilities"
|
||||||
# bit field, but we'd need to parse the binary stream, with greater precision than regex.
|
# bit field, but we'd need to parse the binary stream, with greater precision than regex.
|
||||||
@ -10965,7 +10965,7 @@ fd_socket() {
|
|||||||
pr_warning "Unable to open a socket to $NODEIP:$PORT. "
|
pr_warning "Unable to open a socket to $NODEIP:$PORT. "
|
||||||
return 6
|
return 6
|
||||||
fi
|
fi
|
||||||
# Now comes the the usual case
|
# Now comes the usual case
|
||||||
elif ! exec 5<>/dev/tcp/$nodeip/$PORT; then
|
elif ! exec 5<>/dev/tcp/$nodeip/$PORT; then
|
||||||
((NR_SOCKET_FAIL++))
|
((NR_SOCKET_FAIL++))
|
||||||
connectivity_problem $NR_SOCKET_FAIL $MAX_SOCKET_FAIL "TCP connect problem" "repeated TCP connect problems, giving up"
|
connectivity_problem $NR_SOCKET_FAIL $MAX_SOCKET_FAIL "TCP connect problem" "repeated TCP connect problems, giving up"
|
||||||
@ -11777,7 +11777,7 @@ derive-handshake-secret() {
|
|||||||
|
|
||||||
# arg1: TLS cipher
|
# arg1: TLS cipher
|
||||||
# arg2: handshake secret
|
# arg2: handshake secret
|
||||||
# arg3: transcipt
|
# arg3: transcript
|
||||||
# arg4: "client" or "server"
|
# arg4: "client" or "server"
|
||||||
derive-handshake-traffic-keys() {
|
derive-handshake-traffic-keys() {
|
||||||
local cipher="$1" handshake_secret="$2" transcript="$3"
|
local cipher="$1" handshake_secret="$2" transcript="$3"
|
||||||
@ -11870,7 +11870,7 @@ derive-master-secret() {
|
|||||||
|
|
||||||
# arg1: TLS cipher
|
# arg1: TLS cipher
|
||||||
# arg2: master secret
|
# arg2: master secret
|
||||||
# arg3: transcipt
|
# arg3: transcript
|
||||||
# arg4: "client" or "server"
|
# arg4: "client" or "server"
|
||||||
derive-application-traffic-keys() {
|
derive-application-traffic-keys() {
|
||||||
local cipher="$1" master_secret="$2" transcript="$3"
|
local cipher="$1" master_secret="$2" transcript="$3"
|
||||||
@ -13418,7 +13418,7 @@ parse_tls_serverhello() {
|
|||||||
tls_serverhello_ascii="${tls_handshake_ascii:i:msg_len}"
|
tls_serverhello_ascii="${tls_handshake_ascii:i:msg_len}"
|
||||||
tls_serverhello_ascii_len=$msg_len
|
tls_serverhello_ascii_len=$msg_len
|
||||||
elif [[ "$process_full" =~ all ]] && [[ "$tls_msg_type" == 08 ]]; then
|
elif [[ "$process_full" =~ all ]] && [[ "$tls_msg_type" == 08 ]]; then
|
||||||
# Add excrypted extensions (now decrypted) to end of extensions in SeverHello
|
# Add excrypted extensions (now decrypted) to end of extensions in ServerHello
|
||||||
tls_encryptedextensions_ascii="${tls_handshake_ascii:i:msg_len}"
|
tls_encryptedextensions_ascii="${tls_handshake_ascii:i:msg_len}"
|
||||||
tls_encryptedextensions_ascii_len=$msg_len
|
tls_encryptedextensions_ascii_len=$msg_len
|
||||||
if [[ $msg_len -lt 2 ]]; then
|
if [[ $msg_len -lt 2 ]]; then
|
||||||
@ -14240,7 +14240,7 @@ parse_tls_serverhello() {
|
|||||||
offset=$((len1+8))
|
offset=$((len1+8))
|
||||||
if [[ $tls_serverkeyexchange_ascii_len -ge $((offset+4)) ]]; then
|
if [[ $tls_serverkeyexchange_ascii_len -ge $((offset+4)) ]]; then
|
||||||
# The SignatureAndHashAlgorithm won't be present in an anonymous
|
# The SignatureAndHashAlgorithm won't be present in an anonymous
|
||||||
# key exhange.
|
# key exchange.
|
||||||
peering_signing_digest="${tls_serverkeyexchange_ascii:offset:2}"
|
peering_signing_digest="${tls_serverkeyexchange_ascii:offset:2}"
|
||||||
peer_signature_type="${tls_serverkeyexchange_ascii:$((offset+2)):2}"
|
peer_signature_type="${tls_serverkeyexchange_ascii:$((offset+2)):2}"
|
||||||
fi
|
fi
|
||||||
@ -14340,7 +14340,7 @@ parse_tls_serverhello() {
|
|||||||
offset+=$((len1+4))
|
offset+=$((len1+4))
|
||||||
if [[ $tls_serverkeyexchange_ascii_len -ge $((offset+4)) ]]; then
|
if [[ $tls_serverkeyexchange_ascii_len -ge $((offset+4)) ]]; then
|
||||||
# The SignatureAndHashAlgorithm won't be present in an anonymous
|
# The SignatureAndHashAlgorithm won't be present in an anonymous
|
||||||
# key exhange.
|
# key exchange.
|
||||||
peering_signing_digest="${tls_serverkeyexchange_ascii:offset:2}"
|
peering_signing_digest="${tls_serverkeyexchange_ascii:offset:2}"
|
||||||
peer_signature_type="${tls_serverkeyexchange_ascii:$((offset+2)):2}"
|
peer_signature_type="${tls_serverkeyexchange_ascii:$((offset+2)):2}"
|
||||||
fi
|
fi
|
||||||
@ -14832,7 +14832,7 @@ prepare_tls_clienthello() {
|
|||||||
for (( i=0x$tls_low_byte; i >=0; i=i-1 )); do
|
for (( i=0x$tls_low_byte; i >=0; i=i-1 )); do
|
||||||
if [[ 0x$i -eq 4 ]]; then
|
if [[ 0x$i -eq 4 ]]; then
|
||||||
# FIXME: The ClientHello currently advertises support for various
|
# FIXME: The ClientHello currently advertises support for various
|
||||||
# draft versions of TLSv1.3. Eventually it should only adversize
|
# draft versions of TLSv1.3. Eventually it should only advertise
|
||||||
# support for the final version (0304).
|
# support for the final version (0304).
|
||||||
if [[ "$KEY_SHARE_EXTN_NR" == 33 ]]; then
|
if [[ "$KEY_SHARE_EXTN_NR" == 33 ]]; then
|
||||||
extension_supported_versions+=", 03, 04, 7f, 1c, 7f, 1b, 7f, 1a, 7f, 19, 7f, 18, 7f, 17"
|
extension_supported_versions+=", 03, 04, 7f, 1c, 7f, 1b, 7f, 1a, 7f, 19, 7f, 18, 7f, 17"
|
||||||
@ -15780,7 +15780,7 @@ run_ccs_injection(){
|
|||||||
tm_out "\nsending payload #1 with TLS version $tls_hexcode: "
|
tm_out "\nsending payload #1 with TLS version $tls_hexcode: "
|
||||||
fi
|
fi
|
||||||
rm "$SOCK_REPLY_FILE"
|
rm "$SOCK_REPLY_FILE"
|
||||||
# ... and then send the a change cipher spec message
|
# ... and then send the change cipher spec message
|
||||||
socksend "$ccs_message" 1 || ok_ids
|
socksend "$ccs_message" 1 || ok_ids
|
||||||
sockread_serverhello 4096 $CCS_MAX_WAITSOCK
|
sockread_serverhello 4096 $CCS_MAX_WAITSOCK
|
||||||
if [[ $DEBUG -ge 3 ]]; then
|
if [[ $DEBUG -ge 3 ]]; then
|
||||||
@ -15826,7 +15826,7 @@ run_ccs_injection(){
|
|||||||
elif [[ "${tls_hello_ascii:0:4}" == "1503" ]]; then
|
elif [[ "${tls_hello_ascii:0:4}" == "1503" ]]; then
|
||||||
if [[ ! "${tls_hello_ascii:5:2}" =~ [03|02|01|00] ]]; then
|
if [[ ! "${tls_hello_ascii:5:2}" =~ [03|02|01|00] ]]; then
|
||||||
pr_warning "test failed "
|
pr_warning "test failed "
|
||||||
out "no proper TLS repy (debug info: protocol sent: 1503${tls_hexcode#x03, x}, reply: ${tls_hello_ascii:0:14}"
|
out "no proper TLS reply (debug info: protocol sent: 1503${tls_hexcode#x03, x}, reply: ${tls_hello_ascii:0:14}"
|
||||||
fileout "$jsonID" "DEBUG" "test failed, around line $LINENO, debug info (${tls_hello_ascii:0:14})" "$cve" "$cwe" "$hint"
|
fileout "$jsonID" "DEBUG" "test failed, around line $LINENO, debug info (${tls_hello_ascii:0:14})" "$cve" "$cwe" "$hint"
|
||||||
ret=1
|
ret=1
|
||||||
elif [[ "$byte6" == "15" ]]; then
|
elif [[ "$byte6" == "15" ]]; then
|
||||||
@ -15897,7 +15897,7 @@ run_ticketbleed() {
|
|||||||
local tls_hexcode tls_proto=""
|
local tls_hexcode tls_proto=""
|
||||||
local session_tckt_tls=""
|
local session_tckt_tls=""
|
||||||
local -i len_ch=300 # fixed len of prepared clienthello below
|
local -i len_ch=300 # fixed len of prepared clienthello below
|
||||||
local sid="x00,x0B,xAD,xC0,xDE,x00," # some abitratry bytes
|
local sid="x00,x0B,xAD,xC0,xDE,x00," # some arbitrary bytes
|
||||||
local len_sid="$(( ${#sid} / 4))"
|
local len_sid="$(( ${#sid} / 4))"
|
||||||
local xlen_sid="$(dec02hex $len_sid)"
|
local xlen_sid="$(dec02hex $len_sid)"
|
||||||
local -i len_tckt_tls=0 nr_sid_detected=0
|
local -i len_tckt_tls=0 nr_sid_detected=0
|
||||||
@ -16907,7 +16907,7 @@ run_tls_fallback_scsv() {
|
|||||||
# support SSLv3 and it is known that SSLv3 is the fallback protocol ($low_proto), then
|
# support SSLv3 and it is known that SSLv3 is the fallback protocol ($low_proto), then
|
||||||
# the test cannot be performed. Similarly, if SSLv3 could be the fallback protocol, but
|
# the test cannot be performed. Similarly, if SSLv3 could be the fallback protocol, but
|
||||||
# support for SSLv3 is unknown, then the test cannot be performed.
|
# support for SSLv3 is unknown, then the test cannot be performed.
|
||||||
# NOTE: This check assumes that any server that suppports SSLv3 and either TLS 1.2 or
|
# NOTE: This check assumes that any server that supports SSLv3 and either TLS 1.2 or
|
||||||
# TLS 1.1 would also support TLS 1. So, if $high_proto is not TLS 1, then it is assumed
|
# TLS 1.1 would also support TLS 1. So, if $high_proto is not TLS 1, then it is assumed
|
||||||
# that either (1) $low_proto has already been set (to TLS1.1 or TLS 1) or (2) no protocol
|
# that either (1) $low_proto has already been set (to TLS1.1 or TLS 1) or (2) no protocol
|
||||||
# lower than $high_proto is offered.
|
# lower than $high_proto is offered.
|
||||||
@ -17140,7 +17140,7 @@ get_common_prime() {
|
|||||||
return 1
|
return 1
|
||||||
else
|
else
|
||||||
dh_p="$(toupper "$dh_p")"
|
dh_p="$(toupper "$dh_p")"
|
||||||
# In the previous line of the match is bascially the hint we want to echo
|
# In the previous line of the match is basically the hint we want to echo
|
||||||
# the most elegant thing to get the previous line [ awk '/regex/ { print x }; { x=$0 }' ] doesn't work with gawk
|
# the most elegant thing to get the previous line [ awk '/regex/ { print x }; { x=$0 }' ] doesn't work with gawk
|
||||||
lineno_matched=$(grep -n "$dh_p" "$common_primes_file" 2>/dev/null | awk -F':' '{ print $1 }')
|
lineno_matched=$(grep -n "$dh_p" "$common_primes_file" 2>/dev/null | awk -F':' '{ print $1 }')
|
||||||
if [[ "$lineno_matched" -ne 0 ]]; then
|
if [[ "$lineno_matched" -ne 0 ]]; then
|
||||||
@ -17408,7 +17408,7 @@ run_drown() {
|
|||||||
if [[ $(has_server_protocol ssl2) -ne 1 ]]; then
|
if [[ $(has_server_protocol ssl2) -ne 1 ]]; then
|
||||||
sslv2_sockets
|
sslv2_sockets
|
||||||
else
|
else
|
||||||
[[ aaa == bbb ]] # provoke retrurn code=1
|
[[ aaa == bbb ]] # provoke return code=1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
case $? in
|
case $? in
|
||||||
@ -17854,7 +17854,7 @@ run_winshock() {
|
|||||||
done
|
done
|
||||||
fi
|
fi
|
||||||
#FIXME: The catch is that when a user didn't invoke run_fs() before, this wasn't processed + CURVES_OFFERED
|
#FIXME: The catch is that when a user didn't invoke run_fs() before, this wasn't processed + CURVES_OFFERED
|
||||||
# is empty. So we could call it like above but need to move curves detection into a seperate function
|
# is empty. So we could call it like above but need to move curves detection into a separate function
|
||||||
# (~ sub_check_curves) which is some work. But also for the sake of clean code this needs to be done.
|
# (~ sub_check_curves) which is some work. But also for the sake of clean code this needs to be done.
|
||||||
|
|
||||||
|
|
||||||
@ -17875,7 +17875,7 @@ run_winshock() {
|
|||||||
if [[ -n "$TLS_EXTENSIONS" ]]; then
|
if [[ -n "$TLS_EXTENSIONS" ]]; then
|
||||||
# Check whether there are any TLS extension which should not be available under <= Windows 2012 R2
|
# Check whether there are any TLS extension which should not be available under <= Windows 2012 R2
|
||||||
for tls_ext in $TLS_EXTENSIONS; do
|
for tls_ext in $TLS_EXTENSIONS; do
|
||||||
# We use the whole array, got to be careful when the array becomes bigger (unintented match)
|
# We use the whole array, got to be careful when the array becomes bigger (unintended match)
|
||||||
if [[ ${forbidden_tls_ext[@]} =~ $tls_ext ]]; then
|
if [[ ${forbidden_tls_ext[@]} =~ $tls_ext ]]; then
|
||||||
pr_svrty_best "not vulnerable (OK)"; outln " - TLS extension $tls_ext detected"
|
pr_svrty_best "not vulnerable (OK)"; outln " - TLS extension $tls_ext detected"
|
||||||
fileout "$jsonID" "OK" "not vulnerable - TLS extension $tls_ext detected" "$cve" "$cwe"
|
fileout "$jsonID" "OK" "not vulnerable - TLS extension $tls_ext detected" "$cve" "$cwe"
|
||||||
@ -19233,7 +19233,7 @@ find_openssl_binary() {
|
|||||||
|
|
||||||
$OPENSSL ciphers -s 2>&1 | grep -aiq "unknown option" || OSSL_CIPHERS_S="-s"
|
$OPENSSL ciphers -s 2>&1 | grep -aiq "unknown option" || OSSL_CIPHERS_S="-s"
|
||||||
|
|
||||||
# This and all other occurences we do a little trick using "invalid." to avoid plain and
|
# This and all other occurrences we do a little trick using "invalid." to avoid plain and
|
||||||
# link level DNS lookups. See issue #1418 and https://tools.ietf.org/html/rfc6761#section-6.4
|
# link level DNS lookups. See issue #1418 and https://tools.ietf.org/html/rfc6761#section-6.4
|
||||||
$OPENSSL s_client -ssl2 -connect invalid. 2>&1 | grep -aiq "unknown option" || HAS_SSL2=true
|
$OPENSSL s_client -ssl2 -connect invalid. 2>&1 | grep -aiq "unknown option" || HAS_SSL2=true
|
||||||
$OPENSSL s_client -ssl3 -connect invalid. 2>&1 | grep -aiq "unknown option" || HAS_SSL3=true
|
$OPENSSL s_client -ssl3 -connect invalid. 2>&1 | grep -aiq "unknown option" || HAS_SSL3=true
|
||||||
@ -19406,7 +19406,7 @@ check_bsd_mount() {
|
|||||||
# This sets the PRINTF command for writing into TCP sockets. It is needed because
|
# This sets the PRINTF command for writing into TCP sockets. It is needed because
|
||||||
# The shell builtin printf flushes the write buffer at every \n, ("\x0a") which
|
# The shell builtin printf flushes the write buffer at every \n, ("\x0a") which
|
||||||
# in turn means a new TCP fragment. That causes a slight performance penalty and
|
# in turn means a new TCP fragment. That causes a slight performance penalty and
|
||||||
# and some F5s to hiccup, see #1113. Unfortunately this can be used only with GNU's
|
# some F5s to hiccup, see #1113. Unfortunately this can be used only with GNU's
|
||||||
# and OpenBSD's /usr/bin/printf -- FreeBSD + OS X can't do this. Thus here we need
|
# and OpenBSD's /usr/bin/printf -- FreeBSD + OS X can't do this. Thus here we need
|
||||||
# to pipe through dd or cat, see socksend() and socksend_clienthello(). An empty
|
# to pipe through dd or cat, see socksend() and socksend_clienthello(). An empty
|
||||||
# $PRINTF signals the bash internal printf which then uses cat as a stdout buffer.
|
# $PRINTF signals the bash internal printf which then uses cat as a stdout buffer.
|
||||||
@ -20147,7 +20147,7 @@ get_a_record() {
|
|||||||
return 0
|
return 0
|
||||||
fi
|
fi
|
||||||
if is_ipv4addr "$1"; then
|
if is_ipv4addr "$1"; then
|
||||||
# This saves walking through this. Also it avoids hangs e.g. if you run docker locally without reachabale DNS
|
# This saves walking through this. Also it avoids hangs e.g. if you run docker locally without reachable DNS
|
||||||
echo $1
|
echo $1
|
||||||
return 0
|
return 0
|
||||||
fi
|
fi
|
||||||
@ -20188,7 +20188,7 @@ get_aaaa_record() {
|
|||||||
[[ "$NODNS" == none ]] && return 0 # if no DNS lookup was instructed, leave here
|
[[ "$NODNS" == none ]] && return 0 # if no DNS lookup was instructed, leave here
|
||||||
OPENSSL_CONF="" # see https://github.com/drwetter/testssl.sh/issues/134
|
OPENSSL_CONF="" # see https://github.com/drwetter/testssl.sh/issues/134
|
||||||
if is_ipv6addr "$1"; then
|
if is_ipv6addr "$1"; then
|
||||||
# This saves walking through this. Also it avoids hangs e.g. if you run docker locally without reachabale DNS
|
# This saves walking through this. Also it avoids hangs e.g. if you run docker locally without reachable DNS
|
||||||
echo "$1"
|
echo "$1"
|
||||||
return 0
|
return 0
|
||||||
elif is_ipv4addr "$1"; then
|
elif is_ipv4addr "$1"; then
|
||||||
@ -20884,7 +20884,7 @@ determine_optimal_proto() {
|
|||||||
MAX_OSSL_FAIL=10
|
MAX_OSSL_FAIL=10
|
||||||
else
|
else
|
||||||
# dirty hack but an idea for the future to be implemented upfront: Now we know, we'll better off
|
# dirty hack but an idea for the future to be implemented upfront: Now we know, we'll better off
|
||||||
# with the OS supplied openssl binary. We need to inittialize variables / arrays again though.
|
# with the OS supplied openssl binary. We need to initialize variables / arrays again though.
|
||||||
# And the service detection can't be made up for now
|
# And the service detection can't be made up for now
|
||||||
outln ", \n proceeding with /usr/bin/openssl"
|
outln ", \n proceeding with /usr/bin/openssl"
|
||||||
OPENSSL=/usr/bin/openssl
|
OPENSSL=/usr/bin/openssl
|
||||||
@ -21064,12 +21064,12 @@ determine_sizelimitbug() {
|
|||||||
local overflow_cipher='C0,86'
|
local overflow_cipher='C0,86'
|
||||||
local -i nr_ciphers
|
local -i nr_ciphers
|
||||||
|
|
||||||
# For STARTTLS protcols not being implemented yet via sockets this is a bypass otherwise it won't be usable at all (e.g. LDAP)
|
# For STARTTLS protocols not being implemented yet via sockets this is a bypass otherwise it won't be usable at all (e.g. LDAP)
|
||||||
# Fixme: find out whether we can't skip this in general for STARTTLS
|
# Fixme: find out whether we can't skip this in general for STARTTLS
|
||||||
[[ "$STARTTLS" =~ ldap ]] && return 0
|
[[ "$STARTTLS" =~ ldap ]] && return 0
|
||||||
[[ "$STARTTLS" =~ irc ]] && return 0
|
[[ "$STARTTLS" =~ irc ]] && return 0
|
||||||
|
|
||||||
# Only with TLS 1.2 offered at the server side it is possible to hit this bug, in practise. Thus
|
# Only with TLS 1.2 offered at the server side it is possible to hit this bug, in practice. Thus
|
||||||
# we assume if TLS 1.2 is not supported, the server has no cipher size limit bug. It still may,
|
# we assume if TLS 1.2 is not supported, the server has no cipher size limit bug. It still may,
|
||||||
# theoretically, but in a regular check with testssl.sh we won't hit this limit with lower protocols.
|
# theoretically, but in a regular check with testssl.sh we won't hit this limit with lower protocols.
|
||||||
# Upon calling this function we already know whether TLS 1.2 is supported. If TLS 1.2 is supported, we
|
# Upon calling this function we already know whether TLS 1.2 is supported. If TLS 1.2 is supported, we
|
||||||
@ -21738,7 +21738,7 @@ run_rating() {
|
|||||||
|
|
||||||
[[ -n "$STARTTLS_PROTOCOL" ]] && set_grade_cap "T" "Encryption via STARTTLS is not mandatory (opportunistic)."
|
[[ -n "$STARTTLS_PROTOCOL" ]] && set_grade_cap "T" "Encryption via STARTTLS is not mandatory (opportunistic)."
|
||||||
|
|
||||||
# Sort the reasons. This is just nicer to read in genereal
|
# Sort the reasons. This is just nicer to read in general
|
||||||
IFS=$'\n' sorted_reasons=($(sort -ru <<<"${GRADE_CAP_REASONS[*]}"))
|
IFS=$'\n' sorted_reasons=($(sort -ru <<<"${GRADE_CAP_REASONS[*]}"))
|
||||||
IFS=$'\n' sorted_warnings=($(sort -u <<<"${GRADE_WARNINGS[*]}"))
|
IFS=$'\n' sorted_warnings=($(sort -u <<<"${GRADE_WARNINGS[*]}"))
|
||||||
IFS=$old_ifs
|
IFS=$old_ifs
|
||||||
@ -21781,7 +21781,7 @@ run_rating() {
|
|||||||
c1_best=0
|
c1_best=0
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# get worst score, by searching for the worst protcol, until a hit occurs
|
# get worst score, by searching for the worst protocol, until a hit occurs
|
||||||
if [[ $(has_server_protocol "ssl2") -eq 0 ]]; then
|
if [[ $(has_server_protocol "ssl2") -eq 0 ]]; then
|
||||||
c1_worst=0
|
c1_worst=0
|
||||||
elif [[ $(has_server_protocol "ssl3") -eq 0 ]]; then
|
elif [[ $(has_server_protocol "ssl3") -eq 0 ]]; then
|
||||||
|
@ -8,7 +8,7 @@ $OPENSSL version -a || exit 1
|
|||||||
FILE=tmp.json
|
FILE=tmp.json
|
||||||
|
|
||||||
remove_quotes() {
|
remove_quotes() {
|
||||||
sed -i 's/"//g' $FILE
|
sed -i 's/"//g' "$FILE"
|
||||||
}
|
}
|
||||||
|
|
||||||
# arg1: id_value
|
# arg1: id_value
|
||||||
@ -27,7 +27,7 @@ check_result() {
|
|||||||
local finding_value=""
|
local finding_value=""
|
||||||
|
|
||||||
remove_quotes
|
remove_quotes
|
||||||
json_result="$(awk '/id.*'"${1}"'/,/finding.*$/' $FILE)"
|
json_result="$(awk '/id.*'"${1}"'/,/finding.*$/' "$FILE")"
|
||||||
[[ -z $json_result ]] && exit 1
|
[[ -z $json_result ]] && exit 1
|
||||||
# is4lines?
|
# is4lines?
|
||||||
finding_value="$(awk -F':' '/finding/ { print $2" "$3" "$4 }' <<< "$json_result")"
|
finding_value="$(awk -F':' '/finding/ { print $2" "$3" "$4 }' <<< "$json_result")"
|
||||||
@ -50,9 +50,9 @@ echo
|
|||||||
### 1) test protocol SSlv2:
|
### 1) test protocol SSlv2:
|
||||||
$OPENSSL s_server -www -ssl2 -key /tmp/server.pem -cert /tmp/server.crt &>/dev/null &
|
$OPENSSL s_server -www -ssl2 -key /tmp/server.pem -cert /tmp/server.crt &>/dev/null &
|
||||||
pid=$!
|
pid=$!
|
||||||
rm $FILE 2>/dev/null
|
rm "$FILE" 2>/dev/null
|
||||||
echo "Running testssl.sh SSLv2 protocol check against localhost for SSLv2: "
|
echo "Running testssl.sh SSLv2 protocol check against localhost for SSLv2: "
|
||||||
./testssl.sh -p -q --warnings=off --jsonfile=$FILE localhost:4433
|
./testssl.sh -p -q --warnings=off --jsonfile="$FILE" localhost:4433
|
||||||
check_result SSLv2 CRITICAL "vulnerable with 9 ciphers"
|
check_result SSLv2 CRITICAL "vulnerable with 9 ciphers"
|
||||||
[[ $? -eq 0 ]] && echo "SSLv2: PASSED" || echo "FAILED"
|
[[ $? -eq 0 ]] && echo "SSLv2: PASSED" || echo "FAILED"
|
||||||
echo
|
echo
|
||||||
@ -62,9 +62,9 @@ wait $pid 2>/dev/null
|
|||||||
### 2) test NPN + ALPN
|
### 2) test NPN + ALPN
|
||||||
$OPENSSL s_server -cipher 'ALL:COMPLEMENTOFALL' -alpn "h2" -nextprotoneg "spdy/3, http/1.1" -www -key /tmp/server.pem -cert /tmp/server.crt &>/dev/null &
|
$OPENSSL s_server -cipher 'ALL:COMPLEMENTOFALL' -alpn "h2" -nextprotoneg "spdy/3, http/1.1" -www -key /tmp/server.pem -cert /tmp/server.crt &>/dev/null &
|
||||||
pid=$!
|
pid=$!
|
||||||
rm $FILE
|
rm "$FILE"
|
||||||
echo "Running testssl.sh HTTP/2 protocol checks against localhost: "
|
echo "Running testssl.sh HTTP/2 protocol checks against localhost: "
|
||||||
./testssl.sh -q --jsonfile=$FILE --protocols localhost:4433
|
./testssl.sh -q --jsonfile="$FILE" --protocols localhost:4433
|
||||||
if check_result NPN "spdy/3, http/1.1"; then
|
if check_result NPN "spdy/3, http/1.1"; then
|
||||||
echo "SPDY/NPN: PASSED"
|
echo "SPDY/NPN: PASSED"
|
||||||
else
|
else
|
||||||
@ -78,19 +78,19 @@ else
|
|||||||
fi
|
fi
|
||||||
kill -9 $pid
|
kill -9 $pid
|
||||||
wait $pid 2>/dev/null
|
wait $pid 2>/dev/null
|
||||||
rm $FILE
|
rm "$FILE"
|
||||||
|
|
||||||
### 3) test almost all other stuff
|
### 3) test almost all other stuff
|
||||||
$OPENSSL s_server -cipher 'ALL:COMPLEMENTOFALL' -www -key /tmp/server.pem -cert /tmp/server.crt &>/dev/null &
|
$OPENSSL s_server -cipher 'ALL:COMPLEMENTOFALL' -www -key /tmp/server.pem -cert /tmp/server.crt &>/dev/null &
|
||||||
pid=$!
|
pid=$!
|
||||||
rm $FILE
|
rm "$FILE"
|
||||||
echo "Running baseline check with testssl.sh against localhost"
|
echo "Running baseline check with testssl.sh against localhost"
|
||||||
./testssl.sh -q --jsonfile=$FILE localhost:4433
|
./testssl.sh -q --jsonfile="$FILE" localhost:4433
|
||||||
#check_result sslv2 CRITICAL "is offered"
|
#check_result sslv2 CRITICAL "is offered"
|
||||||
kill -9 $pid
|
kill -9 $pid
|
||||||
wait $pid 2>/dev/null
|
wait $pid 2>/dev/null
|
||||||
|
|
||||||
rm $FILE
|
rm "$FILE"
|
||||||
|
|
||||||
|
|
||||||
### test server defaults
|
### test server defaults
|
||||||
|
Loading…
Reference in New Issue
Block a user