Merge pull request #1113 from dcooper16/clienthello_length_bug
A ClientHello length intolerance bug
This commit is contained in:
commit
23df63ed74
63
testssl.sh
63
testssl.sh
|
@ -14472,12 +14472,12 @@ run_tls_truncation() {
|
|||
run_grease() {
|
||||
local -i success
|
||||
local bug_found=false
|
||||
local normal_hello_ok=false
|
||||
local normal_hello_ok=false clienthello_size_bug=false
|
||||
local cipher_list proto selected_cipher selected_cipher_hex="" extn rnd_bytes
|
||||
local alpn_proto alpn alpn_list_len_hex extn_len_hex
|
||||
local selected_alpn_protocol grease_selected_alpn_protocol
|
||||
local ciph list temp curve_found
|
||||
local -i i j rnd alpn_list_len extn_len debug_level=""
|
||||
local -i i j rnd alpn_list_len extn_len base_len clienthello_len debug_level=""
|
||||
local -i ret=0
|
||||
# Note: The following values were taken from https://datatracker.ietf.org/doc/draft-ietf-tls-grease.
|
||||
# These arrays may need to be updated if the values change in the final version of this document.
|
||||
|
@ -14678,9 +14678,68 @@ run_grease() {
|
|||
prln_svrty_medium " Server fails if ClientHello is between 256 and 511 bytes in length."
|
||||
fileout "$jsonID" "CRITICAL" "Server fails if ClientHello is between 256 and 511 bytes in length."
|
||||
bug_found=true
|
||||
clienthello_size_bug=true
|
||||
fi
|
||||
fi
|
||||
|
||||
# Some servers fail if the length of the ClientHello is 522, 778, 1034, 1290, ... bytes.
|
||||
# A few servers also fail if the length is 526, 782, 1038, 1294, ... bytes.
|
||||
# So, send a number of ClientHello messages of extactly these lengths to see whether
|
||||
# the connection fails.
|
||||
if "$normal_hello_ok" && [[ "$proto" != "00" ]] && [[ ${#SNI} -le 92 ]]; then
|
||||
if [[ "$proto" == "03" ]]; then
|
||||
if [[ -z "$SNI" ]]; then
|
||||
base_len=426
|
||||
else
|
||||
base_len=423+${#SNI}
|
||||
fi
|
||||
else
|
||||
if [[ -z "$SNI" ]]; then
|
||||
base_len=294
|
||||
else
|
||||
base_len=291+${#SNI}
|
||||
fi
|
||||
fi
|
||||
for clienthello_len in 266 522 526 778 782 1034 1290 1546 1802 2058; do
|
||||
if [[ $clienthello_len -eq 266 ]]; then
|
||||
# If the server cannot handle ClientHello message lengths between
|
||||
# 256 and 511, there is no need to test a ClientHello message of
|
||||
# length 266.
|
||||
"$clienthello_size_bug" && continue
|
||||
# In order to create a message of length 266, need to send a message
|
||||
# with fewer cipher suites, so the "true" base length of the messsage
|
||||
# will be shorter.
|
||||
extn_len=$((clienthello_len+250-base_len))
|
||||
else
|
||||
extn_len=$((clienthello_len-base_len))
|
||||
fi
|
||||
extn=""
|
||||
for (( i=0; i < extn_len; i++ )); do
|
||||
extn+=",00"
|
||||
done
|
||||
extn_len_hex=$(printf "%04x" $extn_len)
|
||||
debugme echo -e "\nSending ClientHello with length $clienthello_len bytes"
|
||||
if [[ $clienthello_len -eq 266 ]]; then
|
||||
# Some extensions are only included if the ClientHello includes a TLS_ECDHE cipher suite.
|
||||
# So, add one (either c0,01 or c0,02 in order to ensure that the message length will
|
||||
# be correct.
|
||||
if [[ "$selected_cipher_hex" == "C0,01" ]]; then
|
||||
tls_sockets "$proto" "$selected_cipher_hex, c0,02, 00,ff" "" "00,15,${extn_len_hex:0:2},${extn_len_hex:2:2}${extn}"
|
||||
else
|
||||
tls_sockets "$proto" "$selected_cipher_hex, c0,01, 00,ff" "" "00,15,${extn_len_hex:0:2},${extn_len_hex:2:2}${extn}"
|
||||
fi
|
||||
else
|
||||
tls_sockets "$proto" "$cipher_list" "" "00,15,${extn_len_hex:0:2},${extn_len_hex:2:2}${extn}"
|
||||
fi
|
||||
success=$?
|
||||
if [[ $success -ne 0 ]] && [[ $success -ne 2 ]]; then
|
||||
prln_svrty_medium " Server fails if ClientHello is $clienthello_len bytes in length."
|
||||
fileout "$jsonID" "CRITICAL" "Server fails if ClientHello is $clienthello_len bytes in length."
|
||||
bug_found=true
|
||||
fi
|
||||
done
|
||||
fi
|
||||
|
||||
# Check that server ignores unrecognized cipher suite values
|
||||
# see https://datatracker.ietf.org/doc/draft-ietf-tls-grease
|
||||
if "$normal_hello_ok"; then
|
||||
|
|
Loading…
Reference in New Issue