From 29214c7a1fa2d8a968746b031a51e3e8d5346e93 Mon Sep 17 00:00:00 2001
From: Dirk <dirk@testssl.sh>
Date: Fri, 27 Feb 2015 21:21:39 +0100
Subject: [PATCH] - better detection for ssl poodle - change of shorticut from
 zero to letter o

---
 testssl.sh | 67 ++++++++++++++++++++++++++++++++----------------------
 1 file changed, 40 insertions(+), 27 deletions(-)

diff --git a/testssl.sh b/testssl.sh
index 2ea445d..43ffaca 100755
--- a/testssl.sh
+++ b/testssl.sh
@@ -367,24 +367,6 @@ runs_HTTP() {
 	return $ret
 }
 
-# Padding Oracle On Downgraded Legacy Encryption
-poodle() {
-	pr_bold " POODLE "; out "(CVE-2014-3566), experimental      "
-# w/o downgrade check as of now https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00 | TLS_FALLBACK_SCSV
-	$OPENSSL s_client -ssl3 $STARTTLS -connect $NODEIP:$PORT $SNI 2>$TMPFILE >/dev/null </dev/null
-	ret=$?
-	[ "$VERBERR" -eq 0 ] && cat $TMPFILE | egrep "error|failure" | egrep -v "unable to get local|verify error"
-	if [ $ret -eq 0 ]; then
-		pr_litered "VULNERABLE (NOT ok)"; out ", uses SSLv3 (no TLS_FALLBACK_SCSV mitigation tested)"
-	else
-		pr_green "not vulnerable (OK)"
-	fi
-	outln 
-
-	tmpfile_handle $FUNCNAME.txt
-	return $ret
-}
-
 #problems not handled: chunked
 http_header() {
 	[ -z "$1" ] && url="/" || url="$1"
@@ -907,7 +889,6 @@ runprotocols() {
 		7) ;;		# no local support
 	esac
 
-
 	testprotohelper "-tls1" " TLSv1     "
 	case $? in
 		0) ok 2 0 ;;   # no GCM, thus only normal print
@@ -2176,7 +2157,40 @@ crime() {
 	return $ret
 }
 
+# for appliance which use padding, no fallack needed
+tls_poodle() {
+	pr_bold " POODLE, SSL"; out " CVE-2014-8730), experimental "
+	#FIXME
+	echo "#FIXME"
+	return 7
+}
 
+
+# Padding Oracle On Downgraded Legacy Encryption, in a nutshell: don't use CBC Ciphers in SSLv3 
+ssl_poodle() {
+	local ret
+	local cbc_ciphers
+
+	pr_bold " POODLE, SSL"; out " (CVE-2014-3566), experimental "
+	cbc_ciphers=`$OPENSSL ciphers -v 'ALL:eNULL' | grep CBC | awk '{ print $1 }' | tr '\n' ':'`
+	debugme echo $cbc_ciphers
+	$OPENSSL s_client -ssl3 $STARTTLS -cipher $cbc_ciphers -connect $NODEIP:$PORT $SNI &>$TMPFILE </dev/null
+	ret=$?
+	[ "$VERBERR" -eq 0 ] && cat $TMPFILE | egrep "error|failure" | egrep -v "unable to get local|verify error"
+	if [ $ret -eq 0 ]; then
+		pr_litered "VULNERABLE (NOT ok)"; out ", uses SSLv3+CBC (no TLS_FALLBACK_SCSV mitigation tested)"
+	else
+		pr_green "not vulnerable (OK)"
+	fi
+	outln 
+
+	tmpfile_handle $FUNCNAME.txt
+	return $ret	
+}
+
+
+
+#in a nutshell: don't use CBC Ciphers in SSLv3 TLSv1.0
 # Browser Exploit Against SSL/TLS
 beast(){
 	shopt -s lastpipe		# otherwise it's more tricky to access variables in a while loop
@@ -2186,7 +2200,6 @@ beast(){
 	local higher_proto_supported=""
 	local -i ret=0
 	local spaces="                                           "
-	#in a nutshell: don't use CBC Ciphers in SSLv3 TLSv1.0
 	
 	pr_bold " BEAST"; out " (CVE-2011-3389)                     "
 
@@ -2327,7 +2340,7 @@ starttls() {
 #				ccs_injection  ; ret=`expr $? + $ret`
 				renego		; ret=`expr $? + $ret`
 				crime		; ret=`expr $? + $ret`
-				poodle		; ret=`expr $? + $ret`
+				ssl_poodle	; ret=`expr $? + $ret`
 				beast		; ret=`expr $? + $ret`
 
 				rc4			; ret=`expr $? + $ret`
@@ -2374,7 +2387,7 @@ $PRG <options> URI
     <-R|--renegotiation>                  tests only for renegotiation vulnerability
     <-C|--compression|--crime>            tests only for CRIME vulnerability
     <-T|--breach>                         tests only for BREACH vulnerability
-    <-0|--poodle>                         tests only for POODLE vulnerability
+    <-O|--poodle>                         tests only for POODLE vulnerability
     <-A|--beast>                          tests only for BEAST vulnerability
     <-s|--pfs|--fs|--nsa>                 checks (perfect) forward secrecy settings
     <-4|--rc4|--appelbaum>                which RC4 ciphers are being offered?
@@ -2794,11 +2807,11 @@ case "$1" in
 		fi
 		ret=`expr $? + $ret`
 		exit $ret ;;
-	-0|--poodle)
+	-O|--ssl_poodle|poodle)
 		maketempf
 		parse_hn_port "$2"
-		outln; pr_blue "--> Testing for POODLE (Padding Oracle On Downgraded Legacy Encryption) vulnerability"; outln "\n"
-		poodle
+		outln; pr_blue "--> Testing for POODLE (Padding Oracle On Downgraded Legacy Encryption) vulnerability, SSLv3"; outln "\n"
+		ssl_poodle
 		exit $? ;;
 	-4|--rc4|--appelbaum)
 		maketempf
@@ -2863,7 +2876,7 @@ case "$1" in
 		renego			; ret=`expr $? + $ret`
 		crime			; ret=`expr $? + $ret`
 		[[ $SERVICE == "HTTP" ]] && breach "$URL_PATH"	; ret=`expr $? + $ret`
-		poodle			; ret=`expr $? + $ret`
+		ssl_poodle		; ret=`expr $? + $ret`
 		beast			; ret=`expr $? + $ret`
 
 		rc4				; ret=`expr $? + $ret`
@@ -2871,6 +2884,6 @@ case "$1" in
 		exit $ret ;;
 esac
 
-#  $Id: testssl.sh,v 1.195 2015/02/23 09:40:09 dirkw Exp $ 
+#  $Id: testssl.sh,v 1.196 2015/02/27 20:21:37 dirkw Exp $ 
 # vim:ts=5:sw=5