Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-01-01 06:19:44 +01:00
Code Issues Packages Projects Releases Wiki Activity

Remove test of version tolerance

Browse Source 
PR #346 added a test for version tolerance to `run_protocols()`, but I think it may now be more appropriate to remove that test. Draft -16 of TLS 1.3, which was posted on September 22, changed the way that version negotiation is handled for TLS 1.3 and above. The current version tolerance test sends a ClientHello with the version field set to "03, 05", to represent a TLS 1.4 ClientHello. While this was consistent with RFC 5246 and with drafts of TLS 1.3 up to -15, draft -16 changed the version field to `legacy_version` and declared that its value should be "03, 03" for TLS 1.2 and above. (For TLS 1.3 and above a Supported Versions extension is included to inform the server which versions of TLS the client supports.) The change in draft -16 was made as a result of the problems with servers not handling version negotiation correctly.

Since the current draft suggests that a server should never be presented with a ClientHello with a version higher than "03, 03" (even for clients that support TLS versions higher than 1.2), it seems there is no reason to include the version tolerance test anymore.

For servers that do not support TLS 1.2, the additional checks that were added by PR #346 will already detect if the server cannot perform version negotiation correctly.
This commit is contained in:
David Cooper 2016-10-11 11:01:04 -04:00 committed by GitHub
parent d59c581700
commit 3c55eec654
1 changed files with 7 additions and 59 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

66
testssl.sh
View File

@ -2964,7 +2964,6 @@ run_protocols() {
local latest_supported="" # version.major and version.minor of highest version supported by the server.
local detected_version_string latest_supported_string
local lines nr_ciphers_detected
local extra_spaces=" "
outln; pr_headline " Testing protocols "
@ -2986,7 +2985,7 @@ run_protocols() {
fi
outln
pr_bold " SSLv2 $extra_spaces";
pr_bold " SSLv2 ";
if ! "$SSL_NATIVE"; then
sslv2_sockets
case $? in
@ -3045,7 +3044,7 @@ run_protocols() {
esac
fi
pr_bold " SSLv3 $extra_spaces";
pr_bold " SSLv3 ";
if "$using_sockets"; then
tls_sockets "00" "$TLS_CIPHER"
else
@ -3084,7 +3083,7 @@ run_protocols() {
;; # no local support
esac
pr_bold " TLS 1 $extra_spaces";
pr_bold " TLS 1 ";
if "$using_sockets"; then
tls_sockets "01" "$TLS_CIPHER"
else
@ -3133,7 +3132,7 @@ run_protocols() {
;; # no local support
esac
pr_bold " TLS 1.1 $extra_spaces";
pr_bold " TLS 1.1 ";
if "$using_sockets"; then
tls_sockets "02" "$TLS_CIPHER"
else
@ -3185,7 +3184,7 @@ run_protocols() {
;; # no local support
esac
pr_bold " TLS 1.2 $extra_spaces";
pr_bold " TLS 1.2 ";
if "$using_sockets" && "$EXPERIMENTAL"; then #TODO: IIS servers do have a problem here with our handshake
tls_sockets "03" "$TLS12_CIPHER"
else
@ -3239,55 +3238,6 @@ run_protocols() {
fileout "tls1_2" "INFO" "TLSv1.2 is not tested due to lack of local support"
;; # no local support
esac
# Testing version negotiation. RFC 5246, Appendix E.1, states:
#
# If a TLS server receives a ClientHello containing a version number
# greater than the highest version supported by the server, it MUST
# reply according to the highest version supported by the server.
if [[ -n $latest_supported ]] && "$using_sockets"; then
pr_bold " Version tolerance "
tls_sockets "05" "$TLS12_CIPHER"
case $? in
0)
pr_svrty_criticalln "server claims support for non-existent TLSv1.4"
fileout "TLS Version Negotiation" "NOT ok" "Server claims support for non-existent TLSv1.4 (NOT ok)"
;;
1)
pr_svrty_criticalln "version negotiation did not work -- connection failed rather than downgrading to $latest_supported_string (NOT ok)"
fileout "TLS Version Negotiation" "NOT ok" "Version negotiation did not work -- connection failed rather than downgrading to $latest_supported_string (NOT ok)"
;;
2)
case $DETECTED_TLS_VERSION in
0304)
pr_svrty_criticalln "server claims support for TLSv1.3, which is still a working draft (NOT ok)"
fileout "TLS Version Negotiation" "NOT ok" "Server claims support for TLSv1.3, which is still a working draft (NOT ok)"
;;
0303|0302|0301|0300)
if [[ "$DETECTED_TLS_VERSION" == "0300" ]]; then
detected_version_string="SSLv3"
else
detected_version_string="TLSv1.$((0x$DETECTED_TLS_VERSION-0x0301))"
fi
if [[ 0x$DETECTED_TLS_VERSION -lt 0x$latest_supported ]]; then
pr_svrty_criticalln "server supports $latest_supported_string, but downgraded to $detected_version_string (NOT ok)"
fileout "TLS Version Negotiation" "NOT ok" "Downgraded to $detected_version_string rather than $latest_supported_string (NOT ok)"
else
pr_done_bestln "downgraded to $detected_version_string (OK)"
fileout "TLS Version Negotiation" "OK" "Downgraded to $detected_version_string"
fi
;;
*)
pr_svrty_criticalln "server responded with version number ${DETECTED_TLS_VERSION:0:2}.${DETECTED_TLS_VERSION:2:2} (NOT ok)"
fileout "TLS Version Negotiation" "NOT ok" "TLSv1.4: server responded with version number ${DETECTED_TLS_VERSION:0:2}.${DETECTED_TLS_VERSION:2:2} (NOT ok)"
;;
esac ;;
5)
pr_svrty_criticalln "server claims support for non-existent TLSv1.4 (NOT ok)"
fileout "TLS Version Negotiation" "NOT ok" "Server claims support for non-existent TLSv1.4 (NOT ok)"
;;
esac
fi
return 0
}
@ -5172,9 +5122,8 @@ http2_pre(){
run_spdy() {
local tmpstr
local -i ret=0
local extra_spaces=" "
pr_bold " SPDY/NPN $extra_spaces"
pr_bold " SPDY/NPN "
if ! spdy_pre ; then
outln
return 0
@ -5211,9 +5160,8 @@ run_http2() {
local -i ret=0
local had_alpn_proto=false
local alpn_finding=""
local extra_spaces=" "
pr_bold " HTTP2/ALPN $extra_spaces"
pr_bold " HTTP2/ALPN "
if ! http2_pre ; then
outln
return 0