Try more ciphers

determine_optimal_sockets_params() makes two attempts to send a TLS 1.2 ClientHello, with each attempt trying 127 ciphers. However, this leaves 97 ciphers from etc/cipher-mapping.txt that are not tried, most of which use ARIA or CAMELLIA. This commit adds a third attempt a send a ClientHello that offers these 97 remaining ciphers. This helps to ensure that support for TLS 1.2 is detected and that later calls to tls_sockets() work, even if the server only supports the ARIA/CAMELLIA ciphers that are not included in TLS12_CIPHER or TLS12_CIPHER_2ND_TRY.

etc/tls_data.txt

@@ -45,6 +45,22 @@ c0,1c, c0,1b, c0,1a, c0,17, 00,1b, 00,93, 00,8b, 00,1f,
 c0,3b, c0,3a, c0,39, 00,b9, 00,b8, 00,b5, 00,b4, 00,2e,
 00,2d, 00,b1, 00,b0, 00,2c, 00,3b, 00,02, 00,01, 00,ff"
 
+# 97 less common ciphers for TLS 1.2 and SPDY/NPN HTTP2/ALPN
+readonly TLS12_CIPHER_3RD_TRY="
+c0,3d, c0,3f, c0,41, c0,43, c0,45, c0,47, c0,49, c0,4b,
+c0,4d, c0,4f, c0,51, c0,53, c0,55, c0,57, c0,59, c0,5b,
+c0,5d, c0,5f, c0,61, c0,63, c0,65, c0,67, c0,69, c0,6b,
+c0,6d, c0,6f, c0,71, c0,7b, c0,7d, c0,7f, c0,81, c0,83,
+c0,85, c0,87, c0,89, c0,8b, c0,8d, c0,8f, c0,91, c0,93,
+16,b7, 16,b8, 16,b9, 16,ba, c0,3c, c0,3e, c0,40, c0,42,
+c0,44, c0,46, c0,48, c0,4a, c0,4c, c0,4e, c0,50, c0,52,
+c0,54, c0,56, c0,58, c0,5a, c0,5c, c0,5e, c0,60, c0,62,
+c0,64, c0,66, c0,68, c0,6a, c0,6c, c0,6e, c0,70, c0,7a,
+c0,7c, c0,7e, c0,80, c0,82, c0,84, c0,86, c0,88, c0,8a,
+c0,8c, c0,8e, c0,90, c0,92, fe,ff, ff,e0, 00,1e, 00,22,
+fe,fe, ff,e1, 00,27, 00,26, 00,2a, 00,29, 00,28, 00,2b,
+ff,87, 00,ff"
+
 # 76 standard cipher + 4x GOST for SSLv3, TLS 1, TLS 1.1
 readonly TLS_CIPHER="
 c0,14, c0,0a, c0,22, c0,21, c0,20, 00,39, 00,38, 00,37,

testssl.sh

@@ -21090,7 +21090,7 @@ sclient_auth() {
 # This information can be used by determine_optimal_proto() to help distinguish between a server
 # that is not TLS/SSL enabled and one that is not compatible with the version of OpenSSL being used.
 determine_optimal_sockets_params() {
-     local -i ret1=1 ret2=1
+     local -i ret1=1 ret2=1 ret3=1
      local i proto cipher_offered
      local all_failed=true
 
@@ -21159,8 +21159,6 @@ determine_optimal_sockets_params() {
                add_proto_offered tls1_2 yes
                TLS12_CIPHER="$TLS12_CIPHER_2ND_TRY"
                all_failed=false
-          else
-               add_proto_offered tls1_2 no
           fi
           if [[ $ret2 -eq 2 ]]; then
                case $DETECTED_TLS_VERSION in
@@ -21172,7 +21170,32 @@ determine_optimal_sockets_params() {
                all_failed=false
           fi
      fi
-     if [[ $ret1 -eq 0 ]] || [[ $ret2 -eq 0 ]]; then
+     # Try a third time with cipher suites not in $TLS12_CIPHER or
+     # $TLS12_CIPHER_2ND_TRY. If using these cipher suites results in a
+     # successful connection, then change $TLS12_CIPHER to these
+     # cipher suites so that later tests will use this list of cipher
+     # suites.
+     if [[ $ret1 -ne 0 ]] && [[ $ret2 -ne 0 ]]; then
+          tls_sockets "03" "$TLS12_CIPHER_3RD_TRY"
+          ret3=$?
+          if [[ $ret3 -eq 0 ]]; then
+               add_proto_offered tls1_2 yes
+               TLS12_CIPHER="$TLS12_CIPHER_3RD_TRY"
+               all_failed=false
+          else
+               add_proto_offered tls1_2 no
+          fi
+          if [[ $ret3 -eq 2 ]]; then
+               case $DETECTED_TLS_VERSION in
+                    0302)  add_proto_offered tls1_1 yes ;;
+                    0301)  add_proto_offered tls1 yes ;;
+                    0300)  add_proto_offered ssl3 yes ;;
+               esac
+               [[ $ret1 -ne 2 ]] && [[ $ret2 -ne 2 ]] && TLS12_CIPHER="$TLS12_CIPHER_3RD_TRY"
+               all_failed=false
+          fi
+     fi
+     if [[ $ret1 -eq 0 ]] || [[ $ret2 -eq 0 ]] || [[ $ret3 -eq 0 ]]; then
           cipher_offered="$(get_cipher "$TEMPDIR/$NODEIP.parse_tls_serverhello.txt")"
           if [[ "$cipher_offered" == TLS_* ]] || [[ "$cipher_offered" == SSL_* ]]; then
                cipher_offered="$(rfc2hexcode "$cipher_offered")"