Merge pull request #1216 from dcooper16/add_determine_optimal_sockets_params

Add determine_optimal_sockets_params()
This commit is contained in:
Dirk Wetter 2019-09-24 08:46:49 +02:00 committed by GitHub
commit 613e1d0133
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 119 additions and 27 deletions

View File

@ -8,7 +8,7 @@ readonly TLS13_CIPHER="
13,01, 13,02, 13,03, 13,04, 13,05"
# 123 standard cipher + 4x GOST for TLS 1.2 and SPDY/NPN HTTP2/ALPN
readonly TLS12_CIPHER="
declare TLS12_CIPHER="
c0,30, c0,2c, c0,28, c0,24, c0,14, c0,0a, 00,9f, 00,6b,
00,39, 00,9d, 00,3d, 00,35, c0,2f, c0,2b, c0,27, c0,23,
c0,13, c0,09, 00,9e, 00,67, 00,33, 00,9c, 00,3c, 00,2f,

View File

@ -378,6 +378,7 @@ STARTTLS_PROTOCOL=""
OPTIMAL_PROTO="" # Need this for IIS6 (sigh) + OpenSSL 1.0.2, otherwise some handshakes will fail see
# https://github.com/PeterMosmans/openssl/issues/19#issuecomment-100897892
STARTTLS_OPTIMAL_PROTO="" # Same for STARTTLS, see https://github.com/drwetter/testssl.sh/issues/188
OPTIMAL_SOCKETS_PROTO="" # Same for tls_sockets(). -- not yet used
TLS_TIME="" # To keep the value of TLS server timestamp
TLS_NOW="" # Similar
TLS_DIFFTIME_SET=false # Tells TLS functions to measure the TLS difftime or not
@ -5178,11 +5179,6 @@ run_protocols() {
if "$using_sockets"; then
tls_sockets "03" "$TLS12_CIPHER"
ret_val_tls12=$?
if [[ $ret_val_tls12 -ne 0 ]]; then
tls_sockets "03" "$TLS12_CIPHER_2ND_TRY"
[[ $? -eq 0 ]] && ret_val_tls12=0
# see #807 and #806
fi
tls12_detected_version="$DETECTED_TLS_VERSION"
# Need to ensure that at most 128 ciphers are included in ClientHello.
# If the TLSv1.2 test was successful, then use the 5 TLSv1.3 ciphers
@ -15841,7 +15837,6 @@ run_grease() {
for (( i=0; i < 5; i++ )); do
case $i in
0) proto="03" ; cipher_list="$TLS12_CIPHER" ;;
1) proto="03" ; cipher_list="$TLS12_CIPHER_2ND_TRY" ;;
2) proto="02" ; cipher_list="$TLS_CIPHER" ;;
3) proto="01" ; cipher_list="$TLS_CIPHER" ;;
4) proto="00" ; cipher_list="$TLS_CIPHER" ;;
@ -17740,6 +17735,121 @@ sclient_auth() {
return 1
}
# Determine the best parameters to use with tls_sockets():
# For TLSv1.3, determine what extension number to use for the key_share extension.
# For TLSv1.2, determine what cipher list to send, since there are more than 128
# TLSv1.2 ciphers and some servers fail if the ClientHello contains too many ciphers.
# If both TLSv1.3 and TLSv1.2 ClientHello messages result in failed connection attempts,
# then try to determine whether:
# (1) This is an SSLv2-only server
# (2) This server supports some protocol in SSLv3 - TLSv1.1, but cannot handle version negotiation.
# (3) This is not a TLS/SSL enabled server.
# This information can be used by determine_optimal_proto() to help distinguish between a server
# that is not TLS/SSL enabled and one that is not compatible with the version of OpenSSL being used.
determine_optimal_sockets_params() {
local -i ret1 ret2
local proto
local all_failed=true
# If a STARTTLS protocol is specified and $SSL_NATIVE is true, then skip this test, since
# $SSL_NATIVE may have been set to true as a result of tls_sockets() not supporting the STARTTLS
# protocol.
[[ -n "$STARTTLS_PROTOCOL" ]] && "$SSL_NATIVE" && return 0
# NOTE: The following code is only needed as long as draft versions of TLSv1.3 prior to draft 23
# are supported. It is used to determine whether a draft 23 or pre-draft 23 ClientHello should be
# sent.
KEY_SHARE_EXTN_NR="33"
tls_sockets "04" "$TLS13_CIPHER" "" "00, 2b, 00, 0f, 0e, 03,04, 7f,1c, 7f,1b, 7f,1a, 7f,19, 7f,18, 7f,17"
if [[ $? -eq 0 ]]; then
add_tls_offered tls1_3 yes
all_failed=false
else
KEY_SHARE_EXTN_NR="28"
tls_sockets "04" "$TLS13_CIPHER" "" "00, 2b, 00, 0b, 0a, 7f,16, 7f,15, 7f,14, 7f,13, 7f,12"
if [[ $? -eq 0 ]]; then
add_tls_offered tls1_3 yes
all_failed=false
else
add_tls_offered tls1_3 no
KEY_SHARE_EXTN_NR="33"
fi
fi
# Need to determine which set of ciphers is best to use with
# a TLSv1.2 ClientHello since there are far more than 128 ciphers
# that can be used.
tls_sockets "03" "$TLS12_CIPHER"
ret1=$?
if [[ $ret1 -eq 0 ]] || [[ $ret1 -eq 2 ]]; then
case $DETECTED_TLS_VERSION in
0303) add_tls_offered tls1_2 yes ;;
0302) add_tls_offered tls1_1 yes ;;
0301) add_tls_offered tls1 yes ;;
0300) add_tls_offered ssl3 yes ;;
esac
all_failed=false
fi
# Try again with a different, less common, set of cipher suites
# see #807 and #806. If using these cipher suites results in a
# successful connection, then change $TLS12_CIPHER to these
# cipher suites so that later tests will use this list of cipher
# suites.
if [[ $ret1 -ne 0 ]]; then
tls_sockets "03" "$TLS12_CIPHER_2ND_TRY"
ret2=$?
if [[ $ret2 -eq 0 ]]; then
add_tls_offered tls1_2 yes
TLS12_CIPHER="$TLS12_CIPHER_2ND_TRY"
all_failed=false
else
add_tls_offered tls1_2 no
fi
if [[ $ret2 -eq 2 ]]; then
case $DETECTED_TLS_VERSION in
0302) add_tls_offered tls1_1 yes ;;
0301) add_tls_offered tls1 yes ;;
0300) add_tls_offered ssl3 yes ;;
esac
[[ $ret1 -ne 2 ]] && TLS12_CIPHER="$TLS12_CIPHER_2ND_TRY"
all_failed=false
fi
fi
if "$all_failed"; then
# One of the following must be true:
# * This is not a TLS/SSL enabled server.
# * The server only supports SSLv2
# * The server does not handle version negotiation correctly.
for proto in 01 00 02; do
tls_sockets "$proto" "$TLS_CIPHER" "" "" "true"
ret1=$?
if [[ $ret1 -ne 0 ]]; then
case $proto in
02) add_tls_offered tls1_1 no ;;
01) add_tls_offered tls1 no ;;
00) add_tls_offered ssl3 no ;;
esac
fi
if [[ $ret1 -eq 0 ]] || [[ $ret1 -eq 2 ]]; then
case $DETECTED_TLS_VERSION in
0302) add_tls_offered tls1_1 yes ;;
0301) add_tls_offered tls1 yes ;;
0300) add_tls_offered ssl3 yes ;;
esac
OPTIMAL_SOCKETS_PROTO="$proto"
all_failed=false
break
fi
done
fi
if "$all_failed"; then
sslv2_sockets
[[ $? -eq 3 ]] && all_failed=false && add_tls_offered ssl2 yes
fi
return 0
}
# This is a helper function for determine_optimal_proto() below. It sets the
# the global STARTTLS_OPTIMAL_PROTO / OPTIMAL_PROTO accordingly and returns 1
@ -17912,26 +18022,6 @@ determine_optimal_proto() {
[[ $? -ne 0 ]] && exit $ERR_CLUELESS
fi
# NOTE: The following code is only needed as long as draft versions of TLSv1.3 prior to draft 23
# are supported. It is used to determine whether a draft 23 or pre-draft 23 ClientHello should be
# sent.
if [[ -z "$1" ]]; then
KEY_SHARE_EXTN_NR="33"
tls_sockets "04" "$TLS13_CIPHER" "" "00, 2b, 00, 0f, 0e, 03,04, 7f,1c, 7f,1b, 7f,1a, 7f,19, 7f,18, 7f,17"
if [[ $? -eq 0 ]]; then
add_tls_offered tls1_3 yes
else
KEY_SHARE_EXTN_NR="28"
tls_sockets "04" "$TLS13_CIPHER" "" "00, 2b, 00, 0b, 0a, 7f,16, 7f,15, 7f,14, 7f,13, 7f,12"
if [[ $? -eq 0 ]]; then
add_tls_offered tls1_3 yes
else
add_tls_offered tls1_3 no
KEY_SHARE_EXTN_NR="33"
fi
fi
fi
tmpfile_handle ${FUNCNAME[0]}.txt
return 0
}
@ -17961,6 +18051,7 @@ determine_service() {
outln
if [[ -z "$1" ]]; then
# no STARTTLS.
determine_optimal_sockets_params
determine_optimal_proto
$SNEAKY && \
ua="$UA_SNEAKY" || \
@ -18021,6 +18112,7 @@ determine_service() {
fatal "Your $OPENSSL does not support the \"-starttls nntp\" option" $ERR_OSSLBIN
fi
fi
determine_optimal_sockets_params
determine_optimal_proto "$1"
out " Service set:$CORRECT_SPACES STARTTLS via "