diff --git a/testssl.sh b/testssl.sh index 6fcff9e..987522d 100755 --- a/testssl.sh +++ b/testssl.sh @@ -472,15 +472,15 @@ pr_grey() { tm_grey "$1"; [[ "$COLOR" -ne 0 ]] && html_out "$(html_reserved "$1")" || html_out "$(html_reserved "$1")" ) || html_out "$(html_reserved "$1")"; } -prln_done_good() { pr_done_good "$1"; outln; } +tm_svrty_good() { [[ "$COLOR" -ge 2 ]] && ( "$COLORBLIND" && tm_out "\033[0;34m$1" || tm_out "\033[0;32m$1" ) || tm_out "$1"; tm_off; } # litegreen (liteblue), This is good +tmln_svrty_good() { tm_svrty_good "$1"; tmln_out; } +pr_svrty_good() { tm_svrty_good "$1"; [[ "$COLOR" -ge 2 ]] && ( "$COLORBLIND" && html_out "$(html_reserved "$1")" || html_out "$(html_reserved "$1")" ) || html_out "$(html_reserved "$1")"; } +prln_svrty_good() { pr_svrty_good "$1"; outln; } -tm_done_best() { [[ "$COLOR" -ge 2 ]] && ( "$COLORBLIND" && tm_out "\033[1;34m$1" || tm_out "\033[1;32m$1" ) || tm_out "$1"; tm_off; } # green (blue), This is the best -tmln_done_best() { tm_done_best "$1"; tmln_out; } -pr_done_best() { tm_done_best "$1"; [[ "$COLOR" -ge 2 ]] && ( "$COLORBLIND" && html_out "$(html_reserved "$1")" || html_out "$(html_reserved "$1")" ) || html_out "$(html_reserved "$1")"; } -prln_done_best() { pr_done_best "$1"; outln; } +tm_svrty_best() { [[ "$COLOR" -ge 2 ]] && ( "$COLORBLIND" && tm_out "\033[1;34m$1" || tm_out "\033[1;32m$1" ) || tm_out "$1"; tm_off; } # green (blue), This is the best +tmln_svrty_best() { tm_svrty_best "$1"; tmln_out; } +pr_svrty_best() { tm_svrty_best "$1"; [[ "$COLOR" -ge 2 ]] && ( "$COLORBLIND" && html_out "$(html_reserved "$1")" || html_out "$(html_reserved "$1")" ) || html_out "$(html_reserved "$1")"; } +prln_svrty_best() { pr_svrty_best "$1"; outln; } tm_svrty_low() { [[ "$COLOR" -ge 2 ]] && tm_out "\033[1;33m$1" || tm_out "$1"; tm_off; } # yellow brown | academic or minor problem tmln_svrty_low() { tm_svrty_low "$1"; tmln_out; } @@ -1704,7 +1704,7 @@ detect_header() { includeSubDomains() { if grep -aiqw includeSubDomains "$1"; then - pr_done_good ", includeSubDomains" + pr_svrty_good ", includeSubDomains" return 0 else pr_litecyan ", just this domain" @@ -1714,7 +1714,7 @@ includeSubDomains() { preload() { if grep -aiqw preload "$1"; then - pr_done_good ", preload" + pr_svrty_good ", preload" return 0 else return 1 @@ -1748,7 +1748,7 @@ run_hsts() { pr_svrty_medium "HSTS max-age is set to 0. HSTS is disabled" fileout "HSTS_time" "MEDIUM" "0. HSTS is disabled" elif [[ $hsts_age_sec -gt $HSTS_MIN ]]; then - pr_done_good "$hsts_age_days days" ; out "=$hsts_age_sec s" + pr_svrty_good "$hsts_age_days days" ; out "=$hsts_age_sec s" fileout "HSTS_time" "OK" "$hsts_age_days days (=$hsts_age_sec seconds) > $HSTS_MIN seconds" else pr_svrty_medium "$hsts_age_sec s = $hsts_age_days days is too short ( >=$HSTS_MIN seconds recommended)" @@ -1829,7 +1829,7 @@ run_hpkp() { pr_svrty_high "Only one key pinned (NOT ok), means the site may become unavailable in the future, " fileout "HPKP_SPKIs" "HIGH" "Only one key pinned" else - pr_done_good "$hpkp_nr_keys" + pr_svrty_good "$hpkp_nr_keys" out " keys, " fileout "HPKP_SPKIs" "OK" "$hpkp_nr_keys keys pinned in header" fi @@ -1842,7 +1842,7 @@ run_hpkp() { fi hpkp_age_days=$((hpkp_age_sec / 86400)) if [[ $hpkp_age_sec -ge $HPKP_MIN ]]; then - pr_done_good "$hpkp_age_days days" ; out "=$hpkp_age_sec s" + pr_svrty_good "$hpkp_age_days days" ; out "=$hpkp_age_sec s" fileout "HPKP_age" "OK" "HPKP age is set to $hpkp_age_days days ($hpkp_age_sec sec)" else out "$hpkp_age_sec s = " @@ -1910,7 +1910,7 @@ run_hpkp() { certificate_found=true # We have a match spki_match=true out "\n$spaces_indented Host cert: " - pr_done_good "$hpkp_spki" + pr_svrty_good "$hpkp_spki" fileout "HPKP_$hpkp_spki" "OK" "SPKI $hpkp_spki matches the host certificate" fi debugme tm_out "\n $hpkp_spki | $hpkp_spki_hostcert" @@ -1923,7 +1923,7 @@ run_hpkp() { certificate_found=true spki_match=true out "\n$spaces_indented Sub CA: " - pr_done_good "$hpkp_spki" + pr_svrty_good "$hpkp_spki" ca_cn="$(sed "s/^[a-zA-Z0-9\+\/]*=* *//" <<< $"$hpkp_matches" )" pr_italic " $ca_cn" fileout "HPKP_$hpkp_spki" "OK" "SPKI $hpkp_spki matches Intermediate CA \"$ca_cn\" pinned in the HPKP header" @@ -1946,7 +1946,7 @@ run_hpkp() { ca_cn="$(sed "s/^[a-zA-Z0-9\+\/]*=* *//" <<< $"$hpkp_matches" )" if [[ "$match_ca" == "$hpkp_ca" ]]; then # part of the chain out "\n$spaces_indented Root CA: " - pr_done_good "$hpkp_spki" + pr_svrty_good "$hpkp_spki" pr_italic " $ca_cn" fileout "HPKP_$hpkp_spki" "INFO" "SPKI $hpkp_spki matches Root CA \"$ca_cn\" pinned. (Root CA part of the chain)" else # not part of chain @@ -1977,7 +1977,7 @@ run_hpkp() { # for i=0 manually do the same as below as there's other indentation here if [[ -n "${backup_spki_str[0]}" ]]; then - pr_done_good "${backup_spki[0]}" + pr_svrty_good "${backup_spki[0]}" #out " Root CA: " prln_italic " ${backup_spki_str[0]}" else @@ -1987,7 +1987,7 @@ run_hpkp() { for ((i=1; i < ${#backup_spki[@]} ;i++ )); do if [[ -n "${backup_spki_str[i]}" ]]; then # it's a Root CA outside the chain - pr_done_good "$spaces_indented ${backup_spki[i]}" + pr_svrty_good "$spaces_indented ${backup_spki[i]}" #out " Root CA: " prln_italic " ${backup_spki_str[i]}" else @@ -2309,7 +2309,7 @@ run_cookie_flags() { # ARG1: Path nr_secure=$(grep -iac secure $TMPFILE) case $nr_secure in 0) pr_svrty_medium "$negative_word" ;; - [123456789]) pr_done_good "$nr_secure/$nr_cookies";; + [123456789]) pr_svrty_good "$nr_secure/$nr_cookies";; esac out " secure, " if [[ $nr_cookies -eq $nr_secure ]]; then @@ -2320,7 +2320,7 @@ run_cookie_flags() { # ARG1: Path nr_httponly=$(grep -cai httponly $TMPFILE) case $nr_httponly in 0) pr_svrty_medium "$negative_word" ;; - [123456789]) pr_done_good "$nr_httponly/$nr_cookies";; + [123456789]) pr_svrty_good "$nr_httponly/$nr_cookies";; esac out " HttpOnly" if [[ $nr_cookies -eq $nr_httponly ]]; then @@ -2359,7 +2359,7 @@ run_more_flags() { else first=false fi - pr_done_good "$f2t" + pr_svrty_good "$f2t" outln " $(out_row_aligned_max_width "$HEADERVALUE" "$spaces" $TERM_WIDTH)" fileout "$f2t" "OK" "$HEADERVALUE" fi @@ -2549,7 +2549,7 @@ sub_cipherlists() { case $3 in 2) if [[ $sclient_success -eq 0 ]]; then # Strong is excellent to offer - pr_done_best "offered (OK)" + pr_svrty_best "offered (OK)" fileout "${jsonID}_$4" "OK" "offered" else pr_svrty_medium "not offered" @@ -2559,7 +2559,7 @@ sub_cipherlists() { 1) if [[ $sclient_success -eq 0 ]]; then # High is good to offer - pr_done_good "offered (OK)" + pr_svrty_good "offered (OK)" fileout "${jsonID}_$4" "OK" "offered" else # FIXME: the rating could be readjusted if we knew the result of STRONG before @@ -2582,7 +2582,7 @@ sub_cipherlists() { fileout "${jsonID}_$4" "HIGH" "offered" else # need a check for -eq 1 here - pr_done_good "not offered (OK)" + pr_svrty_good "not offered (OK)" fileout "${jsonID}_$4" "OK" "not offered" fi ;; @@ -2591,7 +2591,7 @@ sub_cipherlists() { pr_svrty_critical "offered (NOT ok)" fileout "${jsonID}_$4" "CRITICAL" "offered" else - pr_done_best "not offered (OK)" + pr_svrty_best "not offered (OK)" fileout "${jsonID}_$4" "OK" "not offered" fi ;; @@ -4248,7 +4248,7 @@ run_protocols() { local using_sockets=true local supported_no_ciph1="supported but couldn't detect a cipher (may need debugging)" local supported_no_ciph2="supported but couldn't detect a cipher" - local latest_supported="" # version.major and version.minor of highest version supported by the server. + local latest_supported="" # version.major and version.minor of highest version supported by the server local detected_version_string latest_supported_string local key_share_extn_nr="$KEY_SHARE_EXTN_NR" local lines nr_ciphers_detected @@ -4268,7 +4268,7 @@ run_protocols() { if [[ -n "$STARTTLS" ]]; then prln_underline "via sockets " else - prln_underline "via sockets except SPDY+HTTP2 " + prln_underline "via sockets except NPN+ALPN " fi fi outln @@ -4288,12 +4288,12 @@ run_protocols() { fileout "$jsonID" "WARN" "received a strange SSLv2 reply (rerun with DEBUG>=2)" ;; 1) # no sslv2 server hello returned, like in openlitespeed which returns HTTP! - prln_done_best "not offered (OK)" + prln_svrty_best "not offered (OK)" fileout "$jsonID" "OK" "not offered" add_tls_offered ssl2 no ;; 0) # reset - prln_done_best "not offered (OK)" + prln_svrty_best "not offered (OK)" fileout "$jsonID" "OK" "not offered" add_tls_offered ssl2 no ;; @@ -4326,7 +4326,7 @@ run_protocols() { fileout "$jsonID" "CRITICAL" "offered" add_tls_offered ssl2 yes ;; - 1) prln_done_best "not offered (OK)" + 1) prln_svrty_best "not offered (OK)" fileout "$jsonID" "OK" "not offered" add_tls_offered ssl2 no ;; @@ -4353,7 +4353,7 @@ run_protocols() { latest_supported_string="SSLv3" add_tls_offered ssl3 yes ;; - 1) prln_done_best "not offered (OK)" + 1) prln_svrty_best "not offered (OK)" fileout "$jsonID" "OK" "not offered" add_tls_offered ssl3 no ;; @@ -4535,7 +4535,7 @@ run_protocols() { ret=$? fi case $ret in - 0) prln_done_best "offered (OK)" + 0) prln_svrty_best "offered (OK)" fileout "$jsonID" "OK" "offered" latest_supported="0303" latest_supported_string="TLSv1.2" @@ -4663,7 +4663,7 @@ run_protocols() { fi KEY_SHARE_EXTN_NR="$key_share_extn_nr" if [[ -n "$drafts_offered" ]]; then - pr_done_best "offered (OK)"; outln ": $drafts_offered" + pr_svrty_best "offered (OK)"; outln ": $drafts_offered" fileout "$jsonID" "OK" "offered with $drafts_offered" else pr_warning "Unexpected results"; outln "$debug_recomm" @@ -4809,7 +4809,7 @@ pr_dh_quality() { elif [[ "$bits" -le 1280 ]]; then pr_svrty_medium "$string" elif [[ "$bits" -ge 2048 ]]; then - pr_done_good "$string" + pr_svrty_good "$string" else out "$string" fi @@ -4830,7 +4830,7 @@ pr_ecdh_quality() { elif [[ "$bits" -le 224 ]]; then out "$string" elif [[ "$bits" -gt 224 ]]; then - pr_done_good "$string" + pr_svrty_good "$string" else out "$string" fi @@ -4879,7 +4879,7 @@ pr_ecdh_curve_quality() { # The return value is an indicator of the quality of the cipher in $1: # 0 = $1 is empty # 1 = pr_svrty_critical, 2 = pr_svrty_high, 3 = pr_svrty_medium, 4 = pr_svrty_low -# 5 = neither good nor bad, 6 = pr_done_good, 7 = pr_done_best +# 5 = neither good nor bad, 6 = pr_svrty_good, 7 = pr_svrty_best # # Please note this section isn't particular spot on. It needs to be reconsidered/redone pr_cipher_quality() { @@ -4904,11 +4904,11 @@ pr_cipher_quality() { ;; AES256-GCM-SHA384|AES128-GCM-SHA256|AES256-CCM|AES128-CCM|ARIA256-GCM-SHA384|ARIA128-GCM-SHA256) # RSA kx and e.g. GCM isn't certainly the best - pr_done_good "$text" + pr_svrty_good "$text" return 6 ;; *GCM*|*CCM*|*CHACHA20*) - pr_done_best "$text" + pr_svrty_best "$text" return 7 ;; #best ones ECDHE*AES*|DHE*AES*SHA*|*CAMELLIA*SHA) @@ -4942,13 +4942,13 @@ pr_cipher_quality() { pr_svrty_low "$text" return 4 else - pr_done_good "$text" + pr_svrty_good "$text" # RSA kx and e.g. GCM isn't certainly the best return 6 fi ;; *GCM*|*CCM*|*CHACHA20*) - pr_done_best "$text" + pr_svrty_best "$text" return 7 ;; *ECDHE*AES*CBC*|*DHE*AES*SHA*|*RSA*AES*SHA*|*CAMELLIA*SHA*) @@ -5185,7 +5185,7 @@ run_server_preference() { limitedsense=" (limited sense as client will pick)" fileout "$jsonID" "HIGH" "NOT cipher order configured" else - pr_done_best "yes (OK)" + pr_svrty_best "yes (OK)" has_cipher_order=true limitedsense="" fileout "$jsonID" "OK" "sets cipher order" @@ -5220,15 +5220,15 @@ run_server_preference() { [[ "$default_proto" == "TLSv1.0" ]] && default_proto="TLSv1" case "$default_proto" in *TLSv1.3) - prln_done_best $default_proto + prln_svrty_best $default_proto fileout "$jsonID" "OK" "Default protocol TLS1.3" ;; *TLSv1.2) - prln_done_best $default_proto + prln_svrty_best $default_proto fileout "$jsonID" "OK" "Default protocol TLS1.2" ;; *TLSv1.1) - prln_done_good $default_proto + prln_svrty_good $default_proto fileout "$jsonID" "OK" "Default protocol TLS1.1" ;; *TLSv1) @@ -5787,7 +5787,7 @@ determine_trust() { if [[ ${verify_retcode[i]} -eq 0 ]]; then trust[i]=true some_ok=true - debugme tm_done_good "Ok " + debugme tm_svrty_good "Ok " debugme tmln_out "${verify_retcode[i]}" else trust[i]=false @@ -5801,7 +5801,7 @@ determine_trust() { debugme tm_out " " if "$all_ok"; then # all stores ok - pr_done_good "Ok "; pr_warning "$addtl_warning" + pr_svrty_good "Ok "; pr_warning "$addtl_warning" # we did to stdout the warning above already, so we could stay here with OK: fileout "${jsonID}${json_postfix}" "OK" "passed. $addtl_warning" else @@ -5842,7 +5842,7 @@ determine_trust() { outln # lf + green ones [[ "$DEBUG" -eq 0 ]] && tm_out "$spaces" - pr_done_good "OK: $ok_was" + pr_svrty_good "OK: $ok_was" fi fileout "${jsonID}${json_postfix}" "CRITICAL" "Some certificate trust checks failed -> $notok_was $addtl_warning, OK -> $ok_was" fi @@ -6314,7 +6314,7 @@ must_staple() { if "$supported"; then if "$provides_stapling"; then - prln_done_good "supported" + prln_svrty_good "supported" fileout "${jsonID}${json_postfix}" "OK" "supported" else prln_svrty_high "requires OCSP stapling (NOT ok)" @@ -6470,15 +6470,15 @@ certificate_info() { fileout "${jsonID}${json_postfix}" "INFO" "SHA224 with RSA" ;; sha256WithRSAEncryption) - prln_done_good "SHA256 with RSA" + prln_svrty_good "SHA256 with RSA" fileout "${jsonID}${json_postfix}" "OK" "SHA256 with RSA" ;; sha384WithRSAEncryption) - prln_done_good "SHA384 with RSA" + prln_svrty_good "SHA384 with RSA" fileout "${jsonID}${json_postfix}" "OK" "SHA384 with RSA" ;; sha512WithRSAEncryption) - prln_done_good "SHA512 with RSA" + prln_svrty_good "SHA512 with RSA" fileout "${jsonID}${json_postfix}" "OK" "SHA512 with RSA" ;; ecdsa-with-SHA1) @@ -6490,15 +6490,15 @@ certificate_info() { fileout "${jsonID}${json_postfix}" "INFO" "ECDSA with SHA224" ;; ecdsa-with-SHA256) - prln_done_good "ECDSA with SHA256" + prln_svrty_good "ECDSA with SHA256" fileout "${jsonID}${json_postfix}" "OK" "ECDSA with SHA256" ;; ecdsa-with-SHA384) - prln_done_good "ECDSA with SHA384" + prln_svrty_good "ECDSA with SHA384" fileout "${jsonID}${json_postfix}" "OK" "ECDSA with SHA384" ;; ecdsa-with-SHA512) - prln_done_good "ECDSA with SHA512" + prln_svrty_good "ECDSA with SHA512" fileout "${jsonID}${json_postfix}" "OK" "ECDSA with SHA512" ;; dsaWithSHA1) @@ -6510,7 +6510,7 @@ certificate_info() { fileout "${jsonID}${json_postfix}" "INFO" "DSA with SHA224" ;; dsa_with_SHA256) - prln_done_good "DSA with SHA256" + prln_svrty_good "DSA with SHA256" fileout "${jsonID}${json_postfix}" "OK" "DSA with SHA256" ;; rsassaPss) @@ -6525,15 +6525,15 @@ certificate_info() { fileout "${jsonID}${json_postfix}" "INFO" "RSASSA-PSS with SHA224" ;; sha256) - prln_done_good "RSASSA-PSS with SHA256" + prln_svrty_good "RSASSA-PSS with SHA256" fileout "${jsonID}${json_postfix}" "OK" "RSASSA-PSS with SHA256" ;; sha384) - prln_done_good "RSASSA-PSS with SHA384" + prln_svrty_good "RSASSA-PSS with SHA384" fileout "${jsonID}${json_postfix}" "OK" "RSASSA-PSS with SHA384" ;; sha512) - prln_done_good "RSASSA-PSS with SHA512" + prln_svrty_good "RSASSA-PSS with SHA512" fileout "${jsonID}${json_postfix}" "OK" "RSASSA-PSS with SHA512" ;; *) @@ -6595,7 +6595,7 @@ certificate_info() { out "$cert_keysize" fileout "${jsonID}${json_postfix}" "INFO" "$cert_keysize EC bits" elif [[ "$cert_keysize" -le 533 ]]; then - pr_done_good "$cert_keysize" + pr_svrty_good "$cert_keysize" fileout "${jsonID}${json_postfix}" "OK" "$cert_keysize EC bits" else out "keysize: $cert_keysize (not expected, FIXME)" @@ -6620,7 +6620,7 @@ certificate_info() { outln "$cert_keysize bits" fileout "${jsonID}${json_postfix}" "INFO" "$cert_keysize bits" elif [[ "$cert_keysize" -le 4096 ]]; then - pr_done_good "$cert_keysize" + pr_svrty_good "$cert_keysize" fileout "${jsonID}${json_postfix}" "OK" "$cert_keysize bits" outln " bits" else @@ -6877,7 +6877,7 @@ certificate_info() { ! "$has_dns_sans" && out " -- CN only match is deprecated" fi else - pr_done_good "$trustfinding" + pr_svrty_good "$trustfinding" trust_sni_finding="OK" fi @@ -7003,7 +7003,7 @@ certificate_info() { secs2warn=$((24 * 60 * 60 * days2warn1)) # high threshold expire=$($OPENSSL x509 -in $HOSTCERT -checkend $secs2warn 2>>$ERRFILE) if grep -qw not <<< "$expire"; then - pr_done_good "$days2expire >= $days2warn1 days" + pr_svrty_good "$days2expire >= $days2warn1 days" expfinding+="$days2expire >= $days2warn1 days" else pr_svrty_medium "expires < $days2warn1 days ($days2expire)" @@ -7075,7 +7075,7 @@ certificate_info() { fi else if grep -a "OCSP Response Status" <<<"$ocsp_response_status" | grep -q successful; then - pr_done_good "offered" + pr_svrty_good "offered" fileout "${jsonID}${json_postfix}" "OK" "offered" provides_stapling=true else @@ -7106,7 +7106,7 @@ certificate_info() { caa_node=${caa_node#*.} done if [[ -n "$caa" ]]; then - pr_done_good "available"; out " - please check for match with \"Issuer\" above" + pr_svrty_good "available"; out " - please check for match with \"Issuer\" above" if [[ $(count_lines "$caa") -eq 1 ]]; then out ": " else @@ -7132,7 +7132,7 @@ certificate_info() { out "$indent"; pr_bold " Certificate Transparency "; jsonID="certificate_transparency" if [[ "$ct" =~ extension ]]; then - pr_done_good "yes"; outln " ($ct)" + pr_svrty_good "yes"; outln " ($ct)" fileout "${jsonID}${json_postfix}" "OK" "yes ($ct)" else outln "$ct" @@ -7572,7 +7572,7 @@ run_pfs() { outln pfs_offered=true pfs_ciphers="" - pr_done_good " PFS is offered (OK)" + pr_svrty_good " PFS is offered (OK)" fileout "$jsonID" "OK" "offered" if "$WIDE"; then outln ", ciphers follow (client/browser support is important here) \n" @@ -7872,7 +7872,7 @@ run_pfs() { # good start to read: http://en.wikipedia.org/wiki/Transport_Layer_Security#Attacks_against_TLS.2FSSL -spdy_pre(){ +npn_pre(){ if [[ -n "$PROXY" ]]; then [[ -n "$1" ]] && pr_warning "$1" pr_warning "not tested as proxies do not support proxying it" @@ -7880,14 +7880,14 @@ spdy_pre(){ return 1 fi if ! "$HAS_SPDY"; then - pr_local_problem "$OPENSSL doesn't support SPDY/NPN"; - fileout "SPDY-NPN" "WARN" "not tested $OPENSSL doesn't support SPDY/NPN" + pr_local_problem "$OPENSSL doesn't support NPN/SPDY"; + fileout "NPN" "WARN" "not tested $OPENSSL doesn't support NPN/SPDY" return 7 fi return 0 } -http2_pre(){ +alpn_pre(){ if [[ -n "$PROXY" ]]; then [[ -n "$1" ]] && pr_warning " $1 " pr_warning "not tested as proxies do not support proxying it" @@ -7895,21 +7895,24 @@ http2_pre(){ return 1 fi if ! "$HAS_ALPN" && "$SSL_NATIVE"; then - prln_local_problem "$OPENSSL doesn't support HTTP2/ALPN"; - fileout "HTTP2-ALPN" "WARN" "HTTP/2 was not tested as $OPENSSL does not support it" + prln_local_problem "$OPENSSL doesn't support ALPN/HTTP2"; + fileout "ALPN" "WARN" "HTTP/2 was not tested as $OPENSSL does not support it" return 7 fi return 0 } -run_spdy() { +# modern browsers do not support it anymore but we shoud still test it at least for fingerprinting the server side +# Thus we don't label any support for NPN as good. FAST mode skips this test +run_npn() { local tmpstr local -i ret=0 - local jsonID="SPDY-NPN" + local jsonID="NPN" [[ -n "$STARTTLS" ]] && return 0 - pr_bold " SPDY/NPN " - if ! spdy_pre; then + "$FAST" && return 0 + pr_bold " NPN/SPDY " + if ! npn_pre; then outln return 0 fi @@ -7932,7 +7935,6 @@ run_spdy() { ret=10 fi fi - #outln # btw: nmap can do that too http://nmap.org/nsedoc/scripts/tls-nextprotoneg.html # nmap --script=tls-nextprotoneg #NODE -p $PORT is your friend if your openssl doesn't want to test this tmpfile_handle $FUNCNAME.txt @@ -7940,16 +7942,16 @@ run_spdy() { } -run_http2() { +run_alpn() { local tmpstr alpn_extn len local -i ret=0 - local had_alpn_proto=false + local has_alpn_proto=false local alpn_finding="" - local jsonID="HTTP2-ALPN" + local jsonID="ALPN" [[ -n "$STARTTLS" ]] && return 0 - pr_bold " HTTP2/ALPN " - if ! http2_pre; then + pr_bold " ALPN/HTTP2 " + if ! alpn_pre; then outln return 0 fi @@ -7970,23 +7972,26 @@ run_http2() { echo "" > $TMPFILE fi fi - #tmpstr=$(grep -a '^ALPN protocol' $TMPFILE | sed 's/ALPN protocol.*: //') - #tmpstr=$(awk '/^ALPN protocol*:/ { print $2 }' $TMPFILE) tmpstr=$(awk -F':' '/^ALPN protocol*:/ { print $2 }' $TMPFILE) if [[ "$tmpstr" == *"$proto" ]]; then - if ! $had_alpn_proto; then - out "$proto" - alpn_finding+="$proto" - had_alpn_proto=true - else - out ", $proto" - alpn_finding+=", $proto" - fi + if ! $has_alpn_proto; then + has_alpn_proto=true + else + out ", " + fi + # only h2 is what browser need to use HTTP/2.0 and brings a security benefit + if [[ "$proto" == "h2" ]]; then + pr_svrty_good "$proto" + fileout "$jsonID" "OK" "$alpn_finding" + else + out "$proto" + alpn_finding+="$proto" + fi fi done - if $had_alpn_proto; then + if $has_alpn_proto; then outln " (offered)" - fileout "$jsonID" "INFO" "offered with protocols $alpn_finding" + fileout "$jsonID" "INFO" "$alpn_finding" ret=0 else outln "not offered" @@ -11532,7 +11537,7 @@ run_heartbleed(){ [[ -z "$TLS_EXTENSIONS" ]] && determine_tls_extensions if [[ ! "${TLS_EXTENSIONS}" =~ heartbeat ]]; then - pr_done_best "not vulnerable (OK)" + pr_svrty_best "not vulnerable (OK)" outln ", no heartbeat extension" fileout "$jsonID" "OK" "not vulnerable, no heartbeat extension" "$cve" "$cwe" return 0 @@ -11565,7 +11570,7 @@ run_heartbleed(){ sockread_serverhello 16384 $HEARTBLEED_MAX_WAITSOCK if [[ $? -eq 3 ]]; then append=", timed out" - pr_done_best "not vulnerable (OK)"; out "$append" + pr_svrty_best "not vulnerable (OK)"; out "$append" fileout "$jsonID" "OK" "not vulnerable $append" "$cve" "$cwe" ret=0 else @@ -11590,7 +11595,7 @@ run_heartbleed(){ # check possibility of weird vsftpd reply, see #426, despite "1803" seems very unlikely... if grep -q '500 OOPS' "$SOCK_REPLY_FILE" ; then append=", successful weeded out vsftpd false positive" - pr_done_best "not vulnerable (OK)"; out "$append" + pr_svrty_best "not vulnerable (OK)"; out "$append" fileout "$jsonID" "OK" "not vulnerable $append" "$cve" "$cwe" ret=0 else @@ -11606,7 +11611,7 @@ run_heartbleed(){ ret=1 fi else - pr_done_best "not vulnerable (OK)" + pr_svrty_best "not vulnerable (OK)" fileout "$jsonID" "OK" "not vulnerable $cve" "$cwe" ret=0 fi @@ -11619,7 +11624,7 @@ run_heartbleed(){ # helper function ok_ids(){ - prln_done_best "\n ok -- something resetted our ccs packets" + prln_svrty_best "\n ok -- something resetted our ccs packets" return 0 } @@ -11741,7 +11746,7 @@ run_ccs_injection(){ # 28: Handshake failure if [[ -z "${tls_hello_ascii:0:12}" ]]; then # empty reply - pr_done_best "not vulnerable (OK)" + pr_svrty_best "not vulnerable (OK)" if [[ $retval -eq 3 ]]; then fileout "$jsonID" "OK" "not vulnerable (timed out)" "$cve" "$cwe" else @@ -11764,7 +11769,7 @@ run_ccs_injection(){ elif [[ $STARTTLS_PROTOCOL == "mysql" ]] && [[ "${tls_hello_ascii:14:12}" == "233038533031" ]]; then # MySQL community edition (yaSSL) returns a MySQL error instead of a TLS Alert # Error: #08S01 Bad handshake - pr_done_best "not vulnerable (OK)" + pr_svrty_best "not vulnerable (OK)" out ", looks like MySQL community edition (yaSSL)" fileout "$jsonID" "OK" "not vulnerable (MySQL community edition (yaSSL) detected)" "$cve" "$cwe" elif [[ "$byte6" == [0-9a-f][0-9a-f] ]] && [[ "${tls_hello_ascii:2:2}" != "03" ]]; then @@ -11830,7 +11835,7 @@ run_ticketbleed() { # highly unlikely that it is NOT supported. We may loose time here but it's more solid [[ -z "$TLS_EXTENSIONS" ]] && determine_tls_extensions if [[ ! "${TLS_EXTENSIONS}" =~ "session ticket" ]]; then - pr_done_best "not vulnerable (OK)" + pr_svrty_best "not vulnerable (OK)" outln ", no session ticket extension" fileout "$jsonID" "OK" "no session ticket extension" "$cve" "$cwe" return 0 @@ -11857,7 +11862,7 @@ run_ticketbleed() { session_tckt_tls="$(get_session_ticket_tls)" if [[ "$session_tckt_tls" == "," ]]; then - pr_done_best "not vulnerable (OK)" + pr_svrty_best "not vulnerable (OK)" outln ", no session tickets" fileout "$jsonID" "OK" "not vulnerable" "$cve" "$cwe" debugme echo " session ticket TLS \"$session_tckt_tls\"" @@ -11981,11 +11986,11 @@ run_ticketbleed() { if [[ "${tls_hello_ascii:0:2}" == "15" ]]; then debugme echo -n "TLS Alert ${tls_hello_ascii:10:4} (TLS version: ${tls_hello_ascii:2:4}) -- " - pr_done_best "not vulnerable (OK)" + pr_svrty_best "not vulnerable (OK)" fileout "$jsonID" "OK" "not vulnerable" "$cve" "$cwe" break elif [[ -z "${tls_hello_ascii:0:2}" ]]; then - pr_done_best "not vulnerable (OK)" + pr_svrty_best "not vulnerable (OK)" out ", reply empty" fileout "$jsonID" "OK" "not vulnerable" "$cve" "$cwe" break @@ -12038,7 +12043,7 @@ run_ticketbleed() { pr_svrty_critical "VULNERABLE (NOT ok)" fileout "$jsonID" "CRITICAL" "VULNERABLE" "$cve" "$cwe" "$hint" else - pr_done_best "not vulnerable (OK)" + pr_svrty_best "not vulnerable (OK)" out ", memory fragments do not differ" fileout "$jsonID" "OK" "not vulnerable, session IDs were returned but memory fragments do not differ" "$cve" "$cwe" fi @@ -12084,7 +12089,7 @@ run_renego() { 0) prln_svrty_critical "VULNERABLE (NOT ok)" fileout "$jsonID" "CRITICAL" "VULNERABLE" "$cve" "$cwe" "$hint" ;; - 1) prln_done_best "not vulnerable (OK)" + 1) prln_svrty_best "not vulnerable (OK)" fileout "$jsonID" "OK" "not vulnerable" "$cve" "$cwe" ;; *) prln_warning "FIXME (bug): $sec_renego" @@ -12129,7 +12134,7 @@ run_renego() { echo R | $OPENSSL s_client $(s_client_options "$proto $BUGS $legacycmd $STARTTLS -msg -connect $NODEIP:$PORT $SNI $PROXY") >$TMPFILE 2>>$ERRFILE & wait_kill $! $HEADER_MAXSLEEP if [[ $? -eq 3 ]]; then - pr_done_good "likely not vulnerable (OK)"; outln ", timed out" # it hung + pr_svrty_good "likely not vulnerable (OK)"; outln ", timed out" # it hung fileout "$jsonID" "OK" "likely not vulnerable (timed out)" "$cve" "$cwe" sec_client_renego=1 else @@ -12146,7 +12151,7 @@ run_renego() { fi ;; 1) - prln_done_good "not vulnerable (OK)" + prln_svrty_good "not vulnerable (OK)" fileout "$jsonID" "OK" "not vulnerable" "$cve" "$cwe" ;; *) @@ -12208,7 +12213,7 @@ run_crime() { fileout "CRIME_TLS" "WARN" "Check failed, couldn't connect" "$cve" "$cwe" ret=7 elif grep -a Compression $TMPFILE | grep -aq NONE >/dev/null; then - pr_done_good "not vulnerable (OK)" + pr_svrty_good "not vulnerable (OK)" if [[ $SERVICE != "HTTP" ]] && ! "$CLIENT_AUTH"; then out " (not using HTTP anyway)" fileout "CRIME_TLS" "OK" "not vulnerable (not using HTTP anyway)" "$cve" "$cwe" @@ -12253,7 +12258,7 @@ run_crime() { # STR=$(grep Compression $TMPFILE ) # if echo $STR | grep -q NONE >/dev/null; then -# pr_done_best "not vulnerable (OK)" +# pr_svrty_best "not vulnerable (OK)" # ret=$((ret + 0)) # else # pr_svrty_critical "VULNERABLE (NOT ok)" @@ -12320,7 +12325,7 @@ run_breach() { prln_warning ") " ret=3 elif [[ -z $result ]]; then - pr_done_best "no HTTP compression (OK) " + pr_svrty_best "no HTTP compression (OK) " outln "$disclaimer" fileout "$jsonID" "OK" "no HTTP compression $disclaimer" "$cve" "$cwe" ret=0 @@ -12388,7 +12393,7 @@ run_sweet32() { pr_svrty_low "VULNERABLE"; out ", uses 64 bit block ciphers" fileout "SWEET32" "LOW" "uses 64 bit block ciphers" "$cve" "$cwe" "$hint" else - pr_done_best "not vulnerable (OK)"; + pr_svrty_best "not vulnerable (OK)"; if "$using_sockets"; then fileout "SWEET32" "OK" "not vulnerable" "$cve" "$cwe" else @@ -12447,7 +12452,7 @@ run_ssl_poodle() { fileout "$jsonID" "HIGH" "VULNERABLE, uses SSLv3+CBC" "$cve" "$cwe" "$hint" else POODLE=1 - pr_done_best "not vulnerable (OK)"; + pr_svrty_best "not vulnerable (OK)"; if "$using_sockets"; then fileout "$jsonID" "OK" "not vulnerable" "$cve" "$cwe" else @@ -12530,7 +12535,7 @@ run_tls_fallback_scsv() { fileout "$jsonID" "HIGH" "only SSLv3 supported" return 7 ;; - *) pr_done_good "No fallback possible, TLS 1.3 is the only protocol (OK)" + *) pr_svrty_good "No fallback possible, TLS 1.3 is the only protocol (OK)" fileout "$jsonID" "OK" "only TLS 1.3 supported" return 7 esac @@ -12552,7 +12557,7 @@ run_tls_fallback_scsv() { if [[ -z "$low_proto" ]]; then case "$high_proto" in "tls1_2") - pr_done_good "No fallback possible, no protocol below $high_proto_str offered (OK)" + pr_svrty_good "No fallback possible, no protocol below $high_proto_str offered (OK)" ;; *) out "No fallback possible, no protocol below $high_proto_str offered (OK)" ;; @@ -12589,11 +12594,11 @@ run_tls_fallback_scsv() { ret=1 fi elif grep -qa "alert inappropriate fallback" "$TMPFILE"; then - pr_done_good "Downgrade attack prevention supported (OK)" + pr_svrty_good "Downgrade attack prevention supported (OK)" fileout "$jsonID" "OK" "supported" ret=0 elif grep -qa "alert handshake failure" "$TMPFILE"; then - pr_done_good "Probably OK. " + pr_svrty_good "Probably OK. " fileout "$jsonID" "OK" "Probably oK" # see RFC 7507, https://github.com/drwetter/testssl.sh/issues/121 # other case reported by Nicolas was F5 and at costumer of mine: the same @@ -12690,7 +12695,7 @@ run_freak() { pr_svrty_critical "VULNERABLE (NOT ok)"; out ", uses EXPORT RSA ciphers" fileout "$jsonID" "CRITICAL" "VULNERABLE, uses EXPORT RSA ciphers" "$cve" "$cwe" "$hint" else - pr_done_best "not vulnerable (OK)"; out "$addtl_warning" + pr_svrty_best "not vulnerable (OK)"; out "$addtl_warning" fileout "$jsonID" "OK" "not vulnerable $addtl_warning" "$cve" "$cwe" fi outln @@ -12909,17 +12914,17 @@ run_logjam() { out "${spaces}but no DH EXPORT ciphers${addtl_warning}" fileout "$jsonID" "OK" "not vulnerable, no DH EXPORT ciphers,$addtl_warning" "$cve" "$cwe" elif [[ $ret -eq 3 ]]; then - pr_done_good "not vulnerable (OK):"; out " no DH EXPORT ciphers${addtl_warning}" + pr_svrty_good "not vulnerable (OK):"; out " no DH EXPORT ciphers${addtl_warning}" fileout "$jsonID" "OK" "not vulnerable, no DH EXPORT ciphers,$addtl_warning" "$cve" "$cwe" out ", no DH key detected" fileout "$jsonID2" "OK" "no DH key detected" elif [[ $ret -eq 0 ]]; then - pr_done_good "not vulnerable (OK):"; out " no DH EXPORT ciphers${addtl_warning}" + pr_svrty_good "not vulnerable (OK):"; out " no DH EXPORT ciphers${addtl_warning}" fileout "$jsonID" "OK" "not vulnerable, no DH EXPORT ciphers,$addtl_warning" "$cve" "$cwe" out ", no common primes detected" fileout "$jsonID2" "OK" "no common primes detected" elif [[ $ret -eq 7 ]]; then - pr_done_good "partly not vulnerable:"; out " no DH EXPORT ciphers${addtl_warning}" + pr_svrty_good "partly not vulnerable:"; out " no DH EXPORT ciphers${addtl_warning}" fileout "$jsonID" "OK" "not vulnerable, no DH EXPORT ciphers,$addtl_warning" "$cve" "$cwe" fi fi @@ -12985,7 +12990,7 @@ run_drown() { fi ret=1 ;; - *) prln_done_best "not vulnerable on this host and port (OK)" + *) prln_svrty_best "not vulnerable on this host and port (OK)" fileout "DROWN" "OK" "not vulnerable to DROWN on this host and port" "$cve" "$cwe" if [[ -n "$cert_fingerprint_sha2" ]]; then outln "$spaces make sure you don't use this certificate elsewhere with SSLv2 enabled services" @@ -13116,10 +13121,10 @@ run_beast(){ if [[ $sclient_success -ne 0 ]]; then # protocol supported? if "$continued"; then # second round: we hit TLS1 if "$HAS_SSL3" || "$using_sockets"; then - prln_done_good "no SSL3 or TLS1 (OK)" + prln_svrty_good "no SSL3 or TLS1 (OK)" fileout "$jsonID" "OK" "not vulnerable, no SSL3 or TLS1" "$cve" "$cwe" else - prln_done_good "no TLS1 (OK)" + prln_svrty_good "no TLS1 (OK)" fileout "$jsonID" "OK" "not vulnerable, no TLS1" "$cve" "$cwe" fi return 0 @@ -13247,12 +13252,12 @@ run_beast(){ first=false else [[ $proto == "tls1" ]] && ! $first && echo -n "$spaces " - prln_done_good "no CBC ciphers for $(toupper $proto) (OK)" + prln_svrty_good "no CBC ciphers for $(toupper $proto) (OK)" first=false fi else if ! "$vuln_beast" ; then - prln_done_good "no CBC ciphers for $(toupper $proto) (OK)" + prln_svrty_good "no CBC ciphers for $(toupper $proto) (OK)" fileout "${jsonID}_CBC_$(toupper $proto)" "OK" "No CBC ciphers for $(toupper $proto)" "$cve" "$cwe" fi fi @@ -13282,7 +13287,7 @@ run_beast(){ fileout "$jsonID" "MEDIUM" "VULNERABLE -- and no higher protocols as mitigation supported" "$cve" "$cwe" "$hint" fi fi - "$first" && ! "$vuln_beast" && prln_done_good "no CBC ciphers found for any protocol (OK)" + "$first" && ! "$vuln_beast" && prln_svrty_good "no CBC ciphers found for any protocol (OK)" "$using_sockets" && HAS_DH_BITS="$has_dh_bits" tmpfile_handle $FUNCNAME.txt @@ -13334,7 +13339,7 @@ run_lucky13() { # the CBC padding which led to timing differences during MAC processing has been solved in openssl (https://www.openssl.org/news/secadv/20130205.txt) # and other software. However we can't tell with reasonable effort from the outside. Thus we still issue a warning and label it experimental else - pr_done_best "not vulnerable (OK)"; + pr_svrty_best "not vulnerable (OK)"; if "$using_sockets"; then fileout "$jsonID" "OK" "not vulnerable" "$cve" "$cwe" else @@ -13592,7 +13597,7 @@ run_rc4() { prln_local_problem "No RC4 Ciphers configured in $OPENSSL" fileout "$jsonID" "WARN" "RC4 ciphers not supported by local OpenSSL ($OPENSSL)" else - prln_done_good "no RC4 ciphers detected (OK)" + prln_svrty_good "no RC4 ciphers detected (OK)" fileout "$jsonID" "OK" "not vulnerable" "$cve" "$cwe" fi outln @@ -14028,7 +14033,7 @@ run_robot() { cipherlist="$(strip_inconsistent_ciphers "$tls_hexcode" ", $cipherlist")" cipherlist="${cipherlist:2}" elif [[ $ret -ne 0 ]]; then - prln_done_best "Server does not support any cipher suites that use RSA key transport" + prln_svrty_best "Server does not support any cipher suites that use RSA key transport" fileout "$jsonID" "OK" "not vulnerable, no RSA key transport cipher" return 0 fi @@ -14214,7 +14219,7 @@ run_robot() { fileout "$jsonID" "CRITICAL" "VULNERABLE" fi else - prln_done_best "not vulnerable (OK)" + prln_svrty_best "not vulnerable (OK)" fileout "$jsonID" "OK" "not vulnerable" fi return 0 @@ -16740,8 +16745,8 @@ lets_roll() { fileout_section_header $section_number false && ((section_number++)) $do_protocols && { run_protocols; ret=$(($? + ret)); time_right_align run_protocols; - run_spdy; ret=$(($? + ret)); time_right_align run_spdy; - run_http2; ret=$(($? + ret)); time_right_align run_http2; + run_npn; ret=$(($? + ret)); time_right_align run_npn; + run_alpn; ret=$(($? + ret)); time_right_align run_alpn; } fileout_section_header $section_number true && ((section_number++)) "$do_grease" && { run_grease; ret=$(($? + ret)); time_right_align run_grease; }