Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-01-03 23:39:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1567 from drwetter/renamed_to_fs

Browse Source 
Rename PFS/perfect forward secrecy - ->  FS/forward secrecy
This commit is contained in:
Dirk Wetter 2020-04-14 20:21:52 +02:00 committed by GitHub
commit 8ce781c71d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 77 additions and 77 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
doc/testssl.1
View File

@ -46,7 +46,7 @@ Any OpenSSL or LibreSSL version is needed as a helper\. Unlike previous versions
2) standard cipher categories to give you upfront an idea for the ciphers supported 2) standard cipher categories to give you upfront an idea for the ciphers supported
. .
.P .P
3) checks (perfect) forward secrecy: ciphers and elliptical curves 3) checks forward secrecy: ciphers and elliptical curves
. .
.P .P
4) server preferences (server order) 4) server preferences (server order)
@ -214,7 +214,7 @@ Any single check switch supplied as an argument prevents testssl\.sh from doing
.IP "" 0 .IP "" 0
. .
.P .P
\fB\-f, \-\-pfs, \-\-fs,\-\-nsa\fR Checks robust (perfect) forward secrecy key exchange\. "Robust" means that ciphers having intrinsic severe weaknesses like Null Authentication or Encryption, 3DES and RC4 won\'t be considered here\. There shouldn\'t be the wrong impression that a secure key exchange has been taking place and everything is fine when in reality the encryption sucks\. Also this section lists the available elliptical curves and Diffie Hellman groups, as well as FFDHE groups (TLS 1\.2 and TLS 1\.3)\. \fB\-f, \-\-fs, \-\-nsa, \-\-forward\-secrecy\fR Checks robust forward secrecy key exchange\. "Robust" means that ciphers having intrinsic severe weaknesses like Null Authentication or Encryption, 3DES and RC4 won\'t be considered here\. There shouldn\'t be the wrong impression that a secure key exchange has been taking place and everything is fine when in reality the encryption sucks\. Also this section lists the available elliptical curves and Diffie Hellman groups, as well as FFDHE groups (TLS 1\.2 and TLS 1\.3)\.
. .
.P .P
\fB\-p, \-\-protocols\fR checks TLS/SSL protocols SSLv2, SSLv3, TLS 1\.0 through TLS 1\.3 and for HTTP: SPDY (NPN) and ALPN, a\.k\.a\. HTTP/2\. For TLS 1\.3 several drafts (from 18 on) and final are supported and being tested for\. \fB\-p, \-\-protocols\fR checks TLS/SSL protocols SSLv2, SSLv3, TLS 1\.0 through TLS 1\.3 and for HTTP: SPDY (NPN) and ALPN, a\.k\.a\. HTTP/2\. For TLS 1\.3 several drafts (from 18 on) and final are supported and being tested for\.
@ -389,7 +389,7 @@ Security headers (X\-Frame\-Options, X\-XSS\-Protection, Expect\-CT,\.\.\. , CSP
\fB\-q, \-\-quiet\fR Normally testssl\.sh displays a banner on stdout with several version information, usage rights and a warning\. This option suppresses it\. Please note that by choosing this option you acknowledge usage terms and the warning normally appearing in the banner\. \fB\-q, \-\-quiet\fR Normally testssl\.sh displays a banner on stdout with several version information, usage rights and a warning\. This option suppresses it\. Please note that by choosing this option you acknowledge usage terms and the warning normally appearing in the banner\.
. .
.P .P
\fB\-\-wide\fR Except the "each cipher output" all tests displays the single cipher name (scheme see below)\. This option enables testssl\.sh to display also for the following sections the same output as for testing each ciphers: BEAST, PFS, RC4\. The client simulation has also a wide mode\. The difference here is restricted to a column aligned output and a proper headline\. The environment variable \fBWIDE\fR can be used instead\. \fB\-\-wide\fR Except the "each cipher output" all tests displays the single cipher name (scheme see below)\. This option enables testssl\.sh to display also for the following sections the same output as for testing each ciphers: BEAST, FS, RC4\. The client simulation has also a wide mode\. The difference here is restricted to a column aligned output and a proper headline\. The environment variable \fBWIDE\fR can be used instead\.
. .
.P .P
\fB\-\-mapping <openssl|iana|no\-openssl|no\-iana>\fR \fB\-\-mapping <openssl|iana|no\-openssl|no\-iana>\fR
@ -635,7 +635,7 @@ MAX_HEADER_FAIL: A number which tells testssl\.sh how often a HTTP GET request o
.fi .fi
. .
.P .P
does a default run on https://testssl\.sh (protocols, standard cipher lists, PFS, server preferences, server defaults, vulnerabilities, testing all known 370 ciphers, client simulation\. does a default run on https://testssl\.sh (protocols, standard cipher lists, FS, server preferences, server defaults, vulnerabilities, testing all known 370 ciphers, client simulation\.
. .
.IP "" 4 .IP "" 4
. .

8
doc/testssl.1.html
View File

@ -123,7 +123,7 @@ linked OpenSSL binaries for major operating systems are supplied in <code>./bin/
<p>2) standard cipher categories to give you upfront an idea for the ciphers supported</p> <p>2) standard cipher categories to give you upfront an idea for the ciphers supported</p>
<p>3) checks (perfect) forward secrecy: ciphers and elliptical curves</p> <p>3) checks forward secrecy: ciphers and elliptical curves</p>
<p>4) server preferences (server order)</p> <p>4) server preferences (server order)</p>
@ -244,7 +244,7 @@ ADDITIONAL_CA_FILES is the environment variable for this.</p>
</ul> </ul>
<p><code>-f, --pfs, --fs,--nsa</code> Checks robust (perfect) forward secrecy key exchange. "Robust" means that ciphers having intrinsic severe weaknesses like Null Authentication or Encryption, 3DES and RC4 won't be considered here. There shouldn't be the wrong impression that a secure key exchange has been taking place and everything is fine when in reality the encryption sucks. Also this section lists the available elliptical curves and Diffie Hellman groups, as well as FFDHE groups (TLS 1.2 and TLS 1.3).</p> <p><code>-f, --fs, --nsa, --forward-secrecy</code> Checks robust forward secrecy key exchange. "Robust" means that ciphers having intrinsic severe weaknesses like Null Authentication or Encryption, 3DES and RC4 won't be considered here. There shouldn't be the wrong impression that a secure key exchange has been taking place and everything is fine when in reality the encryption sucks. Also this section lists the available elliptical curves and Diffie Hellman groups, as well as FFDHE groups (TLS 1.2 and TLS 1.3).</p>
<p><code>-p, --protocols</code> checks TLS/SSL protocols SSLv2, SSLv3, TLS 1.0 through TLS 1.3 and for HTTP: SPDY (NPN) and ALPN, a.k.a. HTTP/2. For TLS 1.3 several drafts (from 18 on) and final are supported and being tested for.</p> <p><code>-p, --protocols</code> checks TLS/SSL protocols SSLv2, SSLv3, TLS 1.0 through TLS 1.3 and for HTTP: SPDY (NPN) and ALPN, a.k.a. HTTP/2. For TLS 1.3 several drafts (from 18 on) and final are supported and being tested for.</p>
@ -345,7 +345,7 @@ Also for multiple server certificates are being checked for as well as for the c
<p><code>-q, --quiet</code> Normally testssl.sh displays a banner on stdout with several version information, usage rights and a warning. This option suppresses it. Please note that by choosing this option you acknowledge usage terms and the warning normally appearing in the banner.</p> <p><code>-q, --quiet</code> Normally testssl.sh displays a banner on stdout with several version information, usage rights and a warning. This option suppresses it. Please note that by choosing this option you acknowledge usage terms and the warning normally appearing in the banner.</p>
<p><code>--wide</code> Except the "each cipher output" all tests displays the single cipher name (scheme see below). This option enables testssl.sh to display also for the following sections the same output as for testing each ciphers: BEAST, PFS, RC4. The client simulation has also a wide mode. The difference here is restricted to a column aligned output and a proper headline. The environment variable <code>WIDE</code> can be used instead.</p> <p><code>--wide</code> Except the "each cipher output" all tests displays the single cipher name (scheme see below). This option enables testssl.sh to display also for the following sections the same output as for testing each ciphers: BEAST, FS, RC4. The client simulation has also a wide mode. The difference here is restricted to a column aligned output and a proper headline. The environment variable <code>WIDE</code> can be used instead.</p>
<p><code>--mapping &lt;openssl|iana|no-openssl|no-iana></code></p> <p><code>--mapping &lt;openssl|iana|no-openssl|no-iana></code></p>
@ -480,7 +480,7 @@ Also for multiple server certificates are being checked for as well as for the c
<pre><code> testssl.sh testssl.sh <pre><code> testssl.sh testssl.sh
</code></pre> </code></pre>
<p>does a default run on https://testssl.sh (protocols, standard cipher lists, PFS, server preferences, server defaults, vulnerabilities, testing all known 370 ciphers, client simulation.</p> <p>does a default run on https://testssl.sh (protocols, standard cipher lists, FS, server preferences, server defaults, vulnerabilities, testing all known 370 ciphers, client simulation.</p>
<pre><code> testssl.sh testssl.net:443 <pre><code> testssl.sh testssl.net:443
</code></pre> </code></pre>

8
doc/testssl.1.md
View File

@ -42,7 +42,7 @@ linked OpenSSL binaries for major operating systems are supplied in `./bin/`.
2) standard cipher categories to give you upfront an idea for the ciphers supported 2) standard cipher categories to give you upfront an idea for the ciphers supported
3) checks (perfect) forward secrecy: ciphers and elliptical curves 3) checks forward secrecy: ciphers and elliptical curves
4) server preferences (server order) 4) server preferences (server order)
@ -164,7 +164,7 @@ Any single check switch supplied as an argument prevents testssl.sh from doing a
* `Average grade Ciphers`: 'HIGH:MEDIUM:AES:CAMELLIA:ARIA:!IDEA:!CHACHA20:!3DES:!RC2:!RC4:!AESCCM8:!AESCCM:!AESGCM:!ARIAGCM:!aNULL' * `Average grade Ciphers`: 'HIGH:MEDIUM:AES:CAMELLIA:ARIA:!IDEA:!CHACHA20:!3DES:!RC2:!RC4:!AESCCM8:!AESCCM:!AESGCM:!ARIAGCM:!aNULL'
* `Strong grade Ciphers` (AEAD): 'AESGCM:CHACHA20:AESGCM:CamelliaGCM:AESCCM8:AESCCM' * `Strong grade Ciphers` (AEAD): 'AESGCM:CHACHA20:AESGCM:CamelliaGCM:AESCCM8:AESCCM'
`-f, --pfs, --fs,--nsa ` Checks robust (perfect) forward secrecy key exchange. "Robust" means that ciphers having intrinsic severe weaknesses like Null Authentication or Encryption, 3DES and RC4 won't be considered here. There shouldn't be the wrong impression that a secure key exchange has been taking place and everything is fine when in reality the encryption sucks. Also this section lists the available elliptical curves and Diffie Hellman groups, as well as FFDHE groups (TLS 1.2 and TLS 1.3). `-f, --fs, --nsa, --forward-secrecy` Checks robust forward secrecy key exchange. "Robust" means that ciphers having intrinsic severe weaknesses like Null Authentication or Encryption, 3DES and RC4 won't be considered here. There shouldn't be the wrong impression that a secure key exchange has been taking place and everything is fine when in reality the encryption sucks. Also this section lists the available elliptical curves and Diffie Hellman groups, as well as FFDHE groups (TLS 1.2 and TLS 1.3).
`-p, --protocols` checks TLS/SSL protocols SSLv2, SSLv3, TLS 1.0 through TLS 1.3 and for HTTP: SPDY (NPN) and ALPN, a.k.a. HTTP/2. For TLS 1.3 several drafts (from 18 on) and final are supported and being tested for. `-p, --protocols` checks TLS/SSL protocols SSLv2, SSLv3, TLS 1.0 through TLS 1.3 and for HTTP: SPDY (NPN) and ALPN, a.k.a. HTTP/2. For TLS 1.3 several drafts (from 18 on) and final are supported and being tested for.
@ -258,7 +258,7 @@ Also for multiple server certificates are being checked for as well as for the c
`-q, --quiet` Normally testssl.sh displays a banner on stdout with several version information, usage rights and a warning. This option suppresses it. Please note that by choosing this option you acknowledge usage terms and the warning normally appearing in the banner. `-q, --quiet` Normally testssl.sh displays a banner on stdout with several version information, usage rights and a warning. This option suppresses it. Please note that by choosing this option you acknowledge usage terms and the warning normally appearing in the banner.
`--wide` Except the "each cipher output" all tests displays the single cipher name (scheme see below). This option enables testssl.sh to display also for the following sections the same output as for testing each ciphers: BEAST, PFS, RC4. The client simulation has also a wide mode. The difference here is restricted to a column aligned output and a proper headline. The environment variable `WIDE` can be used instead. `--wide` Except the "each cipher output" all tests displays the single cipher name (scheme see below). This option enables testssl.sh to display also for the following sections the same output as for testing each ciphers: BEAST, FS, RC4. The client simulation has also a wide mode. The difference here is restricted to a column aligned output and a proper headline. The environment variable `WIDE` can be used instead.
`--mapping <openssl|iana|no-openssl|no-iana>` `--mapping <openssl|iana|no-openssl|no-iana>`
@ -389,7 +389,7 @@ Except the environment variables mentioned above which can replace command line
testssl.sh testssl.sh testssl.sh testssl.sh
does a default run on https://testssl.sh (protocols, standard cipher lists, PFS, server preferences, server defaults, vulnerabilities, testing all known 370 ciphers, client simulation. does a default run on https://testssl.sh (protocols, standard cipher lists, FS, server preferences, server defaults, vulnerabilities, testing all known 370 ciphers, client simulation.
testssl.sh testssl.net:443 testssl.sh testssl.net:443

2
t/20_baseline_ipv4_http.t
View File

@ -15,7 +15,7 @@ use JSON;
my $tests = 0; my $tests = 0;
my $prg="./testssl.sh"; my $prg="./testssl.sh";
my $check2run="-p -s -P --pfs -S -h -U -q --ip=one --color 0"; my $check2run="-p -s -P --fs -S -h -U -q --ip=one --color 0";
my $uri="google.com"; my $uri="google.com";
my $socket_out=""; my $socket_out="";
my $openssl_out=""; my $openssl_out="";

2
t/21_baseline_ipv6_http.t.DISABLED
View File

@ -15,7 +15,7 @@ use Data::Dumper;
my $tests = 0; my $tests = 0;
my $prg="./testssl.sh"; my $prg="./testssl.sh";
my $check2run ="-p -s -P --pfs -S -h -U -q --ip=one --color 0"; my $check2run ="-p -s -P --fs -S -h -U -q --ip=one --color 0";
my $uri=""; my $uri="";
my $socket_out=""; my $socket_out="";
my $openssl_out=""; my $openssl_out="";

2
t/25_baseline_starttls.t
View File

@ -17,7 +17,7 @@ use Data::Dumper;
my $tests = 0; my $tests = 0;
my $prg="./testssl.sh"; my $prg="./testssl.sh";
my $check2run_smtp="--protocols --standard --pfs --server-preference --headers --vulnerable --each-cipher -q --ip=one --color 0"; my $check2run_smtp="--protocols --standard --fs --server-preference --headers --vulnerable --each-cipher -q --ip=one --color 0";
my $check2run="-q --ip=one --color 0"; my $check2run="-q --ip=one --color 0";
my $uri=""; my $uri="";
my $socket_out=""; my $socket_out="";

124
testssl.sh
View File

@ -211,7 +211,7 @@ DAYS2WARN2=${DAYS2WARN2:-30} # days to warn before cert expires, thre
VULN_THRESHLD=${VULN_THRESHLD:-1} # if vulnerabilities to check >$VULN_THRESHLD we DON'T show a separate header line in the output each vuln. check VULN_THRESHLD=${VULN_THRESHLD:-1} # if vulnerabilities to check >$VULN_THRESHLD we DON'T show a separate header line in the output each vuln. check
UNBRACKTD_IPV6=${UNBRACKTD_IPV6:-false} # some versions of OpenSSL (like Gentoo) don't support [bracketed] IPv6 addresses UNBRACKTD_IPV6=${UNBRACKTD_IPV6:-false} # some versions of OpenSSL (like Gentoo) don't support [bracketed] IPv6 addresses
NO_ENGINE=${NO_ENGINE:-false} # if there are problems finding the (external) openssl engine set this to true NO_ENGINE=${NO_ENGINE:-false} # if there are problems finding the (external) openssl engine set this to true
declare -r CLIENT_MIN_PFS=5 # number of ciphers needed to run a test for PFS declare -r CLIENT_MIN_FS=5 # number of ciphers needed to run a test for FS
CAPATH="${CAPATH:-/etc/ssl/certs/}" # Does nothing yet (FC has only a CA bundle per default, ==> openssl version -d) CAPATH="${CAPATH:-/etc/ssl/certs/}" # Does nothing yet (FC has only a CA bundle per default, ==> openssl version -d)
GOOD_CA_BUNDLE="" # A bundle of CA certificates that can be used to validate the server's certificate GOOD_CA_BUNDLE="" # A bundle of CA certificates that can be used to validate the server's certificate
CERTIFICATE_LIST_ORDERING_PROBLEM=false # Set to true if server sends a certificate list that contains a certificate CERTIFICATE_LIST_ORDERING_PROBLEM=false # Set to true if server sends a certificate list that contains a certificate
@ -1015,7 +1015,7 @@ fileout_json_section() {
2) echo -e ",\n \"protocols\" : [" ;; 2) echo -e ",\n \"protocols\" : [" ;;
3) echo -e ",\n \"grease\" : [" ;; 3) echo -e ",\n \"grease\" : [" ;;
4) echo -e ",\n \"ciphers\" : [" ;; 4) echo -e ",\n \"ciphers\" : [" ;;
5) echo -e ",\n \"pfs\" : [" ;; 5) echo -e ",\n \"fs\" : [" ;;
6) echo -e ",\n \"serverPreferences\" : [" ;; 6) echo -e ",\n \"serverPreferences\" : [" ;;
7) echo -e ",\n \"serverDefaults\" : [" ;; 7) echo -e ",\n \"serverDefaults\" : [" ;;
8) echo -e ",\n \"headerResponse\" : [" ;; 8) echo -e ",\n \"headerResponse\" : [" ;;
@ -8753,7 +8753,7 @@ certificate_info() {
etsi_etls_visibility_info "$jsonID" "$spaces" "$HOSTCERT" "$cert_txt" etsi_etls_visibility_info "$jsonID" "$spaces" "$HOSTCERT" "$cert_txt"
# *Currently* this is even listed as a vulnerability (CWE-310, CVE-2019-919), see # *Currently* this is even listed as a vulnerability (CWE-310, CVE-2019-919), see
# https://nvd.nist.gov/vuln/detail/CVE-2019-9191, https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9191 # https://nvd.nist.gov/vuln/detail/CVE-2019-9191, https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9191
# For now we leave this here. We may want to change that later or add infos to other sections (PFS & vulnerability) # For now we leave this here. We may want to change that later or add infos to other sections (FS & vulnerability)
out "$indent"; pr_bold " Certificate Validity (UTC) " out "$indent"; pr_bold " Certificate Validity (UTC) "
# FreeBSD + OSX can't swallow the leading blank: # FreeBSD + OSX can't swallow the leading blank:
@ -9337,7 +9337,7 @@ run_server_defaults() {
unit=$(grep -a lifetime <<< "$sessticket_lifetime_hint" | sed -e 's/^.*'"$lifetime"'//' -e 's/[ ()]//g') unit=$(grep -a lifetime <<< "$sessticket_lifetime_hint" | sed -e 's/^.*'"$lifetime"'//' -e 's/[ ()]//g')
out "$lifetime $unit" out "$lifetime $unit"
if [[ $((3600 * 24)) -lt $lifetime ]]; then if [[ $((3600 * 24)) -lt $lifetime ]]; then
prln_svrty_low " but: PFS requires session ticket keys to be rotated < daily !" prln_svrty_low " but: FS requires session ticket keys to be rotated < daily !"
fileout "$jsonID" "LOW" "valid for $lifetime $unit (>daily)" fileout "$jsonID" "LOW" "valid for $lifetime $unit (>daily)"
else else
outln ", session tickets keys seems to be rotated < daily" outln ", session tickets keys seems to be rotated < daily"
@ -9494,15 +9494,15 @@ get_san_dns_from_cert() {
} }
run_pfs() { run_fs() {
local -i sclient_success local -i sclient_success
local pfs_offered=false ecdhe_offered=false ffdhe_offered=false local fs_offered=false ecdhe_offered=false ffdhe_offered=false
local pfs_tls13_offered=false local fs_tls13_offered=false
local protos_to_try proto hexc dash pfs_cipher sslvers auth mac export curve dhlen local protos_to_try proto hexc dash fs_cipher sslvers auth mac export curve dhlen
local -a hexcode normalized_hexcode ciph rfc_ciph kx enc ciphers_found sigalg ossl_supported local -a hexcode normalized_hexcode ciph rfc_ciph kx enc ciphers_found sigalg ossl_supported
# generated from 'kEECDH:kEDH:!aNULL:!eNULL:!DES:!3DES:!RC4' with openssl 1.0.2i and openssl 1.1.0 # generated from 'kEECDH:kEDH:!aNULL:!eNULL:!DES:!3DES:!RC4' with openssl 1.0.2i and openssl 1.1.0
local pfs_cipher_list="DHE-DSS-AES128-GCM-SHA256:DHE-DSS-AES128-SHA256:DHE-DSS-AES128-SHA:DHE-DSS-AES256-GCM-SHA384:DHE-DSS-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-DSS-CAMELLIA128-SHA256:DHE-DSS-CAMELLIA128-SHA:DHE-DSS-CAMELLIA256-SHA256:DHE-DSS-CAMELLIA256-SHA:DHE-DSS-SEED-SHA:DHE-RSA-AES128-CCM8:DHE-RSA-AES128-CCM:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-CCM8:DHE-RSA-AES256-CCM:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA128-SHA256:DHE-RSA-CAMELLIA128-SHA:DHE-RSA-CAMELLIA256-SHA256:DHE-RSA-CAMELLIA256-SHA:DHE-RSA-CHACHA20-POLY1305-OLD:DHE-RSA-CHACHA20-POLY1305:DHE-RSA-SEED-SHA:ECDHE-ECDSA-AES128-CCM8:ECDHE-ECDSA-AES128-CCM:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-CCM8:ECDHE-ECDSA-AES256-CCM:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-CAMELLIA128-SHA256:ECDHE-ECDSA-CAMELLIA256-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305-OLD:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-RSA-CAMELLIA128-SHA256:ECDHE-RSA-CAMELLIA256-SHA384:ECDHE-RSA-CHACHA20-POLY1305-OLD:ECDHE-RSA-CHACHA20-POLY1305" local fs_cipher_list="DHE-DSS-AES128-GCM-SHA256:DHE-DSS-AES128-SHA256:DHE-DSS-AES128-SHA:DHE-DSS-AES256-GCM-SHA384:DHE-DSS-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-DSS-CAMELLIA128-SHA256:DHE-DSS-CAMELLIA128-SHA:DHE-DSS-CAMELLIA256-SHA256:DHE-DSS-CAMELLIA256-SHA:DHE-DSS-SEED-SHA:DHE-RSA-AES128-CCM8:DHE-RSA-AES128-CCM:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-CCM8:DHE-RSA-AES256-CCM:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA128-SHA256:DHE-RSA-CAMELLIA128-SHA:DHE-RSA-CAMELLIA256-SHA256:DHE-RSA-CAMELLIA256-SHA:DHE-RSA-CHACHA20-POLY1305-OLD:DHE-RSA-CHACHA20-POLY1305:DHE-RSA-SEED-SHA:ECDHE-ECDSA-AES128-CCM8:ECDHE-ECDSA-AES128-CCM:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-CCM8:ECDHE-ECDSA-AES256-CCM:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-CAMELLIA128-SHA256:ECDHE-ECDSA-CAMELLIA256-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305-OLD:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-RSA-CAMELLIA128-SHA256:ECDHE-RSA-CAMELLIA256-SHA384:ECDHE-RSA-CHACHA20-POLY1305-OLD:ECDHE-RSA-CHACHA20-POLY1305"
local pfs_hex_cipher_list="" ciphers_to_test tls13_ciphers_to_test local fs_hex_cipher_list="" ciphers_to_test tls13_ciphers_to_test
local ecdhe_cipher_list="" tls13_cipher_list="" ecdhe_cipher_list_hex="" ffdhe_cipher_list_hex="" local ecdhe_cipher_list="" tls13_cipher_list="" ecdhe_cipher_list_hex="" ffdhe_cipher_list_hex=""
local curves_hex=("00,01" "00,02" "00,03" "00,04" "00,05" "00,06" "00,07" "00,08" "00,09" "00,0a" "00,0b" "00,0c" "00,0d" "00,0e" "00,0f" "00,10" "00,11" "00,12" "00,13" "00,14" "00,15" "00,16" "00,17" "00,18" "00,19" "00,1a" "00,1b" "00,1c" "00,1d" "00,1e") local curves_hex=("00,01" "00,02" "00,03" "00,04" "00,05" "00,06" "00,07" "00,08" "00,09" "00,0a" "00,0b" "00,0c" "00,0d" "00,0e" "00,0f" "00,10" "00,11" "00,12" "00,13" "00,14" "00,15" "00,16" "00,17" "00,18" "00,19" "00,1a" "00,1b" "00,1c" "00,1d" "00,1e")
local -a curves_ossl=("sect163k1" "sect163r1" "sect163r2" "sect193r1" "sect193r2" "sect233k1" "sect233r1" "sect239k1" "sect283k1" "sect283r1" "sect409k1" "sect409r1" "sect571k1" "sect571r1" "secp160k1" "secp160r1" "secp160r2" "secp192k1" "prime192v1" "secp224k1" "secp224r1" "secp256k1" "prime256v1" "secp384r1" "secp521r1" "brainpoolP256r1" "brainpoolP384r1" "brainpoolP512r1" "X25519" "X448") local -a curves_ossl=("sect163k1" "sect163r1" "sect163r2" "sect193r1" "sect193r2" "sect233k1" "sect233r1" "sect239k1" "sect283k1" "sect283r1" "sect409k1" "sect409r1" "sect571k1" "sect571r1" "secp160k1" "secp160r1" "secp160r2" "secp192k1" "prime192v1" "secp224k1" "secp224r1" "secp256k1" "prime256v1" "secp384r1" "secp521r1" "brainpoolP256r1" "brainpoolP384r1" "brainpoolP512r1" "X25519" "X448")
@ -9515,20 +9515,20 @@ run_pfs() {
local -a ffdhe_groups_output=("ffdhe2048" "ffdhe3072" "ffdhe4096" "ffdhe6144" "ffdhe8192") local -a ffdhe_groups_output=("ffdhe2048" "ffdhe3072" "ffdhe4096" "ffdhe6144" "ffdhe8192")
local -a supported_curve local -a supported_curve
local -i nr_supported_ciphers=0 nr_curves=0 nr_ossl_curves=0 i j low high local -i nr_supported_ciphers=0 nr_curves=0 nr_ossl_curves=0 i j low high
local pfs_ciphers curves_offered="" curves_to_test temp local fs_ciphers curves_offered="" curves_to_test temp
local len1 len2 curve_found local len1 len2 curve_found
local key_bitstring quality_str local key_bitstring quality_str
local -i len_dh_p quality local -i len_dh_p quality
local has_dh_bits="$HAS_DH_BITS" local has_dh_bits="$HAS_DH_BITS"
local using_sockets=true local using_sockets=true
local jsonID="PFS" local jsonID="FS"
"$SSL_NATIVE" && using_sockets=false "$SSL_NATIVE" && using_sockets=false
"$FAST" && using_sockets=false "$FAST" && using_sockets=false
[[ $TLS_NR_CIPHERS == 0 ]] && using_sockets=false [[ $TLS_NR_CIPHERS == 0 ]] && using_sockets=false
outln outln
pr_headline " Testing robust (perfect) forward secrecy"; prln_underline ", (P)FS -- omitting Null Authentication/Encryption, 3DES, RC4 " pr_headline " Testing robust forward secrecy (FS)"; prln_underline " -- omitting Null Authentication/Encryption, 3DES, RC4 "
if ! "$using_sockets"; then if ! "$using_sockets"; then
[[ $TLS_NR_CIPHERS == 0 ]] && ! "$SSL_NATIVE" && ! "$FAST" && pr_warning " Cipher mapping not available, doing a fallback to openssl" [[ $TLS_NR_CIPHERS == 0 ]] && ! "$SSL_NATIVE" && ! "$FAST" && pr_warning " Cipher mapping not available, doing a fallback to openssl"
if ! "$HAS_DH_BITS" && "$WIDE"; then if ! "$HAS_DH_BITS" && "$WIDE"; then
@ -9540,12 +9540,12 @@ run_pfs() {
if "$using_sockets" || [[ $OSSL_VER_MAJOR -lt 1 ]]; then if "$using_sockets" || [[ $OSSL_VER_MAJOR -lt 1 ]]; then
for (( i=0; i < TLS_NR_CIPHERS; i++ )); do for (( i=0; i < TLS_NR_CIPHERS; i++ )); do
pfs_cipher="${TLS_CIPHER_RFC_NAME[i]}" fs_cipher="${TLS_CIPHER_RFC_NAME[i]}"
hexc="${TLS_CIPHER_HEXCODE[i]}" hexc="${TLS_CIPHER_HEXCODE[i]}"
if ( [[ "$pfs_cipher" == "TLS_DHE_"* ]] || [[ "$pfs_cipher" == "TLS_ECDHE_"* ]] || [[ "${hexc:2:2}" == "13" ]] ) && \ if ( [[ "$fs_cipher" == "TLS_DHE_"* ]] || [[ "$fs_cipher" == "TLS_ECDHE_"* ]] || [[ "${hexc:2:2}" == "13" ]] ) && \
[[ ! "$pfs_cipher" =~ NULL ]] && [[ ! "$pfs_cipher" =~ DES ]] && [[ ! "$pfs_cipher" =~ RC4 ]] && \ [[ ! "$fs_cipher" =~ NULL ]] && [[ ! "$fs_cipher" =~ DES ]] && [[ ! "$fs_cipher" =~ RC4 ]] && \
[[ ! "$pfs_cipher" =~ PSK ]] && ( "$using_sockets" || "${TLS_CIPHER_OSSL_SUPPORTED[i]}" ); then [[ ! "$fs_cipher" =~ PSK ]] && ( "$using_sockets" || "${TLS_CIPHER_OSSL_SUPPORTED[i]}" ); then
pfs_hex_cipher_list+=", ${hexc:2:2},${hexc:7:2}" fs_hex_cipher_list+=", ${hexc:2:2},${hexc:7:2}"
ciph[nr_supported_ciphers]="${TLS_CIPHER_OSSL_NAME[i]}" ciph[nr_supported_ciphers]="${TLS_CIPHER_OSSL_NAME[i]}"
rfc_ciph[nr_supported_ciphers]="${TLS_CIPHER_RFC_NAME[i]}" rfc_ciph[nr_supported_ciphers]="${TLS_CIPHER_RFC_NAME[i]}"
kx[nr_supported_ciphers]="${TLS_CIPHER_KX[i]}" kx[nr_supported_ciphers]="${TLS_CIPHER_KX[i]}"
@ -9574,26 +9574,26 @@ run_pfs() {
sigalg[nr_supported_ciphers]="" sigalg[nr_supported_ciphers]=""
ossl_supported[nr_supported_ciphers]=true ossl_supported[nr_supported_ciphers]=true
nr_supported_ciphers+=1 nr_supported_ciphers+=1
done < <(actually_supported_osslciphers "$pfs_cipher_list" "ALL" "-V") done < <(actually_supported_osslciphers "$fs_cipher_list" "ALL" "-V")
fi fi
if [[ $(has_server_protocol "tls1_3") -eq 0 ]]; then if [[ $(has_server_protocol "tls1_3") -eq 0 ]]; then
# All TLSv1.3 cipher suites offer robust PFS. # All TLSv1.3 cipher suites offer robust FS.
sclient_success=0 sclient_success=0
elif "$using_sockets"; then elif "$using_sockets"; then
tls_sockets "04" "${pfs_hex_cipher_list:2}, 00,ff" tls_sockets "04" "${fs_hex_cipher_list:2}, 00,ff"
sclient_success=$? sclient_success=$?
[[ $sclient_success -eq 2 ]] && sclient_success=0 [[ $sclient_success -eq 2 ]] && sclient_success=0
else else
debugme echo $nr_supported_ciphers debugme echo $nr_supported_ciphers
debugme echo $(actually_supported_osslciphers $pfs_cipher_list "ALL") debugme echo $(actually_supported_osslciphers $fs_cipher_list "ALL")
if [[ "$nr_supported_ciphers" -le "$CLIENT_MIN_PFS" ]]; then if [[ "$nr_supported_ciphers" -le "$CLIENT_MIN_FS" ]]; then
outln outln
prln_local_problem "You only have $nr_supported_ciphers PFS ciphers on the client side " prln_local_problem "You only have $nr_supported_ciphers FS ciphers on the client side "
fileout "$jsonID" "WARN" "tests skipped as you only have $nr_supported_ciphers PFS ciphers on the client site. ($CLIENT_MIN_PFS are required)" fileout "$jsonID" "WARN" "tests skipped as you only have $nr_supported_ciphers FS ciphers on the client site. ($CLIENT_MIN_FS are required)"
return 1 return 1
fi fi
$OPENSSL s_client $(s_client_options "-cipher $pfs_cipher_list -ciphersuites "ALL" $STARTTLS $BUGS -connect $NODEIP:$PORT $PROXY $SNI") >$TMPFILE 2>$ERRFILE </dev/null $OPENSSL s_client $(s_client_options "-cipher $fs_cipher_list -ciphersuites "ALL" $STARTTLS $BUGS -connect $NODEIP:$PORT $PROXY $SNI") >$TMPFILE 2>$ERRFILE </dev/null
sclient_connect_successful $? $TMPFILE sclient_connect_successful $? $TMPFILE
sclient_success=$? sclient_success=$?
[[ $sclient_success -eq 0 ]] && [[ $(grep -ac "BEGIN CERTIFICATE" $TMPFILE) -eq 0 ]] && sclient_success=1 [[ $sclient_success -eq 0 ]] && [[ $(grep -ac "BEGIN CERTIFICATE" $TMPFILE) -eq 0 ]] && sclient_success=1
@ -9605,9 +9605,9 @@ run_pfs() {
fileout "$jsonID" "MEDIUM" "No ciphers supporting (P)FS offered" fileout "$jsonID" "MEDIUM" "No ciphers supporting (P)FS offered"
else else
outln outln
pfs_offered=true fs_offered=true
pfs_ciphers="" fs_ciphers=""
pr_svrty_good " PFS is offered (OK)" pr_svrty_good " FS is offered (OK) "
fileout "$jsonID" "OK" "offered" fileout "$jsonID" "OK" "offered"
if "$WIDE"; then if "$WIDE"; then
outln ", ciphers follow (client/browser support is important here) \n" outln ", ciphers follow (client/browser support is important here) \n"
@ -9637,15 +9637,15 @@ run_pfs() {
[[ -z "$ciphers_to_test" ]] && [[ -z "$tls13_ciphers_to_test" ]] && break [[ -z "$ciphers_to_test" ]] && [[ -z "$tls13_ciphers_to_test" ]] && break
$OPENSSL s_client $(s_client_options "$proto -cipher "\'${ciphers_to_test:1}\'" -ciphersuites "\'${tls13_ciphers_to_test:1}\'" $STARTTLS $BUGS -connect $NODEIP:$PORT $PROXY $SNI") &>$TMPFILE </dev/null $OPENSSL s_client $(s_client_options "$proto -cipher "\'${ciphers_to_test:1}\'" -ciphersuites "\'${tls13_ciphers_to_test:1}\'" $STARTTLS $BUGS -connect $NODEIP:$PORT $PROXY $SNI") &>$TMPFILE </dev/null
sclient_connect_successful $? $TMPFILE || break sclient_connect_successful $? $TMPFILE || break
pfs_cipher=$(get_cipher $TMPFILE) fs_cipher=$(get_cipher $TMPFILE)
[[ -z "$pfs_cipher" ]] && break [[ -z "$fs_cipher" ]] && break
for (( i=0; i < nr_supported_ciphers; i++ )); do for (( i=0; i < nr_supported_ciphers; i++ )); do
[[ "$pfs_cipher" == "${ciph[i]}" ]] && break [[ "$fs_cipher" == "${ciph[i]}" ]] && break
done done
[[ $i -eq $nr_supported_ciphers ]] && break [[ $i -eq $nr_supported_ciphers ]] && break
ciphers_found[i]=true ciphers_found[i]=true
if [[ "$pfs_cipher" == TLS13* ]] || [[ "$pfs_cipher" == TLS_* ]]; then if [[ "$fs_cipher" == TLS13* ]] || [[ "$fs_cipher" == TLS_* ]]; then
pfs_tls13_offered=true fs_tls13_offered=true
"$WIDE" && kx[i]="$(read_dhtype_from_file $TMPFILE)" "$WIDE" && kx[i]="$(read_dhtype_from_file $TMPFILE)"
fi fi
if "$WIDE"; then if "$WIDE"; then
@ -9674,14 +9674,14 @@ run_pfs() {
fi fi
sclient_success=$? sclient_success=$?
[[ $sclient_success -ne 0 ]] && [[ $sclient_success -ne 2 ]] && break [[ $sclient_success -ne 0 ]] && [[ $sclient_success -ne 2 ]] && break
pfs_cipher=$(get_cipher "$TEMPDIR/$NODEIP.parse_tls_serverhello.txt") fs_cipher=$(get_cipher "$TEMPDIR/$NODEIP.parse_tls_serverhello.txt")
for (( i=0; i < nr_supported_ciphers; i++ )); do for (( i=0; i < nr_supported_ciphers; i++ )); do
[[ "$pfs_cipher" == "${rfc_ciph[i]}" ]] && break [[ "$fs_cipher" == "${rfc_ciph[i]}" ]] && break
done done
[[ $i -eq $nr_supported_ciphers ]] && break [[ $i -eq $nr_supported_ciphers ]] && break
ciphers_found[i]=true ciphers_found[i]=true
if [[ "${kx[i]}" == Kx=any ]]; then if [[ "${kx[i]}" == Kx=any ]]; then
pfs_tls13_offered=true fs_tls13_offered=true
"$WIDE" && kx[i]="$(read_dhtype_from_file "$TEMPDIR/$NODEIP.parse_tls_serverhello.txt")" "$WIDE" && kx[i]="$(read_dhtype_from_file "$TEMPDIR/$NODEIP.parse_tls_serverhello.txt")"
fi fi
if "$WIDE"; then if "$WIDE"; then
@ -9697,20 +9697,20 @@ run_pfs() {
! "${ciphers_found[i]}" && ! "$SHOW_EACH_C" && continue ! "${ciphers_found[i]}" && ! "$SHOW_EACH_C" && continue
if "${ciphers_found[i]}"; then if "${ciphers_found[i]}"; then
if ( [[ "$DISPLAY_CIPHERNAMES" =~ openssl ]] && [[ "${ciph[i]}" != "-" ]] ) || [[ "${rfc_ciph[i]}" == "-" ]]; then if ( [[ "$DISPLAY_CIPHERNAMES" =~ openssl ]] && [[ "${ciph[i]}" != "-" ]] ) || [[ "${rfc_ciph[i]}" == "-" ]]; then
pfs_cipher="${ciph[i]}" fs_cipher="${ciph[i]}"
else else
pfs_cipher="${rfc_ciph[i]}" fs_cipher="${rfc_ciph[i]}"
fi fi
pfs_ciphers+="$pfs_cipher " fs_ciphers+="$fs_cipher "
if [[ "${ciph[i]}" == ECDHE-* ]] || [[ "${ciph[i]}" == TLS13* ]] || [[ "${ciph[i]}" == TLS_* ]] || ( "$using_sockets" && [[ "${rfc_ciph[i]}" == TLS_ECDHE_* ]] ); then if [[ "${ciph[i]}" == ECDHE-* ]] || [[ "${ciph[i]}" == TLS13* ]] || [[ "${ciph[i]}" == TLS_* ]] || ( "$using_sockets" && [[ "${rfc_ciph[i]}" == TLS_ECDHE_* ]] ); then
ecdhe_offered=true ecdhe_offered=true
ecdhe_cipher_list_hex+=", ${hexcode[i]}" ecdhe_cipher_list_hex+=", ${hexcode[i]}"
if [[ "${ciph[i]}" != "-" ]]; then if [[ "${ciph[i]}" != "-" ]]; then
if [[ "${ciph[i]}" == TLS13* ]] || [[ "${ciph[i]}" == TLS_* ]]; then if [[ "${ciph[i]}" == TLS13* ]] || [[ "${ciph[i]}" == TLS_* ]]; then
tls13_cipher_list+=":$pfs_cipher" tls13_cipher_list+=":$fs_cipher"
else else
ecdhe_cipher_list+=":$pfs_cipher" ecdhe_cipher_list+=":$fs_cipher"
fi fi
fi fi
fi fi
@ -9735,14 +9735,14 @@ run_pfs() {
done done
if ! "$WIDE"; then if ! "$WIDE"; then
if [[ "$COLOR" -le 2 ]]; then if [[ "$COLOR" -le 2 ]]; then
out "$(out_row_aligned_max_width "$pfs_ciphers" " " $TERM_WIDTH)" out "$(out_row_aligned_max_width "$fs_ciphers" " " $TERM_WIDTH)"
else else
out_row_aligned_max_width_by_entry "$pfs_ciphers" " " $TERM_WIDTH pr_cipher_quality out_row_aligned_max_width_by_entry "$fs_ciphers" " " $TERM_WIDTH pr_cipher_quality
fi fi
fi fi
debugme echo $pfs_offered debugme echo $fs_offered
"$WIDE" || outln "$WIDE" || outln
fileout "${jsonID}_ciphers" "INFO" "$pfs_ciphers" fileout "${jsonID}_ciphers" "INFO" "$fs_ciphers"
fi fi
# find out what elliptic curves are supported. # find out what elliptic curves are supported.
@ -9772,7 +9772,7 @@ run_pfs() {
fi fi
fi fi
if "$HAS_TLS13"; then if "$HAS_TLS13"; then
if "$pfs_tls13_offered"; then if "$fs_tls13_offered"; then
protos_to_try="-no_ssl2 -no_tls1_3" protos_to_try="-no_ssl2 -no_tls1_3"
else else
protos_to_try="-no_tls1_3" protos_to_try="-no_tls1_3"
@ -9809,7 +9809,7 @@ run_pfs() {
fi fi
if "$ecdhe_offered" && "$using_sockets"; then if "$ecdhe_offered" && "$using_sockets"; then
protos_to_try="03" protos_to_try="03"
"$pfs_tls13_offered" && protos_to_try="04 03" "$fs_tls13_offered" && protos_to_try="04 03"
for proto in $protos_to_try; do for proto in $protos_to_try; do
if [[ "$proto" == 03 ]]; then if [[ "$proto" == 03 ]]; then
ecdhe_cipher_list_hex="$(strip_inconsistent_ciphers "03" "$ecdhe_cipher_list_hex")" ecdhe_cipher_list_hex="$(strip_inconsistent_ciphers "03" "$ecdhe_cipher_list_hex")"
@ -9872,7 +9872,7 @@ run_pfs() {
CURVES_OFFERED=$(strip_trailing_space "$CURVES_OFFERED") CURVES_OFFERED=$(strip_trailing_space "$CURVES_OFFERED")
# find out what groups are supported. # find out what groups are supported.
if "$using_sockets" && ( "$pfs_tls13_offered" || "$ffdhe_offered" ); then if "$using_sockets" && ( "$fs_tls13_offered" || "$ffdhe_offered" ); then
nr_curves=0 nr_curves=0
for curve in "${ffdhe_groups_output[@]}"; do for curve in "${ffdhe_groups_output[@]}"; do
supported_curve[nr_curves]=false supported_curve[nr_curves]=false
@ -9880,9 +9880,9 @@ run_pfs() {
nr_curves+=1 nr_curves+=1
done done
protos_to_try="" protos_to_try=""
"$pfs_tls13_offered" && protos_to_try="04" "$fs_tls13_offered" && protos_to_try="04"
if "$ffdhe_offered"; then if "$ffdhe_offered"; then
if "$pfs_tls13_offered"; then if "$fs_tls13_offered"; then
protos_to_try="04 03" protos_to_try="04 03"
else else
protos_to_try="03" protos_to_try="03"
@ -16342,7 +16342,7 @@ out_common_prime() {
out "common primes detected: "; pr_italic "$DH_GROUP_OFFERED" out "common primes detected: "; pr_italic "$DH_GROUP_OFFERED"
fileout "$jsonID2" "INFO" "$DH_GROUP_OFFERED" "$cve" "$cwe" fileout "$jsonID2" "INFO" "$DH_GROUP_OFFERED" "$cve" "$cwe"
# Now (below) size matters -- i.e. the bit size. As this is about a known prime we label it more strict. # Now (below) size matters -- i.e. the bit size. As this is about a known prime we label it more strict.
# This needs maybe needs another thought as it could appear inconsistent with run_pfs and elsewhere. # This needs maybe needs another thought as it could appear inconsistent with run_fs and elsewhere.
# for now we label the bit size similar in the screen, but distinguish the leading text for logjam before # for now we label the bit size similar in the screen, but distinguish the leading text for logjam before
elif [[ $DH_GROUP_LEN_P -le 800 ]]; then elif [[ $DH_GROUP_LEN_P -le 800 ]]; then
pr_svrty_critical "VULNERABLE (NOT ok):"; out " common prime: " pr_svrty_critical "VULNERABLE (NOT ok):"; out " common prime: "
@ -18326,7 +18326,7 @@ single check as <options> ("$PROG_NAME URI" does everything except -E and -g):
-e, --each-cipher checks each local cipher remotely -e, --each-cipher checks each local cipher remotely
-E, --cipher-per-proto checks those per protocol -E, --cipher-per-proto checks those per protocol
-s, --std, --standard tests certain lists of cipher suites by strength -s, --std, --standard tests certain lists of cipher suites by strength
-f, --pfs, --fs, --nsa checks (perfect) forward secrecy settings -f, --fs, --nsa checks forward secrecy settings
-p, --protocols checks TLS/SSL protocols (including SPDY/HTTP2) -p, --protocols checks TLS/SSL protocols (including SPDY/HTTP2)
-g, --grease tests several server implementation bugs like GREASE and size limitations -g, --grease tests several server implementation bugs like GREASE and size limitations
-S, --server-defaults displays the server's default picks and certificate info -S, --server-defaults displays the server's default picks and certificate info
@ -18374,7 +18374,7 @@ tuning / connect options (most also can be preset via environment variables):
output options (can also be preset via environment variables): output options (can also be preset via environment variables):
--quiet don't output the banner. By doing this you acknowledge usage terms normally appearing in the banner --quiet don't output the banner. By doing this you acknowledge usage terms normally appearing in the banner
--wide wide output for tests like RC4, BEAST. PFS also with hexcode, kx, strength, RFC name --wide wide output for tests like RC4, BEAST. FS also with hexcode, kx, strength, RFC name
--show-each for wide outputs: display all ciphers tested -- not only succeeded ones --show-each for wide outputs: display all ciphers tested -- not only succeeded ones
--mapping <openssl| openssl: use the OpenSSL cipher suite name as the primary name cipher suite name form (default) --mapping <openssl| openssl: use the OpenSSL cipher suite name as the primary name cipher suite name form (default)
iana|rfc -> use the IANA/(RFC) cipher suite name as the primary name cipher suite name form iana|rfc -> use the IANA/(RFC) cipher suite name as the primary name cipher suite name form
@ -18525,7 +18525,7 @@ DEBUG: $DEBUG
HSTS_MIN: $HSTS_MIN HSTS_MIN: $HSTS_MIN
HPKP_MIN: $HPKP_MIN HPKP_MIN: $HPKP_MIN
CLIENT_MIN_PFS: $CLIENT_MIN_PFS CLIENT_MIN_FS: $CLIENT_MIN_FS
DAYS2WARN1: $DAYS2WARN1 DAYS2WARN1: $DAYS2WARN1
DAYS2WARN2: $DAYS2WARN2 DAYS2WARN2: $DAYS2WARN2
@ -20384,7 +20384,7 @@ initialize_globals() {
do_pretty_json=false do_pretty_json=false
do_csv=false do_csv=false
do_html=false do_html=false
do_pfs=false do_fs=false
do_protocols=false do_protocols=false
do_rc4=false do_rc4=false
do_grease=false do_grease=false
@ -20421,7 +20421,7 @@ set_scanning_defaults() {
do_ssl_poodle=true do_ssl_poodle=true
do_sweet32=true do_sweet32=true
do_header=true do_header=true
do_pfs=true do_fs=true
do_rc4=true do_rc4=true
do_protocols=true do_protocols=true
do_renego=true do_renego=true
@ -20443,7 +20443,7 @@ count_do_variables() {
local true_nr=0 local true_nr=0
for gbl in do_allciphers do_vulnerabilities do_beast do_lucky13 do_breach do_ccs_injection do_ticketbleed do_cipher_per_proto do_crime \ for gbl in do_allciphers do_vulnerabilities do_beast do_lucky13 do_breach do_ccs_injection do_ticketbleed do_cipher_per_proto do_crime \
do_freak do_logjam do_drown do_header do_heartbleed do_mx_all_ips do_pfs do_protocols do_rc4 do_grease do_robot do_renego \ do_freak do_logjam do_drown do_header do_heartbleed do_mx_all_ips do_fs do_protocols do_rc4 do_grease do_robot do_renego \
do_cipherlists do_server_defaults do_server_preference do_ssl_poodle do_tls_fallback_scsv \ do_cipherlists do_server_defaults do_server_preference do_ssl_poodle do_tls_fallback_scsv \
do_sweet32 do_client_simulation do_cipher_match do_tls_sockets do_mass_testing do_display_only; do do_sweet32 do_client_simulation do_cipher_match do_tls_sockets do_mass_testing do_display_only; do
[[ "${!gbl}" == true ]] && let true_nr++ [[ "${!gbl}" == true ]] && let true_nr++
@ -20456,7 +20456,7 @@ debug_globals() {
local gbl local gbl
for gbl in do_allciphers do_vulnerabilities do_beast do_lucky13 do_breach do_ccs_injection do_ticketbleed do_cipher_per_proto do_crime \ for gbl in do_allciphers do_vulnerabilities do_beast do_lucky13 do_breach do_ccs_injection do_ticketbleed do_cipher_per_proto do_crime \
do_freak do_logjam do_drown do_header do_heartbleed do_mx_all_ips do_pfs do_protocols do_rc4 do_grease do_robot do_renego \ do_freak do_logjam do_drown do_header do_heartbleed do_mx_all_ips do_fs do_protocols do_rc4 do_grease do_robot do_renego \
do_cipherlists do_server_defaults do_server_preference do_ssl_poodle do_tls_fallback_scsv \ do_cipherlists do_server_defaults do_server_preference do_ssl_poodle do_tls_fallback_scsv \
do_sweet32 do_client_simulation do_cipher_match do_tls_sockets do_mass_testing do_display_only; do do_sweet32 do_client_simulation do_cipher_match do_tls_sockets do_mass_testing do_display_only; do
printf "%-22s = %s\n" $gbl "${!gbl}" printf "%-22s = %s\n" $gbl "${!gbl}"
@ -20716,8 +20716,8 @@ parse_cmd_line() {
do_rc4=true do_rc4=true
let "VULN_COUNT++" let "VULN_COUNT++"
;; ;;
-f|--pfs|--fs|--nsa) -f|--fs|--nsa|--forward-secrecy)
do_pfs=true do_fs=true
;; ;;
-g|--grease) -g|--grease)
do_grease=true do_grease=true
@ -21156,7 +21156,7 @@ lets_roll() {
"$do_cipherlists" && { run_cipherlists; ret=$(($? + ret)); stopwatch run_cipherlists; } "$do_cipherlists" && { run_cipherlists; ret=$(($? + ret)); stopwatch run_cipherlists; }
fileout_section_header $section_number true && ((section_number++)) fileout_section_header $section_number true && ((section_number++))
"$do_pfs" && { run_pfs; ret=$(($? + ret)); stopwatch run_pfs; } "$do_fs" && { run_fs; ret=$(($? + ret)); stopwatch run_fs; }
fileout_section_header $section_number true && ((section_number++)) fileout_section_header $section_number true && ((section_number++))
"$do_server_preference" && { run_server_preference; ret=$(($? + ret)); stopwatch run_server_preference; } "$do_server_preference" && { run_server_preference; ret=$(($? + ret)); stopwatch run_server_preference; }