mirror of
https://github.com/drwetter/testssl.sh.git
synced 2025-01-01 06:19:44 +01:00
Merge pull request #2565 from drwetter/automagic
Amend docs wrt STARTTLS, clarify automagic switch for TLS 1.3 only hosts
This commit is contained in:
commit
92bc6d4873
@ -428,7 +428,7 @@ This program has a near\-complete implementation of SSL Labs's 'SSL Server Ratin
|
|||||||
.P
|
.P
|
||||||
This is \fInot\fR a 100% reimplementation of the SSL Lab's SSL Server Test \fIhttps://www\.ssllabs\.com/ssltest/analyze\.html\fR, but an implementation of the above rating specification, slight discrepancies may occur\. Please note that for now we stick to the SSL Labs rating as good as possible\. We are not responsible for their rating\. Before filing issues please inspect their Rating Guide\.
|
This is \fInot\fR a 100% reimplementation of the SSL Lab's SSL Server Test \fIhttps://www\.ssllabs\.com/ssltest/analyze\.html\fR, but an implementation of the above rating specification, slight discrepancies may occur\. Please note that for now we stick to the SSL Labs rating as good as possible\. We are not responsible for their rating\. Before filing issues please inspect their Rating Guide\.
|
||||||
.P
|
.P
|
||||||
Disclaimer: Having a good grade is \fBNOT\fR necessarily equal to having good security! Don't start a competition for the best grade, at least not without monitoring the client handshakes and not without adding a portion of good sense to it\. Please note STARTTLS always results in a grade cap to T\. Anything else would lead to a false sense of security \- at least until we test for DANE or MTA\-STS\.
|
Disclaimer: Having a good grade is \fBNOT\fR necessarily equal to having good security! Don't start a competition for the best grade, at least not without monitoring the client handshakes and not without adding a portion of good sense to it\. Please note STARTTLS always results in a grade cap to T\. Anything else would lead to a false sense of security\. Use TLS, see also RFC 8314\. The security of STARTTLS is always client determined, i'\.e\. checking the certificate which for SMTP port 25 is often enough not the case\. Also with DANE or MTA\-STS no one can test on the server side whether a client makes use if it\.
|
||||||
.P
|
.P
|
||||||
As of writing, these checks are missing: * GOLDENDOODLE \- should be graded \fBF\fR if vulnerable * Insecure renegotiation \- should be graded \fBF\fR if vulnerable * Padding oracle in AES\-NI CBC MAC check (CVE\-2016\-2107) \- should be graded \fBF\fR if vulnerable * Sleeping POODLE \- should be graded \fBF\fR if vulnerable * Zero Length Padding Oracle (CVE\-2019\-1559) \- should be graded \fBF\fR if vulnerable * Zombie POODLE \- should be graded \fBF\fR if vulnerable * All remaining old Symantec PKI certificates are distrusted \- should be graded \fBT\fR * Symantec certificates issued before June 2016 are distrusted \- should be graded \fBT\fR * Anonymous key exchange \- should give \fB0\fR points in \fBset_key_str_score()\fR * Exportable key exchange \- should give \fB40\fR points in \fBset_key_str_score()\fR * Weak key (Debian OpenSSL Flaw) \- should give \fB0\fR points in \fBset_key_str_score()\fR
|
As of writing, these checks are missing: * GOLDENDOODLE \- should be graded \fBF\fR if vulnerable * Insecure renegotiation \- should be graded \fBF\fR if vulnerable * Padding oracle in AES\-NI CBC MAC check (CVE\-2016\-2107) \- should be graded \fBF\fR if vulnerable * Sleeping POODLE \- should be graded \fBF\fR if vulnerable * Zero Length Padding Oracle (CVE\-2019\-1559) \- should be graded \fBF\fR if vulnerable * Zombie POODLE \- should be graded \fBF\fR if vulnerable * All remaining old Symantec PKI certificates are distrusted \- should be graded \fBT\fR * Symantec certificates issued before June 2016 are distrusted \- should be graded \fBT\fR * Anonymous key exchange \- should give \fB0\fR points in \fBset_key_str_score()\fR * Exportable key exchange \- should give \fB40\fR points in \fBset_key_str_score()\fR * Weak key (Debian OpenSSL Flaw) \- should give \fB0\fR points in \fBset_key_str_score()\fR
|
||||||
.P
|
.P
|
||||||
|
@ -502,7 +502,7 @@ Rating automatically gets disabled, to not give a wrong or misleading grade, whe
|
|||||||
<li>MAX_OSSL_FAIL: A number which tells testssl.sh how often an OpenSSL s_client connect may fail before the program gives up and terminates. The default is 2. You can increase it to a higher value if you frequently see a message like <em>Fatal error: repeated TCP connect problems, giving up</em>.</li>
|
<li>MAX_OSSL_FAIL: A number which tells testssl.sh how often an OpenSSL s_client connect may fail before the program gives up and terminates. The default is 2. You can increase it to a higher value if you frequently see a message like <em>Fatal error: repeated TCP connect problems, giving up</em>.</li>
|
||||||
<li>MAX_HEADER_FAIL: A number which tells testssl.sh how often a HTTP GET request over OpenSSL may return an empty file before the program gives up and terminates. The default is 3. Also here you can increase the threshold when you spot messages like <em>Fatal error: repeated HTTP header connect problems, doesn't make sense to continue</em>.</li>
|
<li>MAX_HEADER_FAIL: A number which tells testssl.sh how often a HTTP GET request over OpenSSL may return an empty file before the program gives up and terminates. The default is 3. Also here you can increase the threshold when you spot messages like <em>Fatal error: repeated HTTP header connect problems, doesn't make sense to continue</em>.</li>
|
||||||
<li>OPENSSL2 can be used to supply an alternative openssl version. This only makes sense if you want to amend the supplied version in <code>bin/</code> which lacks TLS 1.3 support with a version which does not and is not in <code>/usr/bin/openssl</code>.</li>
|
<li>OPENSSL2 can be used to supply an alternative openssl version. This only makes sense if you want to amend the supplied version in <code>bin/</code> which lacks TLS 1.3 support with a version which does not and is not in <code>/usr/bin/openssl</code>.</li>
|
||||||
<li>OSSL_SHORTCUT can be set to true when you run interactively and don't want to switch automatically to <code>/usr/bin/openssl</code> (<code>OPENSSL2</code>) if you encounter a TLS 1.3-only host.
|
<li>OSSL_SHORTCUT should be set to false when you run interactively and don't want to switch automatically to <code>/usr/bin/openssl</code> (<code>OPENSSL2</code>) if you encounter a TLS 1.3-only host.</li>
|
||||||
</ul>
|
</ul>
|
||||||
|
|
||||||
<h3 id="RATING">RATING</h3>
|
<h3 id="RATING">RATING</h3>
|
||||||
@ -511,7 +511,7 @@ Rating automatically gets disabled, to not give a wrong or misleading grade, whe
|
|||||||
<p>This is <em>not</em> a 100% reimplementation of the <a href="https://www.ssllabs.com/ssltest/analyze.html">SSL Lab's SSL Server Test</a>, but an implementation of the above rating specification, slight discrepancies may occur. Please note that for now we stick to the SSL Labs rating as good as possible. We are not responsible for their rating. Before filing issues please inspect their Rating Guide.</p>
|
<p>This is <em>not</em> a 100% reimplementation of the <a href="https://www.ssllabs.com/ssltest/analyze.html">SSL Lab's SSL Server Test</a>, but an implementation of the above rating specification, slight discrepancies may occur. Please note that for now we stick to the SSL Labs rating as good as possible. We are not responsible for their rating. Before filing issues please inspect their Rating Guide.</p>
|
||||||
|
|
||||||
<p>Disclaimer: Having a good grade is <strong>NOT</strong> necessarily equal to having good security! Don't start a competition for the best grade, at least not without monitoring the client handshakes and not without adding a portion of good sense to it. Please note STARTTLS always results in a grade cap to T. Anything else
|
<p>Disclaimer: Having a good grade is <strong>NOT</strong> necessarily equal to having good security! Don't start a competition for the best grade, at least not without monitoring the client handshakes and not without adding a portion of good sense to it. Please note STARTTLS always results in a grade cap to T. Anything else
|
||||||
would lead to a false sense of security - at least until we test for DANE or MTA-STS.</p>
|
would lead to a false sense of security. Use TLS, see also RFC 8314. The security of STARTTLS is always client determined, i.e. checking the certificate which for SMTP port 25 is often enough not the case. Also with DANE or MTA-STS no one can test on the server side whether a client makes use if it.</p>
|
||||||
|
|
||||||
<p>As of writing, these checks are missing:
|
<p>As of writing, these checks are missing:
|
||||||
* GOLDENDOODLE - should be graded <strong>F</strong> if vulnerable
|
* GOLDENDOODLE - should be graded <strong>F</strong> if vulnerable
|
||||||
|
@ -404,7 +404,7 @@ Except the environment variables mentioned above which can replace command line
|
|||||||
* MAX_OSSL_FAIL: A number which tells testssl.sh how often an OpenSSL s_client connect may fail before the program gives up and terminates. The default is 2. You can increase it to a higher value if you frequently see a message like *Fatal error: repeated TCP connect problems, giving up*.
|
* MAX_OSSL_FAIL: A number which tells testssl.sh how often an OpenSSL s_client connect may fail before the program gives up and terminates. The default is 2. You can increase it to a higher value if you frequently see a message like *Fatal error: repeated TCP connect problems, giving up*.
|
||||||
* MAX_HEADER_FAIL: A number which tells testssl.sh how often a HTTP GET request over OpenSSL may return an empty file before the program gives up and terminates. The default is 3. Also here you can increase the threshold when you spot messages like *Fatal error: repeated HTTP header connect problems, doesn't make sense to continue*.
|
* MAX_HEADER_FAIL: A number which tells testssl.sh how often a HTTP GET request over OpenSSL may return an empty file before the program gives up and terminates. The default is 3. Also here you can increase the threshold when you spot messages like *Fatal error: repeated HTTP header connect problems, doesn't make sense to continue*.
|
||||||
* OPENSSL2 can be used to supply an alternative openssl version. This only makes sense if you want to amend the supplied version in `bin/` which lacks TLS 1.3 support with a version which doesn not and is not in `/usr/bin/openssl`.
|
* OPENSSL2 can be used to supply an alternative openssl version. This only makes sense if you want to amend the supplied version in `bin/` which lacks TLS 1.3 support with a version which doesn not and is not in `/usr/bin/openssl`.
|
||||||
* OSSL_SHORTCUT can be set to true when you run interactively and don't want to switch automatically to `/usr/bin/openssl` (`OPENSSL2`) if you encounter a TLS 1.3-only host.
|
* OSSL_SHORTCUT should be set to false when you run interactively and don't want to switch automatically to `/usr/bin/openssl` (`OPENSSL2`) if you encounter a TLS 1.3-only host.
|
||||||
|
|
||||||
|
|
||||||
### RATING
|
### RATING
|
||||||
@ -413,8 +413,7 @@ This program has a near-complete implementation of SSL Labs's '[SSL Server Ratin
|
|||||||
|
|
||||||
This is *not* a 100% reimplementation of the [SSL Lab's SSL Server Test](https://www.ssllabs.com/ssltest/analyze.html), but an implementation of the above rating specification, slight discrepancies may occur. Please note that for now we stick to the SSL Labs rating as good as possible. We are not responsible for their rating. Before filing issues please inspect their Rating Guide.
|
This is *not* a 100% reimplementation of the [SSL Lab's SSL Server Test](https://www.ssllabs.com/ssltest/analyze.html), but an implementation of the above rating specification, slight discrepancies may occur. Please note that for now we stick to the SSL Labs rating as good as possible. We are not responsible for their rating. Before filing issues please inspect their Rating Guide.
|
||||||
|
|
||||||
Disclaimer: Having a good grade is **NOT** necessarily equal to having good security! Don't start a competition for the best grade, at least not without monitoring the client handshakes and not without adding a portion of good sense to it. Please note STARTTLS always results in a grade cap to T. Anything else
|
Disclaimer: Having a good grade is **NOT** necessarily equal to having good security! Don't start a competition for the best grade, at least not without monitoring the client handshakes and not without adding a portion of good sense to it. Please note STARTTLS always results in a grade cap to T. Anything else would lead to a false sense of security. Use TLS, see also RFC 8314. The security of STARTTLS is always client determined, i.e. checking the certificate which for SMTP port 25 is often enough not the case. Also with DANE or MTA-STS no one can test on the server side whether a client makes use if it.
|
||||||
would lead to a false sense of security - at least until we test for DANE or MTA-STS.
|
|
||||||
|
|
||||||
As of writing, these checks are missing:
|
As of writing, these checks are missing:
|
||||||
|
|
||||||
|
@ -246,7 +246,7 @@ TLS_DATA_FILE="" # mandatory file for socket-based handsh
|
|||||||
OPENSSL="" # ~/bin/openssl.$(uname).$(uname -m) if you run this from GitHub. Linux otherwise probably /usr/bin/openssl
|
OPENSSL="" # ~/bin/openssl.$(uname).$(uname -m) if you run this from GitHub. Linux otherwise probably /usr/bin/openssl
|
||||||
OPENSSL2=${OPENSSL2:-/usr/bin/openssl} # This will be openssl version >=1.1.1 (auto determined) as opposed to openssl-bad (OPENSSL)
|
OPENSSL2=${OPENSSL2:-/usr/bin/openssl} # This will be openssl version >=1.1.1 (auto determined) as opposed to openssl-bad (OPENSSL)
|
||||||
OPENSSL2_HAS_TLS_1_3=false # If we run with supplied binary AND $OPENSSL2 supports TLS 1.3 this will be set to true
|
OPENSSL2_HAS_TLS_1_3=false # If we run with supplied binary AND $OPENSSL2 supports TLS 1.3 this will be set to true
|
||||||
OSSL_SHORTCUT=${OSSL_SHORTCUT:-true} # Hack: if during the scan turns out the OpenSSL binary supports TLS 1.3 would be a better choice
|
OSSL_SHORTCUT=${OSSL_SHORTCUT:-true} # If you don't want automagically switch from $OPENSSL to $OPENSSL2 for TLS 1.3-only hosts, set this to false
|
||||||
OPENSSL_LOCATION=""
|
OPENSSL_LOCATION=""
|
||||||
IKNOW_FNAME=false
|
IKNOW_FNAME=false
|
||||||
FIRST_FINDING=true # is this the first finding we are outputting to file?
|
FIRST_FINDING=true # is this the first finding we are outputting to file?
|
||||||
@ -22039,8 +22039,8 @@ determine_optimal_proto() {
|
|||||||
if "$OPENSSL2_HAS_TLS_1_3"; then
|
if "$OPENSSL2_HAS_TLS_1_3"; then
|
||||||
if "$OSSL_SHORTCUT" || [[ "$WARNINGS" == batch ]]; then
|
if "$OSSL_SHORTCUT" || [[ "$WARNINGS" == batch ]]; then
|
||||||
# switch w/o asking
|
# switch w/o asking
|
||||||
OPEN_MSG=" $NODE:$PORT appeared to support TLS 1.3 ONLY. Thus switched implicitly from\n \"$OPENSSL\" to \"$OPENSSL2\"."
|
OPEN_MSG=" $NODE:$PORT appeared to support TLS 1.3 ONLY. Thus switched automagically from\n \"$OPENSSL\" to \"$OPENSSL2\"."
|
||||||
fileout "$jsonID" "INFO" "$NODE:$PORT appears to support TLS 1.3 ONLY, switching from $OPENSSL to $OPENSSL2 was implicitly enforced"
|
fileout "$jsonID" "INFO" "$NODE:$PORT appears to support TLS 1.3 ONLY, switching from $OPENSSL to $OPENSSL2 automagically"
|
||||||
OPENSSL="$OPENSSL2"
|
OPENSSL="$OPENSSL2"
|
||||||
find_openssl_binary
|
find_openssl_binary
|
||||||
prepare_arrays
|
prepare_arrays
|
||||||
|
Loading…
Reference in New Issue
Block a user