diff --git a/t/baseline_data/default_testssl.csvfile b/t/baseline_data/default_testssl.csvfile index 74b972d..fd45dd0 100644 --- a/t/baseline_data/default_testssl.csvfile +++ b/t/baseline_data/default_testssl.csvfile @@ -18,9 +18,6 @@ "cipherlist_AVERAGE","testssl.sh/81.169.166.184","443","LOW","offered","","CWE-310" "cipherlist_GOOD","testssl.sh/81.169.166.184","443","OK","offered","","" "cipherlist_STRONG","testssl.sh/81.169.166.184","443","OK","offered","","" -"cipher_order","testssl.sh/81.169.166.184","443","OK","server","","" -"protocol_negotiated","testssl.sh/81.169.166.184","443","OK","Default protocol TLS1.3","","" -"cipher_negotiated","testssl.sh/81.169.166.184","443","OK","TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519)","","" "cipher-tls1_xc014","testssl.sh/81.169.166.184","443","LOW","TLSv1 xc014 ECDHE-RSA-AES256-SHA ECDH 256 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA","","" "cipher-tls1_xc013","testssl.sh/81.169.166.184","443","LOW","TLSv1 xc013 ECDHE-RSA-AES128-SHA ECDH 256 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA","","" "cipher-tls1_x88","testssl.sh/81.169.166.184","443","LOW","TLSv1 x88 DHE-RSA-CAMELLIA256-SHA DH 2048 Camellia 256 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA","","" @@ -60,6 +57,9 @@ "cipher-tls1_3_x1301","testssl.sh/81.169.166.184","443","OK","TLSv1.3 x1301 TLS_AES_128_GCM_SHA256 ECDH 253 AESGCM 128 TLS_AES_128_GCM_SHA256","","" "cipherorder_TLSv1_3","testssl.sh/81.169.166.184","443","INFO","TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 TLS_AES_128_GCM_SHA256","","" "prioritize_chacha_TLSv1_3","testssl.sh/81.169.166.184","443","INFO","false","","" +"cipher_order","testssl.sh/81.169.166.184","443","OK","server","","" +"protocol_negotiated","testssl.sh/81.169.166.184","443","OK","Default protocol TLS1.3","","" +"cipher_negotiated","testssl.sh/81.169.166.184","443","OK","TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519)","","" "FS","testssl.sh/81.169.166.184","443","OK","offered","","" "FS_ciphers","testssl.sh/81.169.166.184","443","INFO","TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA256 DHE-RSA-AES256-SHA DHE-RSA-CAMELLIA256-SHA TLS_AES_128_GCM_SHA256 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-SHA256 DHE-RSA-AES128-SHA DHE-RSA-CAMELLIA128-SHA","","" "FS_ECDHE_curves","testssl.sh/81.169.166.184","443","OK","prime256v1 secp384r1 secp521r1 X25519 X448","","" diff --git a/testssl.sh b/testssl.sh index 2e8c2c5..512f4b4 100755 --- a/testssl.sh +++ b/testssl.sh @@ -6613,9 +6613,7 @@ run_server_preference() { outln pr_headlineln " Testing server's cipher preferences " - outln - pr_bold " Has server cipher order? " if [[ "$OPTIMAL_PROTO" == -ssl2 ]]; then addcmd="$OPTIMAL_PROTO" @@ -6726,6 +6724,56 @@ run_server_preference() { debugme echo "has_cipher_order: $has_cipher_order" debugme echo "has_tls13_cipher_order: $has_tls13_cipher_order" + # restore file from above + [[ "$default_proto" == TLSv1.3 ]] && cp "$TEMPDIR/$NODEIP.parse_tls13_serverhello.txt" $TMPFILE + cipher1=$(get_cipher $TMPFILE) + tmpfile_handle ${FUNCNAME[0]}.txt + + # Sanity check: Handshake with no ciphers and one with forward list didn't overlap + if [[ "$cipher0" != $cipher1 ]]; then + limitedsense=" (matching cipher in list missing)" + fi + + if [[ "$DISPLAY_CIPHERNAMES" =~ openssl ]] && ( [[ "$cipher1" == TLS_* ]] || [[ "$cipher1" == SSL_* ]] ); then + default_cipher="$(rfc2openssl "$cipher1")" + elif [[ "$DISPLAY_CIPHERNAMES" =~ rfc ]] && [[ "$cipher1" != TLS_* ]] && [[ "$cipher1" != SSL_* ]]; then + default_cipher="$(openssl2rfc "$cipher1")" + fi + [[ -z "$default_cipher" ]] && default_cipher="$cipher1" + + "$FAST" && using_sockets=false + [[ $TLS_NR_CIPHERS == 0 ]] && using_sockets=false + + neat_header + while read proto_ossl proto_hex proto_txt; do + pr_underline "$(printf -- "%b" "$proto_txt")" + # TODO: If there's no cipher we should consider not displaying the text in the round brackets) + # the following takes care of that but only if we know the protocol is not supported + if [[ $(has_server_protocol "$proto_ossl") -eq 1 ]]; then + outln "\n - " + continue + fi + # TODO: Also the fact that a protocol is not supported seems not to be saved by cipher_pref_check() + # (./testssl.sh --wide -p -P -E vs ./testssl.sh --wide -P -E ) + if [[ $proto_ossl == ssl2 ]] || \ + ( [[ $proto_ossl != tls1_3 ]] && ! "$has_cipher_order" ) || \ + ( [[ $proto_ossl == tls1_3 ]] && ! "$has_tls13_cipher_order" ); then + if [[ $proto_ossl == ssl2 ]]; then + outln " (listed by strength)" + elif [[ $proto_ossl == tls1_3 ]]; then + outln " (no server order, thus listed by strength)" + else + prln_svrty_high " (no server order, thus listed by strength)" + fi + ciphers_by_strength "-$proto_ossl" "$proto_hex" "$proto_txt" "$using_sockets" "true" + else + cipher_pref_check "$proto_ossl" "$proto_hex" "$proto_txt" "$using_sockets" "true" + fi + done <<< "$(tm_out " ssl2 22 SSLv2\n ssl3 00 SSLv3\n tls1 01 TLSv1\n tls1_1 02 TLSv1.1\n tls1_2 03 TLSv1.2\n tls1_3 04 TLSv1.3\n")" + outln + + pr_bold " Has server cipher order? " + jsonID="cipher_order" if "$TLS13_ONLY" && ! "$has_tls13_cipher_order"; then out "no (TLS 1.3 only)" limitedsense=" (limited sense as client will pick)" @@ -6807,33 +6855,17 @@ run_server_preference() { pr_bold " Negotiated cipher " jsonID="cipher_negotiated" - - # restore file from above - [[ "$default_proto" == TLSv1.3 ]] && cp "$TEMPDIR/$NODEIP.parse_tls13_serverhello.txt" $TMPFILE - cipher1=$(get_cipher $TMPFILE) - - # Sanity check: Handshake with no ciphers and one with forward list didn't overlap - if [[ "$cipher0" != $cipher1 ]]; then - limitedsense=" (matching cipher in list missing)" - fi - - if [[ "$DISPLAY_CIPHERNAMES" =~ openssl ]] && ( [[ "$cipher1" == TLS_* ]] || [[ "$cipher1" == SSL_* ]] ); then - default_cipher="$(rfc2openssl "$cipher1")" - elif [[ "$DISPLAY_CIPHERNAMES" =~ rfc ]] && [[ "$cipher1" != TLS_* ]] && [[ "$cipher1" != SSL_* ]]; then - default_cipher="$(openssl2rfc "$cipher1")" - fi - [[ -z "$default_cipher" ]] && default_cipher="$cipher1" pr_cipher_quality "$default_cipher" case $? in - 1) fileout "$jsonID" "CRITICAL" "$default_cipher$(read_dhbits_from_file "$TMPFILE" "string") $limitedsense" + 1) fileout "$jsonID" "CRITICAL" "$default_cipher$(read_dhbits_from_file "$TEMPDIR/$NODEIP.run_server_preference.txt" "string") $limitedsense" ;; - 2) fileout "$jsonID" "HIGH" "$default_cipher$(read_dhbits_from_file "$TMPFILE" "string") $limitedsense" + 2) fileout "$jsonID" "HIGH" "$default_cipher$(read_dhbits_from_file "$TEMPDIR/$NODEIP.run_server_preference.txt" "string") $limitedsense" ;; - 3) fileout "$jsonID" "MEDIUM" "$default_cipher$(read_dhbits_from_file "$TMPFILE" "string") $limitedsense" + 3) fileout "$jsonID" "MEDIUM" "$default_cipher$(read_dhbits_from_file "$TEMPDIR/$NODEIP.run_server_preference.txt" "string") $limitedsense" ;; - 6|7) fileout "$jsonID" "OK" "$default_cipher$(read_dhbits_from_file "$TMPFILE" "string") $limitedsense" + 6|7) fileout "$jsonID" "OK" "$default_cipher$(read_dhbits_from_file "$TEMPDIR/$NODEIP.run_server_preference.txt" "string") $limitedsense" ;; # best ones - 4) fileout "$jsonID" "LOW" "$default_cipher$(read_dhbits_from_file "$TMPFILE" "string") (cbc) $limitedsense" + 4) fileout "$jsonID" "LOW" "$default_cipher$(read_dhbits_from_file "$TEMPDIR/$NODEIP.run_server_preference.txt" "string") (cbc) $limitedsense" ;; # it's CBC. --> lucky13 0) pr_warning "default cipher empty" ; if [[ $OSSL_VER == 1.0.2* ]]; then @@ -6844,10 +6876,10 @@ run_server_preference() { fi ret=1 ;; - *) fileout "$jsonID" "INFO" "$default_cipher$(read_dhbits_from_file "$TMPFILE" "string") $limitedsense" + *) fileout "$jsonID" "INFO" "$default_cipher$(read_dhbits_from_file "$TEMPDIR/$NODEIP.run_server_preference.txt" "string") $limitedsense" ;; esac - read_dhbits_from_file "$TMPFILE" + read_dhbits_from_file "$TEMPDIR/$NODEIP.run_server_preference.txt" if [[ "$cipher0" != $cipher1 ]]; then pr_warning " -- inconclusive test, matching cipher in list missing" @@ -6856,39 +6888,6 @@ run_server_preference() { else outln "$limitedsense" fi - - "$FAST" && using_sockets=false - [[ $TLS_NR_CIPHERS == 0 ]] && using_sockets=false - - pr_bold " Cipher per protocol" - outln "\n" && neat_header - while read proto_ossl proto_hex proto_txt; do - pr_underline "$(printf -- "%b" "$proto_txt")" - # TODO: If there's no cipher we should consider not displaying the text in the round brackets) - # the following takes care of that but only if we know the protocol is not supported - if [[ $(has_server_protocol "$proto_ossl") -eq 1 ]]; then - outln "\n - " - continue - fi - # TODO: Also the fact that a protocol is not supported seems not to be saved by cipher_pref_check() - # (./testssl.sh --wide -p -P -E vs ./testssl.sh --wide -P -E ) - if [[ $proto_ossl == ssl2 ]] || \ - ( [[ $proto_ossl != tls1_3 ]] && ! "$has_cipher_order" ) || \ - ( [[ $proto_ossl == tls1_3 ]] && ! "$has_tls13_cipher_order" ); then - if [[ $proto_ossl == ssl2 ]]; then - outln " (listed by strength)" - elif [[ $proto_ossl == tls1_3 ]]; then - outln " (no server order, thus listed by strength)" - else - prln_svrty_high " (no server order, thus listed by strength)" - fi - ciphers_by_strength "-$proto_ossl" "$proto_hex" "$proto_txt" "$using_sockets" "true" - else - cipher_pref_check "$proto_ossl" "$proto_hex" "$proto_txt" "$using_sockets" "true" - fi - done <<< "$(tm_out " ssl2 22 SSLv2\n ssl3 00 SSLv3\n tls1 01 TLSv1\n tls1_1 02 TLSv1.1\n tls1_2 03 TLSv1.2\n tls1_3 04 TLSv1.3\n")" - outln - return $ret # end of run_server_preference() }