diff --git a/bin/Readme.md b/bin/Readme.md index 7197699..32c22c9 100644 --- a/bin/Readme.md +++ b/bin/Readme.md @@ -13,12 +13,12 @@ via the argument (``--openssl=``) or as an environment variable (``OPENSSL= testssl.sh ``). The Linux binaries with the trailing ``-krb5`` come with Kerberos 5 support, -they won't be automatically picked up as you need to make sure first they +they won't be picked up automatically as you need to make sure first they run (see libraries below). All the precompiled binaries provided here have extended support for everything which is normally not in OpenSSL or LibreSSL -- 40+56 Bit, -export/ANON ciphers, weak DH ciphers, SSLv2 etc. -- all the dirty +export/ANON ciphers, weak DH ciphers, weak EC curves, SSLv2 etc. -- all the dirty features needed for testing. OTOH they also come with extended support for new / advanced cipher suites and/or features which are not in the official branch like CHACHA20+POLY1305 and CAMELIA 256 bit ciphers. @@ -29,6 +29,9 @@ Peter! Compiled Linux binaries so far come from Dirk, other contributors see ../CREDITS.md . +**__New binaries inluding IPv6 support are @ https://testssl.sh__**. The ones here will be +updated soon. + Compiling and Usage Instructions ================================ @@ -38,7 +41,7 @@ General Both 64+32 bit Linux binaries were compiled under Ubuntu 12.04 LTS. Likely you cannot use them for older distributions, younger worked in all my test environments. -I provide for each distributions two sets of binaries: +I provide for each distributions two sets of binaries (no IPv6 here): * completely statically linked binaries * dynamically linked binaries, additionally with MIT Kerberos support ("krb5" in the name). @@ -94,7 +97,9 @@ If you want to compile OpenSSL yourself, here are the instructions: -- this doesn't give you the option of an IPv6 enabled proxy -- yet.) Four GOST [1][2] ciphers come via engine support automagically with this setup. Two additional GOST -ciphers can be compiled in (``GOST-GOST94``, ``GOST-MD5``) with ``-DTEMP_GOST_TLS`` but as of now they make problems under rare circumstances, so unless you desperately need those ciphers I would stay away from ``-DTEMP_GOST_TLS``. +ciphers can be compiled in (``GOST-GOST94``, ``GOST-MD5``) with ``-DTEMP_GOST_TLS`` but as of now they make +problems under some circumstances, so unless you desperately need those ciphers I would stay away from +``-DTEMP_GOST_TLS``. If you don't have / don't want Kerberos libraries and devel rpms/debs, just omit "--with-krb5-flavor=MIT" (see examples). If you have another Kerberos flavor you would need to figure out by yourself. diff --git a/etc/curves.txt b/etc/curves.txt index 31217c7..fe7d0b8 100644 --- a/etc/curves.txt +++ b/etc/curves.txt @@ -1,4 +1,4 @@ -# Value, IANA name, +# Value, IANA name, openssl serverhello 1, sect163k1, K-163 2, sect163r1, 3, sect163r2, B-163 @@ -27,5 +27,5 @@ 26, brainpoolP256r1, 27, brainpoolP384r1, 28, brainpoolP512r1, -unknown, curve448, -unknown, curve25519 +29, curve25519, +30, curve448 diff --git a/etc/mapping.txt b/etc/mapping.txt new file mode 100644 index 0000000..3ad860c --- /dev/null +++ b/etc/mapping.txt @@ -0,0 +1,270 @@ + xff03 GOST-GOST89STREAM RSA GOST89 256 + xff02 GOST-GOST89MAC RSA GOST89 256 + xff01 GOST-GOST94 RSA GOST89 256 + xff00 GOST-MD5 RSA GOST89 256 + xccae RSA-PSK-CHACHA20-POLY1305 RSAPSK CHACHA20 256 TLS_RSA_PSK_WITH_CHACHA20_POLY1305 + xccad DHE-PSK-CHACHA20-POLY1305 DHEPSK CHACHA20 256 TLS_DHE_PSK_WITH_CHACHA20_POLY1305 + xccac ECDHE-PSK-CHACHA20-POLY1305 ECDHEPSK CHACHA20 256 TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305 + xccab PSK-CHACHA20-POLY1305 PSK CHACHA20 256 TLS_PSK_WITH_CHACHA20_POLY1305 + xccaa DHE-RSA-CHACHA20-POLY1305 DH CHACHA20 256 TLS_DHE_RSA_WITH_CHACHA20_POLY1305 + xcca9 ECDHE-ECDSA-CHACHA20-POLY1305 ECDH CHACHA20 256 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 + xcca8 ECDHE-RSA-CHACHA20-POLY1305 ECDH CHACHA20 256 TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305 + xcc15 DHE-RSA-CHACHA20-POLY1305_OLD DH ChaCha20 256 TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 + xcc14 ECDHE-ECDSA-CHACHA20-POLY1305_OLD ECDH ChaCha20 256 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 + xcc13 ECDHE-RSA-CHACHA20-POLY1305_OLD ECDH ChaCha20 256 TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 + xc5 ADH-CAMELLIA256-SHA256 DH Camellia 256 TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256 + xc4 DHE-RSA-CAMELLIA256-SHA256 DH Camellia 256 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 + xc3 DHE-DSS-CAMELLIA256-SHA256 DH Camellia 256 TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 + xc2 DH-RSA-CAMELLIA256-SHA256 DH/RSA Camellia 256 TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 + xc1 DH-DSS-CAMELLIA256-SHA256 DH/DSS Camellia 256 TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 + xc0 CAMELLIA256-SHA256 RSA Camellia 256 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 + xc0af ECDHE-ECDSA-AES256-CCM8 ECDH AESCCM8 256 TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 + xc0ae ECDHE-ECDSA-AES128-CCM8 ECDH AESCCM8 128 TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 + xc0ad ECDHE-ECDSA-AES256-CCM ECDH AESCCM 256 TLS_ECDHE_ECDSA_WITH_AES_256_CCM + xc0ac ECDHE-ECDSA-AES128-CCM ECDH AESCCM 128 TLS_ECDHE_ECDSA_WITH_AES_128_CCM + xc0ab DHE-PSK-AES256-CCM8 DHEPSK AESCCM8 256 TLS_PSK_DHE_WITH_AES_256_CCM_8 + xc0aa DHE-PSK-AES128-CCM8 DHEPSK AESCCM8 128 TLS_PSK_DHE_WITH_AES_128_CCM_8 + xc0a9 PSK-AES256-CCM8 PSK AESCCM8 256 TLS_PSK_WITH_AES_256_CCM_8 + xc0a8 PSK-AES128-CCM8 PSK AESCCM8 128 TLS_PSK_WITH_AES_128_CCM_8 + xc0a7 DHE-PSK-AES256-CCM DHEPSK AESCCM 256 TLS_DHE_PSK_WITH_AES_256_CCM + xc0a6 DHE-PSK-AES128-CCM DHEPSK AESCCM 128 TLS_DHE_PSK_WITH_AES_128_CCM + xc0a5 PSK-AES256-CCM PSK AESCCM 256 TLS_PSK_WITH_AES_256_CCM + xc0a4 PSK-AES128-CCM PSK AESCCM 128 TLS_PSK_WITH_AES_128_CCM + xc0a3 DHE-RSA-AES256-CCM8 DH AESCCM8 256 TLS_DHE_RSA_WITH_AES_256_CCM_8 + xc0a2 DHE-RSA-AES128-CCM8 DH AESCCM8 128 TLS_DHE_RSA_WITH_AES_128_CCM_8 + xc0a1 AES256-CCM8 RSA AESCCM8 256 TLS_RSA_WITH_AES_256_CCM_8 + xc0a0 AES128-CCM8 RSA AESCCM8 128 TLS_RSA_WITH_AES_128_CCM_8 + xc09f DHE-RSA-AES256-CCM DH AESCCM 256 TLS_DHE_RSA_WITH_AES_256_CCM + xc09e DHE-RSA-AES128-CCM DH AESCCM 128 TLS_DHE_RSA_WITH_AES_128_CCM + xc09d AES256-CCM RSA AESCCM 256 TLS_RSA_WITH_AES_256_CCM + xc09c AES128-CCM RSA AESCCM 128 TLS_RSA_WITH_AES_128_CCM + xc09b ECDHE-PSK-CAMELLIA256-SHA384 ECDHEPSK Camellia 256 TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 + xc09a ECDHE-PSK-CAMELLIA128-SHA256 ECDHEPSK Camellia 128 TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 + xc099 RSA-PSK-CAMELLIA256-SHA384 RSAPSK Camellia 256 TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 + xc098 RSA-PSK-CAMELLIA128-SHA256 RSAPSK Camellia 128 TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 + xc097 DHE-PSK-CAMELLIA256-SHA384 DHEPSK Camellia 256 TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 + xc096 DHE-PSK-CAMELLIA128-SHA256 DHEPSK Camellia 128 TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 + xc095 PSK-CAMELLIA256-SHA384 PSK Camellia 256 TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 + xc094 PSK-CAMELLIA128-SHA256 PSK Camellia 128 TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 + xc079 ECDH-RSA-CAMELLIA256-SHA384 ECDH/RSA Camellia 256 TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 + xc078 ECDH-RSA-CAMELLIA128-SHA256 ECDH/RSA Camellia 128 TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 + xc077 ECDHE-RSA-CAMELLIA256-SHA384 ECDH Camellia 256 TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 + xc076 ECDHE-RSA-CAMELLIA128-SHA256 ECDH Camellia 128 TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + xc075 ECDH-ECDSA-CAMELLIA256-SHA384 ECDH/ECDSA Camellia 256 TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 + xc074 ECDH-ECDSA-CAMELLIA128-SHA256 ECDH/ECDSA Camellia 128 TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 + xc073 ECDHE-ECDSA-CAMELLIA256-SHA384 ECDH Camellia 256 TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 + xc072 ECDHE-ECDSA-CAMELLIA128-SHA256 ECDH Camellia 128 TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 + xc03b ECDHE-PSK-NULL-SHA384 ECDHEPSK None None TLS_ECDHE_PSK_WITH_NULL_SHA384 + xc03a ECDHE-PSK-NULL-SHA256 ECDHEPSK None None TLS_ECDHE_PSK_WITH_NULL_SHA256 + xc039 ECDHE-PSK-NULL-SHA ECDHEPSK None None TLS_ECDHE_PSK_WITH_NULL_SHA + xc038 ECDHE-PSK-AES256-CBC-SHA384 ECDHEPSK AES 256 TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 + xc037 ECDHE-PSK-AES128-CBC-SHA256 ECDHEPSK AES 128 TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 + xc036 ECDHE-PSK-AES256-CBC-SHA ECDHEPSK AES 256 TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA + xc035 ECDHE-PSK-AES128-CBC-SHA ECDHEPSK AES 128 TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA + xc034 ECDHE-PSK-3DES-EDE-CBC-SHA ECDHEPSK 3DES 168 TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA + xc032 ECDH-RSA-AES256-GCM-SHA384 ECDH/RSA AESGCM 256 TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 + xc031 ECDH-RSA-AES128-GCM-SHA256 ECDH/RSA AESGCM 128 TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 + xc030 ECDHE-RSA-AES256-GCM-SHA384 ECDH AESGCM 256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + xc02f ECDHE-RSA-AES128-GCM-SHA256 ECDH AESGCM 128 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + xc02e ECDH-ECDSA-AES256-GCM-SHA384 ECDH/ECDSA AESGCM 256 TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 + xc02d ECDH-ECDSA-AES128-GCM-SHA256 ECDH/ECDSA AESGCM 128 TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 + xc02c ECDHE-ECDSA-AES256-GCM-SHA384 ECDH AESGCM 256 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 + xc02b ECDHE-ECDSA-AES128-GCM-SHA256 ECDH AESGCM 128 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 + xc02a ECDH-RSA-AES256-SHA384 ECDH/RSA AES 256 TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 + xc029 ECDH-RSA-AES128-SHA256 ECDH/RSA AES 128 TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 + xc028 ECDHE-RSA-AES256-SHA384 ECDH AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 + xc027 ECDHE-RSA-AES128-SHA256 ECDH AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 + xc026 ECDH-ECDSA-AES256-SHA384 ECDH/ECDSA AES 256 TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 + xc025 ECDH-ECDSA-AES128-SHA256 ECDH/ECDSA AES 128 TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 + xc024 ECDHE-ECDSA-AES256-SHA384 ECDH AES 256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 + xc023 ECDHE-ECDSA-AES128-SHA256 ECDH AES 128 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 + xc022 SRP-DSS-AES-256-CBC-SHA SRP AES 256 TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA + xc021 SRP-RSA-AES-256-CBC-SHA SRP AES 256 TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA + xc020 SRP-AES-256-CBC-SHA SRP AES 256 TLS_SRP_SHA_WITH_AES_256_CBC_SHA + xc01f SRP-DSS-AES-128-CBC-SHA SRP AES 128 TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA + xc01e SRP-RSA-AES-128-CBC-SHA SRP AES 128 TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA + xc01d SRP-AES-128-CBC-SHA SRP AES 128 TLS_SRP_SHA_WITH_AES_128_CBC_SHA + xc01c SRP-DSS-3DES-EDE-CBC-SHA SRP 3DES 168 TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA + xc01b SRP-RSA-3DES-EDE-CBC-SHA SRP 3DES 168 TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA + xc01a SRP-3DES-EDE-CBC-SHA SRP 3DES 168 TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA + xc019 AECDH-AES256-SHA ECDH AES 256 TLS_ECDH_anon_WITH_AES_256_CBC_SHA + xc018 AECDH-AES128-SHA ECDH AES 128 TLS_ECDH_anon_WITH_AES_128_CBC_SHA + xc017 AECDH-DES-CBC3-SHA ECDH 3DES 168 TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA + xc016 AECDH-RC4-SHA ECDH RC4 128 TLS_ECDH_anon_WITH_RC4_128_SHA + xc015 AECDH-NULL-SHA ECDH None None TLS_ECDH_anon_WITH_NULL_SHA + xc014 ECDHE-RSA-AES256-SHA ECDH AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA + xc013 ECDHE-RSA-AES128-SHA ECDH AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA + xc012 ECDHE-RSA-DES-CBC3-SHA ECDH 3DES 168 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA + xc011 ECDHE-RSA-RC4-SHA ECDH RC4 128 TLS_ECDHE_RSA_WITH_RC4_128_SHA + xc010 ECDHE-RSA-NULL-SHA ECDH None None TLS_ECDHE_RSA_WITH_NULL_SHA + xc00f ECDH-RSA-AES256-SHA ECDH/RSA AES 256 TLS_ECDH_RSA_WITH_AES_256_CBC_SHA + xc00e ECDH-RSA-AES128-SHA ECDH/RSA AES 128 TLS_ECDH_RSA_WITH_AES_128_CBC_SHA + xc00d ECDH-RSA-DES-CBC3-SHA ECDH/RSA 3DES 168 TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA + xc00c ECDH-RSA-RC4-SHA ECDH/RSA RC4 128 TLS_ECDH_RSA_WITH_RC4_128_SHA + xc00b ECDH-RSA-NULL-SHA ECDH/RSA None None TLS_ECDH_RSA_WITH_NULL_SHA + xc00a ECDHE-ECDSA-AES256-SHA ECDH AES 256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA + xc009 ECDHE-ECDSA-AES128-SHA ECDH AES 128 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA + xc008 ECDHE-ECDSA-DES-CBC3-SHA ECDH 3DES 168 TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA + xc007 ECDHE-ECDSA-RC4-SHA ECDH RC4 128 TLS_ECDHE_ECDSA_WITH_RC4_128_SHA + xc006 ECDHE-ECDSA-NULL-SHA ECDH None None TLS_ECDHE_ECDSA_WITH_NULL_SHA + xc005 ECDH-ECDSA-AES256-SHA ECDH/ECDSA AES 256 TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA + xc004 ECDH-ECDSA-AES128-SHA ECDH/ECDSA AES 128 TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA + xc003 ECDH-ECDSA-DES-CBC3-SHA ECDH/ECDSA 3DES 168 TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA + xc002 ECDH-ECDSA-RC4-SHA ECDH/ECDSA RC4 128 TLS_ECDH_ECDSA_WITH_RC4_128_SHA + xc001 ECDH-ECDSA-NULL-SHA ECDH/ECDSA None None TLS_ECDH_ECDSA_WITH_NULL_SHA + xbf ADH-CAMELLIA128-SHA256 DH Camellia 128 TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256 + xbe DHE-RSA-CAMELLIA128-SHA256 DH Camellia 128 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + xbd DHE-DSS-CAMELLIA128-SHA256 DH Camellia 128 TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 + xbc DH-RSA-CAMELLIA128-SHA256 DH/RSA Camellia 128 TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 + xbb DH-DSS-CAMELLIA128-SHA256 DH/DSS Camellia 128 TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 + xba CAMELLIA128-SHA256 RSA Camellia 128 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 + xb9 RSA-PSK-NULL-SHA384 RSAPSK None None TLS_RSA_PSK_WITH_NULL_SHA384 + xb8 RSA-PSK-NULL-SHA256 RSAPSK None None TLS_RSA_PSK_WITH_NULL_SHA256 + xb7 RSA-PSK-AES256-CBC-SHA384 RSAPSK AES 256 TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 + xb6 RSA-PSK-AES128-CBC-SHA256 RSAPSK AES 128 TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 + xb5 DHE-PSK-NULL-SHA384 DHEPSK None None TLS_DHE_PSK_WITH_NULL_SHA384 + xb4 DHE-PSK-NULL-SHA256 DHEPSK None None TLS_DHE_PSK_WITH_NULL_SHA256 + xb3 DHE-PSK-AES256-CBC-SHA384 DHEPSK AES 256 TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 + xb2 DHE-PSK-AES128-CBC-SHA256 DHEPSK AES 128 TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 + xb1 PSK-NULL-SHA384 PSK None None TLS_PSK_WITH_NULL_SHA384 + xb0 PSK-NULL-SHA256 PSK None None TLS_PSK_WITH_NULL_SHA256 + xaf PSK-AES256-CBC-SHA384 PSK AES 256 TLS_PSK_WITH_AES_256_CBC_SHA384 + xae PSK-AES128-CBC-SHA256 PSK AES 128 TLS_PSK_WITH_AES_128_CBC_SHA256 + xad RSA-PSK-AES256-GCM-SHA384 RSAPSK AESGCM 256 TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 + xac RSA-PSK-AES128-GCM-SHA256 RSAPSK AESGCM 128 TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 + xab DHE-PSK-AES256-GCM-SHA384 DHEPSK AESGCM 256 TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 + xaa DHE-PSK-AES128-GCM-SHA256 DHEPSK AESGCM 128 TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 + xa9 PSK-AES256-GCM-SHA384 PSK AESGCM 256 TLS_PSK_WITH_AES_256_GCM_SHA384 + xa8 PSK-AES128-GCM-SHA256 PSK AESGCM 128 TLS_PSK_WITH_AES_128_GCM_SHA256 + xa7 ADH-AES256-GCM-SHA384 DH AESGCM 256 TLS_DH_anon_WITH_AES_256_GCM_SHA384 + xa6 ADH-AES128-GCM-SHA256 DH AESGCM 128 TLS_DH_anon_WITH_AES_128_GCM_SHA256 + xa5 DH-DSS-AES256-GCM-SHA384 DH/DSS AESGCM 256 TLS_DH_DSS_WITH_AES_256_GCM_SHA384 + xa4 DH-DSS-AES128-GCM-SHA256 DH/DSS AESGCM 128 TLS_DH_DSS_WITH_AES_128_GCM_SHA256 + xa3 DHE-DSS-AES256-GCM-SHA384 DH AESGCM 256 TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 + xa2 DHE-DSS-AES128-GCM-SHA256 DH AESGCM 128 TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 + xa1 DH-RSA-AES256-GCM-SHA384 DH/RSA AESGCM 256 TLS_DH_RSA_WITH_AES_256_GCM_SHA384 + xa0 DH-RSA-AES128-GCM-SHA256 DH/RSA AESGCM 128 TLS_DH_RSA_WITH_AES_128_GCM_SHA256 + x9f DHE-RSA-AES256-GCM-SHA384 DH AESGCM 256 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 + x9e DHE-RSA-AES128-GCM-SHA256 DH AESGCM 128 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 + x9d AES256-GCM-SHA384 RSA AESGCM 256 TLS_RSA_WITH_AES_256_GCM_SHA384 + x9c AES128-GCM-SHA256 RSA AESGCM 128 TLS_RSA_WITH_AES_128_GCM_SHA256 + x9b ADH-SEED-SHA DH SEED 128 TLS_DH_anon_WITH_SEED_CBC_SHA + x9a DHE-RSA-SEED-SHA DH SEED 128 TLS_DHE_RSA_WITH_SEED_CBC_SHA + x99 DHE-DSS-SEED-SHA DH SEED 128 TLS_DHE_DSS_WITH_SEED_CBC_SHA + x98 DH-RSA-SEED-SHA DH/RSA SEED 128 TLS_DH_RSA_WITH_SEED_CBC_SHA + x97 DH-DSS-SEED-SHA DH/DSS SEED 128 TLS_DH_DSS_WITH_SEED_CBC_SHA + x96 SEED-SHA RSA SEED 128 TLS_RSA_WITH_SEED_CBC_SHA + x95 RSA-PSK-AES256-CBC-SHA RSAPSK AES 256 TLS_RSA_PSK_WITH_AES_256_CBC_SHA + x94 RSA-PSK-AES128-CBC-SHA RSAPSK AES 128 TLS_RSA_PSK_WITH_AES_128_CBC_SHA + x93 RSA-PSK-3DES-EDE-CBC-SHA RSAPSK 3DES 168 TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA + x92 RSA-PSK-RC4-SHA RSAPSK RC4 128 TLS_RSA_PSK_WITH_RC4_128_SHA + x91 DHE-PSK-AES256-CBC-SHA DHEPSK AES 256 TLS_DHE_PSK_WITH_AES_256_CBC_SHA + x90 DHE-PSK-AES128-CBC-SHA DHEPSK AES 128 TLS_DHE_PSK_WITH_AES_128_CBC_SHA + x8f DHE-PSK-3DES-EDE-CBC-SHA DHEPSK 3DES 168 TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA + x8d PSK-AES256-CBC-SHA PSK AES 256 TLS_PSK_WITH_AES_256_CBC_SHA + x8c PSK-AES128-CBC-SHA PSK AES 128 TLS_PSK_WITH_AES_128_CBC_SHA + x8b PSK-3DES-EDE-CBC-SHA PSK 3DES 168 TLS_PSK_WITH_3DES_EDE_CBC_SHA + x8a PSK-RC4-SHA PSK RC4 128 TLS_PSK_WITH_RC4_128_SHA + x89 ADH-CAMELLIA256-SHA DH Camellia 256 TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA + x88 DHE-RSA-CAMELLIA256-SHA DH Camellia 256 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA + x87 DHE-DSS-CAMELLIA256-SHA DH Camellia 256 TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA + x86 DH-RSA-CAMELLIA256-SHA DH/RSA Camellia 256 TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA + x85 DH-DSS-CAMELLIA256-SHA DH/DSS Camellia 256 TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA + x84 CAMELLIA256-SHA RSA Camellia 256 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA + x83 GOST2001-NULL-GOST94 GOST None None TLS_GOSTR341001_WITH_NULL_GOSTR3411 + x82 GOST94-NULL-GOST94 GOST None None TLS_GOSTR341094_WITH_NULL_GOSTR3411 + x81 GOST2001-GOST89-GOST89 GOST GOST89 256 TLS_GOSTR341001_WITH_28147_CNT_IMIT + x80 GOST94-GOST89-GOST89 GOST GOST89 256 TLS_GOSTR341094_WITH_28147_CNT_IMIT + x6d ADH-AES256-SHA256 DH AES 256 TLS_DH_anon_WITH_AES_256_CBC_SHA256 + x6c ADH-AES128-SHA256 DH AES 128 TLS_DH_anon_WITH_AES_128_CBC_SHA256 + x6b DHE-RSA-AES256-SHA256 DH AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 + x6a DHE-DSS-AES256-SHA256 DH AES 256 TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 + x69 DH-RSA-AES256-SHA256 DH/RSA AES 256 TLS_DH_RSA_WITH_AES_256_CBC_SHA256 + x68 DH-DSS-AES256-SHA256 DH/DSS AES 256 TLS_DH_DSS_WITH_AES_256_CBC_SHA256 + x67 DHE-RSA-AES128-SHA256 DH AES 128 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 + x66 DHE-DSS-RC4-SHA DH RC4 128 TLS_DHE_DSS_WITH_RC4_128_SHA + x65 EXP1024-DHE-DSS-RC4-SHA DH(1024) RC4 56,export TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA + x64 EXP1024-RC4-SHA RSA(1024) RC4 56,export TLS_RSA_EXPORT1024_WITH_RC4_56_SHA + x63 EXP1024-DHE-DSS-DES-CBC-SHA DH(1024) DES 56,export TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA + x62 EXP1024-DES-CBC-SHA RSA(1024) DES 56,export TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA + x61 EXP1024-RC2-CBC-MD5 RSA(1024) RC2 56,export TLS_RSA_EXPORT1024_WITH_RC2_56_MD5 + x60 EXP1024-RC4-MD5 RSA(1024) RC4 56,export TLS_RSA_EXPORT1024_WITH_RC4_56_MD5 + x46 ADH-CAMELLIA128-SHA DH Camellia 128 TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA + x45 DHE-RSA-CAMELLIA128-SHA DH Camellia 128 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA + x44 DHE-DSS-CAMELLIA128-SHA DH Camellia 128 TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA + x43 DH-RSA-CAMELLIA128-SHA DH/RSA Camellia 128 TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA + x42 DH-DSS-CAMELLIA128-SHA DH/DSS Camellia 128 TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA + x41 CAMELLIA128-SHA RSA Camellia 128 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA + x40 DHE-DSS-AES128-SHA256 DH AES 128 TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 + x3f DH-RSA-AES128-SHA256 DH/RSA AES 128 TLS_DH_RSA_WITH_AES_128_CBC_SHA256 + x3e DH-DSS-AES128-SHA256 DH/DSS AES 128 TLS_DH_DSS_WITH_AES_128_CBC_SHA256 + x3d AES256-SHA256 RSA AES 256 TLS_RSA_WITH_AES_256_CBC_SHA256 + x3c AES128-SHA256 RSA AES 128 TLS_RSA_WITH_AES_128_CBC_SHA256 + x3b NULL-SHA256 RSA None None TLS_RSA_WITH_NULL_SHA256 + x3a ADH-AES256-SHA DH AES 256 TLS_DH_anon_WITH_AES_256_CBC_SHA + x39 DHE-RSA-AES256-SHA DH AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA + x38 DHE-DSS-AES256-SHA DH AES 256 TLS_DHE_DSS_WITH_AES_256_CBC_SHA + x37 DH-RSA-AES256-SHA DH/RSA AES 256 TLS_DH_RSA_WITH_AES_256_CBC_SHA + x36 DH-DSS-AES256-SHA DH/DSS AES 256 TLS_DH_DSS_WITH_AES_256_CBC_SHA + x35 AES256-SHA RSA AES 256 TLS_RSA_WITH_AES_256_CBC_SHA + x34 ADH-AES128-SHA DH AES 128 TLS_DH_anon_WITH_AES_128_CBC_SHA + x33 DHE-RSA-AES128-SHA DH AES 128 TLS_DHE_RSA_WITH_AES_128_CBC_SHA + x32 DHE-DSS-AES128-SHA DH AES 128 TLS_DHE_DSS_WITH_AES_128_CBC_SHA + x31 DH-RSA-AES128-SHA DH/RSA AES 128 TLS_DH_RSA_WITH_AES_128_CBC_SHA + x30 DH-DSS-AES128-SHA DH/DSS AES 128 TLS_DH_DSS_WITH_AES_128_CBC_SHA + x2f AES128-SHA RSA AES 128 TLS_RSA_WITH_AES_128_CBC_SHA + x2e RSA-PSK-NULL-SHA RSAPSK None None TLS_RSA_PSK_WITH_NULL_SHA + x2d DHE-PSK-NULL-SHA DHEPSK None None TLS_DHE_PSK_WITH_NULL_SHA + x2c PSK-NULL-SHA PSK None None TLS_PSK_WITH_NULL_SHA + x2b EXP-KRB5-RC4-MD5 KRB5 RC4 40,export TLS_KRB5_EXPORT_WITH_RC4_40_MD5 + x2a EXP-KRB5-RC2-CBC-MD5 KRB5 RC2 40,export TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5 + x29 EXP-KRB5-DES-CBC-MD5 KRB5 DES 40,export TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5 + x28 EXP-KRB5-RC4-SHA KRB5 RC4 40,export TLS_KRB5_EXPORT_WITH_RC4_40_SHA + x27 EXP-KRB5-RC2-CBC-SHA KRB5 RC2 40,export TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA + x26 EXP-KRB5-DES-CBC-SHA KRB5 DES 40,export TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA + x25 KRB5-IDEA-CBC-MD5 KRB5 IDEA 128 TLS_KRB5_WITH_IDEA_CBC_MD5 + x24 KRB5-RC4-MD5 KRB5 RC4 128 TLS_KRB5_WITH_RC4_128_MD5 + x23 KRB5-DES-CBC3-MD5 KRB5 3DES 168 TLS_KRB5_WITH_3DES_EDE_CBC_MD5 + x22 KRB5-DES-CBC-MD5 KRB5 DES 56 TLS_KRB5_WITH_DES_CBC_MD5 + x21 KRB5-IDEA-CBC-SHA KRB5 IDEA 128 TLS_KRB5_WITH_IDEA_CBC_SHA + x20 KRB5-RC4-SHA KRB5 RC4 128 TLS_KRB5_WITH_RC4_128_SHA + x1f KRB5-DES-CBC3-SHA KRB5 3DES 168 TLS_KRB5_WITH_3DES_EDE_CBC_SHA + x1e KRB5-DES-CBC-SHA KRB5 DES 56 TLS_KRB5_WITH_DES_CBC_SHA + x1b ADH-DES-CBC3-SHA DH 3DES 168 TLS_DH_anon_WITH_3DES_EDE_CBC_SHA + x1a ADH-DES-CBC-SHA DH DES 56 TLS_DH_anon_WITH_DES_CBC_SHA + x19 EXP-ADH-DES-CBC-SHA DH(512) DES 40,export TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA + x18 ADH-RC4-MD5 DH RC4 128 TLS_DH_anon_WITH_RC4_128_MD5 + x17 EXP-ADH-RC4-MD5 DH(512) RC4 40,export TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 + x16 EDH-RSA-DES-CBC3-SHA DH 3DES 168 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA + x16 DHE-RSA-DES-CBC3-SHA DH 3DES 168 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA + x15 EDH-RSA-DES-CBC-SHA DH DES 56 TLS_DHE_RSA_WITH_DES_CBC_SHA + x14 EXP-EDH-RSA-DES-CBC-SHA DH(512) DES 40,export TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA + x13 EDH-DSS-DES-CBC3-SHA DH 3DES 168 TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA + x13 DHE-DSS-DES-CBC3-SHA DH 3DES 168 TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA + x12 EDH-DSS-DES-CBC-SHA DH DES 56 TLS_DHE_DSS_WITH_DES_CBC_SHA + x11 EXP-EDH-DSS-DES-CBC-SHA DH(512) DES 40,export TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA + x10 DH-RSA-DES-CBC3-SHA DH/RSA 3DES 168 TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA + x0f DH-RSA-DES-CBC-SHA DH/RSA DES 56 TLS_DH_RSA_WITH_DES_CBC_SHA + x0e EXP-DH-RSA-DES-CBC-SHA DH/RSA DES 40,export TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA + x0d DH-DSS-DES-CBC3-SHA DH/DSS 3DES 168 TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA + x0c DH-DSS-DES-CBC-SHA DH/DSS DES 56 TLS_DH_DSS_WITH_DES_CBC_SHA + x0b EXP-DH-DSS-DES-CBC-SHA DH/DSS DES 40,export TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA + x0a DES-CBC3-SHA RSA 3DES 168 TLS_RSA_WITH_3DES_EDE_CBC_SHA + x09 DES-CBC-SHA RSA DES 56 TLS_RSA_WITH_DES_CBC_SHA + x08 EXP-DES-CBC-SHA RSA(512) DES 40,export TLS_RSA_EXPORT_WITH_DES40_CBC_SHA + x080080 RC4-64-MD5 RSA RC4 64 SSL_CK_RC4_64_WITH_MD5 + x07 IDEA-CBC-SHA RSA IDEA 128 TLS_RSA_WITH_IDEA_CBC_SHA + x0700c0 DES-CBC3-MD5 RSA 3DES 168 SSL_CK_DES_192_EDE3_CBC_WITH_MD5 + x06 EXP-RC2-CBC-MD5 RSA(512) RC2 40,export TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 + x060040 DES-CBC-MD5 RSA DES 56 SSL_CK_DES_64_CBC_WITH_MD5 + x05 RC4-SHA RSA RC4 128 TLS_RSA_WITH_RC4_128_SHA + x050080 IDEA-CBC-MD5 RSA IDEA 128 SSL_CK_IDEA_128_CBC_WITH_MD5 + x04 RC4-MD5 RSA RC4 128 TLS_RSA_WITH_RC4_128_MD5 + x040080 EXP-RC2-CBC-MD5 RSA(512) RC2 40,export SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5 + x03 EXP-RC4-MD5 RSA(512) RC4 40,export TLS_RSA_EXPORT_WITH_RC4_40_MD5 + x030080 RC2-CBC-MD5 RSA RC2 128 SSL_CK_RC2_128_CBC_WITH_MD5 + x02 NULL-SHA RSA None None TLS_RSA_WITH_NULL_SHA + x020080 EXP-RC4-MD5 RSA(512) RC4 40,export SSL_CK_RC4_128_EXPORT40_WITH_MD5 + x01 NULL-MD5 RSA None None TLS_RSA_WITH_NULL_MD5 + x010080 RC4-MD5 RSA RC4 128 SSL_CK_RC4_128_WITH_MD5 + x00 NULL-MD5 RSA(512) None None,export TLS_NULL_WITH_NULL_NULL diff --git a/testssl.sh b/testssl.sh index deab6a6..16e1a9c 100755 --- a/testssl.sh +++ b/testssl.sh @@ -151,7 +151,7 @@ JSONFILE=${JSONFILE:-""} # jsonfile if used CSVFILE=${CSVFILE:-""} # csvfile if used HAS_IPv6=${HAS_IPv6:-false} # if you have OpenSSL with IPv6 support AND IPv6 networking set it to yes UNBRACKTD_IPV6=${UNBRACKTD_IPV6:-false} # some versions of OpenSSL (like Gentoo) don't support [bracketed] IPv6 addresses -SIZELMT_W_ARND=${SIZELMT_W_ARND:-false} # workaround for servers which have either a ClientHello total size limit or cipher limit of ~128 ciphers (e.g. old ASAs) +SERVER_SIZE_LIMIT_BUG=false # Some servers have either a ClientHello total size limit or cipher limit of ~128 ciphers (e.g. old ASAs) # tuning vars, can not be set by a cmd line switch EXPERIMENTAL=${EXPERIMENTAL:-false} @@ -2240,6 +2240,15 @@ add_tls_offered() { grep -w "$1" <<< "$PROTOS_OFFERED" || PROTOS_OFFERED+="$1 " } +# function which checks whether SSLv2 - TLS 1.2 is being offereed +has_server_protocol() { + [[ -z "$PROTOS_OFFERED" ]] && return 0 # if empty we rather return 0, means check at additional cost=connect will be done + if grep -w "$1" <<< "$PROTOS_OFFERED"; then + return 0 + fi + return 1 +} + # the protocol check needs to be revamped. It sucks, see above run_protocols() { @@ -2251,8 +2260,6 @@ run_protocols() { outln; pr_headline " Testing protocols " via="Protocol tested " - #FIXME: use PROTOS_OFFERED here - if $SSL_NATIVE; then using_sockets=false pr_headlineln "(via native openssl)" @@ -2272,7 +2279,7 @@ run_protocols() { pr_bold " SSLv2 "; if ! $SSL_NATIVE; then - sslv2_sockets #FIXME: messages need to be moved to this higher level + sslv2_sockets #FIXME: messages/output need to be moved to this (higher) level else run_prototest_openssl "-ssl2" case $? in @@ -2292,7 +2299,7 @@ run_protocols() { ;; 7) fileout "sslv2" "INFO" "SSLv2 is not tested due to lack of local support" - ;; # no local support + ;; # no local support esac fi @@ -2338,11 +2345,11 @@ run_protocols() { outln "offered" fileout "tls1" "INFO" "TLSv1.0 is offered" add_tls_offered "tls1" - ;; # nothing wrong with it -- per se + ;; # nothing wrong with it -- per se 1) outln "not offered" fileout "tls1" "INFO" "TLSv1.0 is not offered" - ;; # neither good or bad + ;; # neither good or bad 2) pr_svrty_medium "not offered" [[ $DEBUG -eq 1 ]] && out " -- downgraded" @@ -2812,21 +2819,23 @@ check_tls12_pref() { cipher_pref_check() { local p proto protos npn_protos addcmd="" local tested_cipher cipher order + local overflow_probe_cipherlist="ALL:-ECDHE-RSA-AES256-GCM-SHA384:-AES128-SHA:-DES-CBC3-SHA" pr_bold " Cipher order" for p in ssl2 ssl3 tls1 tls1_1 tls1_2; do order="" if [[ $p == ssl2 ]] && ! "$HAS_SSL2"; then - out "\n SSLv2: "; local_problem "$OPENSSL doesn't support \"s_client -ssl2\""; + out "\n SSLv2: "; local_problem "$OPENSSL doesn't support \"s_client -ssl2\""; continue fi if [[ $p == ssl3 ]] && ! "$HAS_SSL3"; then - out "\n SSLv3: "; local_problem "$OPENSSL doesn't support \"s_client -ssl3\""; + out "\n SSLv3: "; local_problem "$OPENSSL doesn't support \"s_client -ssl3\""; continue fi addcmd="" [[ ! "$p" =~ ssl ]] && addcmd="$SNI" + # with the supplied binaries SNI works also for SSLv2 (+ SSLv3) $OPENSSL s_client $STARTTLS -"$p" $BUGS -connect $NODEIP:$PORT $PROXY $addcmd $ERRFILE >$TMPFILE if sclient_connect_successful $? $TMPFILE; then tested_cipher="" @@ -2837,12 +2846,19 @@ cipher_pref_check() { printf " %-10s" "$proto: " tested_cipher="-"$cipher order="$cipher" - if [[ $p == tls1_2 ]] && "$SIZELMT_W_ARND"; then - # for some servers the ServerHello is limited to 128 ciphers or the ServerHello itself has a length restriction - # thus we reduce the number of ciphers we throw at the server and put later everything together - # see #189 - # so far, this was only observed in TLS 1.2 + if [[ $p == tls1_2 ]]; then + # for some servers the ClientHello is limited to 128 ciphers or the ClientHello itself has a length restriction. + # So far, this was only observed in TLS 1.2, affected are e.g. old Cisco LBs or ASAs, see issue #189 + # To check whether a workaround is needed we send a laaarge list of ciphers/big client hello. If connect fails, + # we hit the bug and automagically do the workround. Cost: this is for all servers only 1x more connect + $OPENSSL s_client $STARTTLS -tls1_2 $BUGS -cipher "$overflow_probe_cipherlist" -connect $NODEIP:$PORT $PROXY $SNI >$ERRFILE >$TMPFILE + if ! sclient_connect_successful $? $TMPFILE; then + SERVER_SIZE_LIMIT_BUG=true + fi + fi + if [[ $p == tls1_2 ]] && "$SERVER_SIZE_LIMIT_BUG"; then order=$(check_tls12_pref "$cipher") + out "$order" else out " $cipher" # this is the first cipher for protocol while true; do @@ -7396,6 +7412,7 @@ reset_hostdepended_vars() { TLS_EXTENSIONS="" PROTOS_OFFERED="" OPTIMAL_PROTO="" + SERVER_SIZE_LIMIT_BUG=false } @@ -7535,4 +7552,4 @@ fi exit $? -# $Id: testssl.sh,v 1.496 2016/06/07 21:06:57 dirkw Exp $ +# $Id: testssl.sh,v 1.498 2016/06/09 09:04:39 dirkw Exp $