This commit backports PR #2157, #2160, and #2162 from the 3.1dev branch to the 3.0 branch.
This commit is contained in:
David Cooper 2022-04-27 10:15:35 -04:00
parent 793eaa3f84
commit aaf7bf8505
2 changed files with 69 additions and 19 deletions

16
etc/tls_data.txt Executable file → Normal file
View File

@ -45,6 +45,22 @@ c0,1c, c0,1b, c0,1a, c0,17, 00,1b, 00,93, 00,8b, 00,1f,
c0,3b, c0,3a, c0,39, 00,b9, 00,b8, 00,b5, 00,b4, 00,2e, c0,3b, c0,3a, c0,39, 00,b9, 00,b8, 00,b5, 00,b4, 00,2e,
00,2d, 00,b1, 00,b0, 00,2c, 00,3b, 00,02, 00,01, 00,ff" 00,2d, 00,b1, 00,b0, 00,2c, 00,3b, 00,02, 00,01, 00,ff"
# 97 less common ciphers for TLS 1.2 and SPDY/NPN HTTP2/ALPN
readonly TLS12_CIPHER_3RD_TRY="
c0,3d, c0,3f, c0,41, c0,43, c0,45, c0,47, c0,49, c0,4b,
c0,4d, c0,4f, c0,51, c0,53, c0,55, c0,57, c0,59, c0,5b,
c0,5d, c0,5f, c0,61, c0,63, c0,65, c0,67, c0,69, c0,6b,
c0,6d, c0,6f, c0,71, c0,7b, c0,7d, c0,7f, c0,81, c0,83,
c0,85, c0,87, c0,89, c0,8b, c0,8d, c0,8f, c0,91, c0,93,
16,b7, 16,b8, 16,b9, 16,ba, c0,3c, c0,3e, c0,40, c0,42,
c0,44, c0,46, c0,48, c0,4a, c0,4c, c0,4e, c0,50, c0,52,
c0,54, c0,56, c0,58, c0,5a, c0,5c, c0,5e, c0,60, c0,62,
c0,64, c0,66, c0,68, c0,6a, c0,6c, c0,6e, c0,70, c0,7a,
c0,7c, c0,7e, c0,80, c0,82, c0,84, c0,86, c0,88, c0,8a,
c0,8c, c0,8e, c0,90, c0,92, fe,ff, ff,e0, 00,1e, 00,22,
fe,fe, ff,e1, 00,27, 00,26, 00,2a, 00,29, 00,28, 00,2b,
ff,87, 00,ff"
# 76 standard cipher + 4x GOST for SSLv3, TLS 1, TLS 1.1 # 76 standard cipher + 4x GOST for SSLv3, TLS 1, TLS 1.1
readonly TLS_CIPHER=" readonly TLS_CIPHER="
c0,14, c0,0a, c0,22, c0,21, c0,20, 00,39, 00,38, 00,37, c0,14, c0,0a, c0,22, c0,21, c0,20, 00,39, 00,38, 00,37,

View File

@ -1226,14 +1226,22 @@ count_ciphers() {
#arg3: options (e.g., -V) #arg3: options (e.g., -V)
actually_supported_osslciphers() { actually_supported_osslciphers() {
local tls13_ciphers="$TLS13_OSSL_CIPHERS" local tls13_ciphers="$TLS13_OSSL_CIPHERS"
local options="$3 "
[[ "$2" != ALL ]] && tls13_ciphers="$2" [[ "$2" != ALL ]] && tls13_ciphers="$2"
if "$HAS_CIPHERSUITES"; then # With OpenSSL 1.0.2 the only way to exclude SSLv2 ciphers is to use the -tls1 option.
$OPENSSL ciphers $3 $OSSL_CIPHERS_S -ciphersuites "$tls13_ciphers" "$1" 2>/dev/null || echo "" # However, with newer versions of OpenSSL, the -tls1 option excludes TLSv1.2 ciphers.
elif [[ -n "$tls13_ciphers" ]]; then if "$HAS_SSL2"; then
$OPENSSL ciphers $3 $OSSL_CIPHERS_S "$tls13_ciphers:$1" 2>/dev/null || echo "" options="${options//-no_ssl2 /-tls1 }"
else else
$OPENSSL ciphers $OSSL_CIPHERS_S $3 "$1" 2>/dev/null || echo "" options="${options//-no_ssl2 /}"
fi
if "$HAS_CIPHERSUITES"; then
$OPENSSL ciphers $options $OSSL_CIPHERS_S -ciphersuites "$tls13_ciphers" "$1" 2>/dev/null || echo ""
elif [[ -n "$tls13_ciphers" ]]; then
$OPENSSL ciphers $options $OSSL_CIPHERS_S "$tls13_ciphers:$1" 2>/dev/null || echo ""
else
$OPENSSL ciphers $OSSL_CIPHERS_S $options "$1" 2>/dev/null || echo ""
fi fi
} }
@ -3241,6 +3249,8 @@ openssl2hexcode() {
if [[ $TLS_NR_CIPHERS -eq 0 ]]; then if [[ $TLS_NR_CIPHERS -eq 0 ]]; then
if "$HAS_CIPHERSUITES"; then if "$HAS_CIPHERSUITES"; then
hexc="$($OPENSSL ciphers -V -ciphersuites "$TLS13_OSSL_CIPHERS" 'ALL:COMPLEMENTOFALL:@STRENGTH' | awk '/ '"$1"' / { print $1 }')" hexc="$($OPENSSL ciphers -V -ciphersuites "$TLS13_OSSL_CIPHERS" 'ALL:COMPLEMENTOFALL:@STRENGTH' | awk '/ '"$1"' / { print $1 }')"
elif "$HAS_SSL2"; then
hexc="$($OPENSSL ciphers -V -tls1 'ALL:COMPLEMENTOFALL:@STRENGTH' | awk '/ '"$1"' / { print $1 }')"
else else
hexc="$($OPENSSL ciphers -V 'ALL:COMPLEMENTOFALL:@STRENGTH' | awk '/ '"$1"' / { print $1 }')" hexc="$($OPENSSL ciphers -V 'ALL:COMPLEMENTOFALL:@STRENGTH' | awk '/ '"$1"' / { print $1 }')"
fi fi
@ -4898,10 +4908,11 @@ run_prototest_openssl() {
# arg2: available (yes) or not (no) # arg2: available (yes) or not (no)
add_tls_offered() { add_tls_offered() {
# the ":" is mandatory here (and @ other places), otherwise e.g. tls1 will match tls1_2 # the ":" is mandatory here (and @ other places), otherwise e.g. tls1 will match tls1_2
if [[ "$PROTOS_OFFERED" =~ $1: ]]; then if [[ "$2" == yes ]] && [[ "$PROTOS_OFFERED" =~ $1:no ]]; then
# we got that protocol already # In rare cases, a protocol may be marked as not available even though it is
: # (e.g., the connection fails with tls_sockets() but succeeds with $OPENSSL.
else PROTOS_OFFERED="${PROTOS_OFFERED/$1:no/$1:$2}"
elif [[ ! "$PROTOS_OFFERED" =~ $1: ]]; then
PROTOS_OFFERED+="${1}:$2 " PROTOS_OFFERED+="${1}:$2 "
fi fi
} }
@ -6364,7 +6375,7 @@ run_server_preference() {
[[ $DEBUG -ge 4 ]] && echo -e "\n Forward: ${list_fwd}" [[ $DEBUG -ge 4 ]] && echo -e "\n Forward: ${list_fwd}"
$OPENSSL s_client $(s_client_options "$STARTTLS -cipher $list_fwd $BUGS -connect $NODEIP:$PORT $PROXY $addcmd2") </dev/null 2>$ERRFILE >$TMPFILE $OPENSSL s_client $(s_client_options "$STARTTLS -cipher $list_fwd $BUGS -connect $NODEIP:$PORT $PROXY $addcmd2") </dev/null 2>$ERRFILE >$TMPFILE
if ! sclient_connect_successful $? $TMPFILE; then if ! sclient_connect_successful $? $TMPFILE; then
list_fwd="$(actually_supported_osslciphers $list_fwd '' '-tls1')" list_fwd="$(actually_supported_osslciphers $list_fwd '' '-no_ssl2')"
pr_warning "no matching cipher in this list found (pls report this): " pr_warning "no matching cipher in this list found (pls report this): "
outln "$list_fwd . " outln "$list_fwd . "
fileout "$jsonID" "WARN" "Could not determine server cipher order, no matching cipher in list found (pls report this): $list_fwd" fileout "$jsonID" "WARN" "Could not determine server cipher order, no matching cipher in list found (pls report this): $list_fwd"
@ -17623,11 +17634,7 @@ prepare_arrays() {
if [[ -e "$CIPHERS_BY_STRENGTH_FILE" ]]; then if [[ -e "$CIPHERS_BY_STRENGTH_FILE" ]]; then
"$HAS_SSL2" && ossl_supported_sslv2="$($OPENSSL ciphers -ssl2 -V 'ALL:COMPLEMENTOFALL:@STRENGTH' 2>$ERRFILE)" "$HAS_SSL2" && ossl_supported_sslv2="$($OPENSSL ciphers -ssl2 -V 'ALL:COMPLEMENTOFALL:@STRENGTH' 2>$ERRFILE)"
if "$HAS_SSL2"; then ossl_supported_tls="$(actually_supported_osslciphers 'ALL:COMPLEMENTOFALL:@STRENGTH' 'ALL' "-no_ssl2 -V")"
ossl_supported_tls="$(actually_supported_osslciphers 'ALL:COMPLEMENTOFALL:@STRENGTH' 'ALL' "-tls1 -V")"
else
ossl_supported_tls="$(actually_supported_osslciphers 'ALL:COMPLEMENTOFALL:@STRENGTH' 'ALL' "-V")"
fi
TLS13_OSSL_CIPHERS="" TLS13_OSSL_CIPHERS=""
while read hexc n TLS_CIPHER_OSSL_NAME[i] TLS_CIPHER_RFC_NAME[i] TLS_CIPHER_SSLVERS[i] TLS_CIPHER_KX[i] TLS_CIPHER_AUTH[i] TLS_CIPHER_ENC[i] mac TLS_CIPHER_EXPORT[i]; do while read hexc n TLS_CIPHER_OSSL_NAME[i] TLS_CIPHER_RFC_NAME[i] TLS_CIPHER_SSLVERS[i] TLS_CIPHER_KX[i] TLS_CIPHER_AUTH[i] TLS_CIPHER_ENC[i] mac TLS_CIPHER_EXPORT[i]; do
TLS_CIPHER_HEXCODE[i]="$hexc" TLS_CIPHER_HEXCODE[i]="$hexc"
@ -18411,7 +18418,7 @@ sclient_auth() {
# This information can be used by determine_optimal_proto() to help distinguish between a server # This information can be used by determine_optimal_proto() to help distinguish between a server
# that is not TLS/SSL enabled and one that is not compatible with the version of OpenSSL being used. # that is not TLS/SSL enabled and one that is not compatible with the version of OpenSSL being used.
determine_optimal_sockets_params() { determine_optimal_sockets_params() {
local -i ret1=1 ret2=1 local -i ret1=1 ret2=1 ret3=1
local i proto cipher_offered local i proto cipher_offered
local all_failed=true local all_failed=true
@ -18480,8 +18487,6 @@ determine_optimal_sockets_params() {
add_tls_offered tls1_2 yes add_tls_offered tls1_2 yes
TLS12_CIPHER="$TLS12_CIPHER_2ND_TRY" TLS12_CIPHER="$TLS12_CIPHER_2ND_TRY"
all_failed=false all_failed=false
else
add_tls_offered tls1_2 no
fi fi
if [[ $ret2 -eq 2 ]]; then if [[ $ret2 -eq 2 ]]; then
case $DETECTED_TLS_VERSION in case $DETECTED_TLS_VERSION in
@ -18493,7 +18498,32 @@ determine_optimal_sockets_params() {
all_failed=false all_failed=false
fi fi
fi fi
if [[ $ret1 -eq 0 ]] || [[ $ret2 -eq 0 ]]; then # Try a third time with cipher suites not in $TLS12_CIPHER or
# $TLS12_CIPHER_2ND_TRY. If using these cipher suites results in a
# successful connection, then change $TLS12_CIPHER to these
# cipher suites so that later tests will use this list of cipher
# suites.
if [[ $ret1 -ne 0 ]] && [[ $ret2 -ne 0 ]]; then
tls_sockets "03" "$TLS12_CIPHER_3RD_TRY"
ret3=$?
if [[ $ret3 -eq 0 ]]; then
add_tls_offered tls1_2 yes
TLS12_CIPHER="$TLS12_CIPHER_3RD_TRY"
all_failed=false
else
add_tls_offered tls1_2 no
fi
if [[ $ret3 -eq 2 ]]; then
case $DETECTED_TLS_VERSION in
0302) add_tls_offered tls1_1 yes ;;
0301) add_tls_offered tls1 yes ;;
0300) add_tls_offered ssl3 yes ;;
esac
[[ $ret1 -ne 2 ]] && [[ $ret2 -ne 2 ]] && TLS12_CIPHER="$TLS12_CIPHER_3RD_TRY"
all_failed=false
fi
fi
if [[ $ret1 -eq 0 ]] || [[ $ret2 -eq 0 ]] || [[ $ret3 -eq 0 ]]; then
cipher_offered="$(get_cipher "$TEMPDIR/$NODEIP.parse_tls_serverhello.txt")" cipher_offered="$(get_cipher "$TEMPDIR/$NODEIP.parse_tls_serverhello.txt")"
if [[ "$cipher_offered" == TLS_* ]] || [[ "$cipher_offered" == SSL_* ]]; then if [[ "$cipher_offered" == TLS_* ]] || [[ "$cipher_offered" == SSL_* ]]; then
cipher_offered="$(rfc2hexcode "$cipher_offered")" cipher_offered="$(rfc2hexcode "$cipher_offered")"
@ -18614,6 +18644,10 @@ determine_optimal_proto() {
[[ "$(has_server_protocol "tls1_1")" -ne 0 ]] && [[ "$(has_server_protocol "tls1")" -ne 0 ]] && [[ "$(has_server_protocol "tls1_1")" -ne 0 ]] && [[ "$(has_server_protocol "tls1")" -ne 0 ]] &&
[[ "$(has_server_protocol "ssl3")" -ne 0 ]]; then [[ "$(has_server_protocol "ssl3")" -ne 0 ]]; then
TLS13_ONLY=true TLS13_ONLY=true
elif [[ -z "$TLS12_CIPHER_OFFERED" ]] && [[ "$(has_server_protocol "tls1_2")" -eq 0 ]] && [[ "$(get_protocol $TMPFILE)" == TLSv1.2 ]]; then
TLS12_CIPHER_OFFERED="$(get_cipher $TMPFILE)"
TLS12_CIPHER_OFFERED="$(openssl2hexcode "$TLS12_CIPHER_OFFERED")"
[[ ${#TLS12_CIPHER_OFFERED} -eq 9 ]] && TLS12_CIPHER_OFFERED="${TLS12_CIPHER_OFFERED:2:2},${TLS12_CIPHER_OFFERED:7:2}" || TLS12_CIPHER_OFFERED=""
fi fi
if [[ "$optimal_proto" == -ssl2 ]]; then if [[ "$optimal_proto" == -ssl2 ]]; then