RFC 5077 states that the server MAY give a hint of the lifetime of the ticket.

Sometimes it just does not. In those case also sometimes session resumption
via tickets is supported.

This fixes the output for Session Ticket RFC 5077 and doesn't draw the wrong
conclusion from a missing lifetime hint.

It also tests for ticketbleed first whether there's a session ticket TLS
extension.
This commit is contained in:
Dirk 2017-05-15 13:18:20 +02:00
parent 49b1be9f34
commit b694930fc2
1 changed files with 43 additions and 35 deletions

View File

@ -6077,7 +6077,7 @@ certificate_info() {
run_server_defaults() { run_server_defaults() {
local ciph newhostcert sni local ciph newhostcert sni
local match_found local match_found
local sessticket_str="" lifetime unit local sessticket_lifetime_hint="" lifetime unit
local -i i n local -i i n
local -i certs_found=0 local -i certs_found=0
local -a previous_hostcert previous_intermediates keysize cipher local -a previous_hostcert previous_intermediates keysize cipher
@ -6135,8 +6135,8 @@ run_server_defaults() {
if [[ ${success[n]} -eq 0 ]]; then if [[ ${success[n]} -eq 0 ]]; then
cp "$TEMPDIR/$NODEIP.get_server_certificate.txt" $TMPFILE cp "$TEMPDIR/$NODEIP.get_server_certificate.txt" $TMPFILE
>$ERRFILE >$ERRFILE
if [[ -z "$sessticket_str" ]]; then if [[ -z "$sessticket_lifetime_hint" ]]; then
sessticket_str=$(grep -aw "session ticket" $TMPFILE | grep -a lifetime) sessticket_lifetime_hint=$(grep -aw "session ticket" $TMPFILE | grep -a lifetime)
fi fi
# check whether the host's certificate has been seen before # check whether the host's certificate has been seen before
@ -6204,8 +6204,7 @@ run_server_defaults() {
if [[ $? -eq 0 ]] && [[ "$OPTIMAL_PROTO" != "-ssl2" ]]; then if [[ $? -eq 0 ]] && [[ "$OPTIMAL_PROTO" != "-ssl2" ]]; then
cp "$TEMPDIR/$NODEIP.determine_tls_extensions.txt" $TMPFILE cp "$TEMPDIR/$NODEIP.determine_tls_extensions.txt" $TMPFILE
>$ERRFILE >$ERRFILE
[[ -z "$sessticket_lifetime_hint" ]] && sessticket_lifetime_hint=$(grep -aw "session ticket" $TMPFILE | grep -a lifetime)
[[ -z "$sessticket_str" ]] && sessticket_str=$(grep -aw "session ticket" $TMPFILE | grep -a lifetime)
fi fi
outln outln
@ -6217,7 +6216,8 @@ run_server_defaults() {
outln "(none)" outln "(none)"
fileout "tls_extensions" "INFO" "TLS server extensions (std): (none)" fileout "tls_extensions" "INFO" "TLS server extensions (std): (none)"
else else
#FIXME: we rather want to have the chance to print each ext in italcs or another format. Atm is a string of quoted strings -- that needs to be fixed at the root #FIXME: we rather want to have the chance to print each ext in italics or another format.
# Atm is a string of quoted strings -- that needs to be fixed at the root then
# out_row_aligned_max_width() places line breaks at space characters. # out_row_aligned_max_width() places line breaks at space characters.
# So, in order to prevent the text for an extension from being broken # So, in order to prevent the text for an extension from being broken
# across lines, temporarily replace space characters within the text # across lines, temporarily replace space characters within the text
@ -6231,13 +6231,15 @@ run_server_defaults() {
fileout "tls_extensions" "INFO" "TLS server extensions (std): $TLS_EXTENSIONS" fileout "tls_extensions" "INFO" "TLS server extensions (std): $TLS_EXTENSIONS"
fi fi
pr_bold " Session Tickets RFC 5077 " pr_bold " Session Ticket RFC 5077 hint "
if [[ -z "$sessticket_str" ]]; then if [[ -z "$sessticket_lifetime_hint" ]]; then
outln "(none)" outln "(no lifetime advertised)"
fileout "session_ticket" "INFO" "TLS session tickes RFC 5077 not supported" fileout "session_ticket" "INFO" "TLS session ticket RFC 5077 lifetime: none advertised"
# it MAY be given a hint of the lifetime of the ticket, see https://tools.ietf.org/html/rfc5077#section-5.6 .
# Sometimes it just does not -- but it then may also support TLS session tickets reuse
else else
lifetime=$(grep -a lifetime <<< "$sessticket_str" | sed 's/[A-Za-z:() ]//g') lifetime=$(grep -a lifetime <<< "$sessticket_lifetime_hint" | sed 's/[A-Za-z:() ]//g')
unit=$(grep -a lifetime <<< "$sessticket_str" | sed -e 's/^.*'"$lifetime"'//' -e 's/[ ()]//g') unit=$(grep -a lifetime <<< "$sessticket_lifetime_hint" | sed -e 's/^.*'"$lifetime"'//' -e 's/[ ()]//g')
out "$lifetime $unit " out "$lifetime $unit "
prln_svrty_low "(PFS requires session ticket keys to be rotated <= daily)" prln_svrty_low "(PFS requires session ticket keys to be rotated <= daily)"
fileout "session_ticket" "LOW" "TLS session ticket RFC 5077 valid for $lifetime $unit (PFS requires session ticket keys to be rotated at least daily)" fileout "session_ticket" "LOW" "TLS session ticket RFC 5077 valid for $lifetime $unit (PFS requires session ticket keys to be rotated at least daily)"
@ -6253,7 +6255,6 @@ run_server_defaults() {
fi fi
pr_bold " Session Resumption " pr_bold " Session Resumption "
if [[ -n "$sessticket_str" ]]; then
sub_session_resumption sub_session_resumption
case $? in case $? in
0) SESS_RESUMPTION[2]="ticket=yes" 0) SESS_RESUMPTION[2]="ticket=yes"
@ -6270,12 +6271,6 @@ run_server_defaults() {
;; ;;
esac esac
else
SESS_RESUMPTION[2]="ticket=no"
out "Ticket: no extension=no resumption, "
fileout "session_resumption_ticket" "INFO" "No TLS session ticket extension, no resumption possible (assumed)"
fi
if "$NO_SSL_SESSIONID"; then if "$NO_SSL_SESSIONID"; then
SESS_RESUMPTION[1]="ID=no" SESS_RESUMPTION[1]="ID=no"
outln "ID: no" outln "ID: no"
@ -9136,7 +9131,20 @@ run_ticketbleed() {
[[ $VULN_COUNT -le $VULN_THRESHLD ]] && outln && pr_headlineln " Testing for Ticketbleed vulnerability " && outln [[ $VULN_COUNT -le $VULN_THRESHLD ]] && outln && pr_headlineln " Testing for Ticketbleed vulnerability " && outln
pr_bold " Ticketbleed"; out " ($cve), experiment. " pr_bold " Ticketbleed"; out " ($cve), experiment. "
[[ "$SERVICE" != HTTP ]] && outln "-- (applicable only for HTTPS)" && return 0 if [[ "$SERVICE" != HTTP ]]; then
outln "-- (applicable only for HTTPS)"
fileout "ticketbleed" "INFO" "Ticketbleed: not applicable, not HTTP" "$cve" "$cwe"
return 0
fi
# highly unlikely that it is NOT supported. We may loose time here but it's more solid
[[ -z "$TLS_EXTENSIONS" ]] && determine_tls_extensions
if ! grep -q 'session ticket' <<< "$TLS_EXTENSIONS"; then
pr_done_best "not vulnerable (OK)"
outln ", no session ticket extension"
fileout "ticketbleed" "OK" "Ticketbleed: no session ticket extension" "$cve" "$cwe"
return 0
fi
if $(has_server_protocol "tls1"); then if $(has_server_protocol "tls1"); then
tls_hexcode="x03, x01" tls_hexcode="x03, x01"