From cc7425609175b644ca5cef1129ac26bccc4ec723 Mon Sep 17 00:00:00 2001 From: David Cooper Date: Mon, 11 Apr 2022 11:29:13 -0400 Subject: [PATCH] Fix setting NO_SESSION_ID With a TLS 1.3 connection using $OPENSSL, a session ID will only appears as part of a post-handshake session ticket. However, when $OPENSSL s_client is called as in determine_optimal_proto() (i.e., with "< /dev/null"), a post-handshake session ticket will not always be received, even if the server supports it. This can result in NO_SESSION_ID incorrectly being set to true. This commit fixes the issue by setting NO_SESSION_ID to true by default, and then setting it to false if a session ID is returned by any connection to the server. --- testssl.sh | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) diff --git a/testssl.sh b/testssl.sh index b5a279b..1a4cca6 100755 --- a/testssl.sh +++ b/testssl.sh @@ -284,7 +284,7 @@ ERRFILE="" CLIENT_AUTH="none" CLIENT_AUTH_CA_LIST="" TLS_TICKETS=false -NO_SSL_SESSIONID=false +NO_SSL_SESSIONID=true CERT_COMPRESSION=${CERT_COMPRESSION:-false} # secret flag to set in addition to --devel for certificate compression HOSTCERT="" # File with host certificate, without intermediate certificate HEADERFILE="" @@ -7563,14 +7563,19 @@ tls_time() { # sclient_connect_successful() { local server_hello="$(cat -v "$2")" + local connect_success=false local re='Master-Key: ([^\ ]*)' - [[ $1 -eq 0 ]] && return 0 - if [[ "$server_hello" =~ $re ]]; then - [[ -n "${BASH_REMATCH[1]}" ]] && return 0 + [[ $1 -eq 0 ]] && connect_success=true + if ! "$connect_success" && [[ "$server_hello" =~ $re ]]; then + [[ -n "${BASH_REMATCH[1]}" ]] && connect_success=true + fi + ! "$connect_success" && [[ "$server_hello" =~ (New|Reused)", "(SSLv[23]|TLSv1(\.[0-3])?(\/SSLv3)?)", Cipher is "([A-Z0-9]+-[A-Za-z0-9\-]+|TLS_[A-Za-z0-9_]+) ]] && connect_success=true + if "$connect_success"; then + "$NO_SSL_SESSIONID" && [[ "$server_hello" =~ Session-ID:\ [a-fA-F0-9]{2,64} ]] && NO_SSL_SESSIONID=false + return 0 fi - [[ "$server_hello" =~ (New|Reused)", "(SSLv[23]|TLSv1(\.[0-3])?(\/SSLv3)?)", Cipher is "([A-Z0-9]+-[A-Za-z0-9\-]+|TLS_[A-Za-z0-9_]+) ]] && return 0 # what's left now is: master key empty and Session-ID not empty # ==> probably client-based auth with x509 certificate. We handle that at other places # @@ -14194,6 +14199,7 @@ parse_tls_serverhello() { fi done fi + [[ "0x${DETECTED_TLS_VERSION:2:2}" -le "0x03" ]] && [[ $tls_sid_len -gt 0 ]] && NO_SSL_SESSIONID=false if [[ "$DETECTED_TLS_VERSION" == "0300" ]]; then echo "Protocol : SSLv3" >> $TMPFILE @@ -21050,7 +21056,7 @@ sclient_auth() { connect_success=true if "$connect_success"; then - [[ ! "$server_hello" =~ Session-ID:\ [a-fA-F0-9]{2,64} ]] && NO_SSL_SESSIONID=true + [[ "$server_hello" =~ Session-ID:\ [a-fA-F0-9]{2,64} ]] && NO_SSL_SESSIONID=false # we needed to set this for later if [[ "$server_hello" =~ \<\<\<\ (SSL\ [23]|TLS\ 1)(\.[0-3])?[\,]?\ Handshake\ \[length\ [0-9a-fA-F]*\]\,\ CertificateRequest ]]; then @@ -23285,7 +23291,7 @@ reset_hostdepended_vars() { KNOWN_OSSL_PROB=false TLS13_ONLY=false CLIENT_AUTH="none" - NO_SSL_SESSIONID=false + NO_SSL_SESSIONID=true DH_GROUP_OFFERED="" DH_GROUP_LEN_P=0 KEY_SHARE_EXTN_NR="33"