From ca7c8200eb7fe00f791b518060b8a7a6c73a69f9 Mon Sep 17 00:00:00 2001 From: David Cooper Date: Wed, 18 Oct 2017 16:37:35 -0400 Subject: [PATCH] Add TLSv1.3 support for run_server_preference() This PR adds support for TLSv1.3 to run_server_preference(). It only provides partial support, as it only works if the support supports and earlier TLS protocol (in order to determine whether the server has a cipher order). It also will only show TLSv1.3 as the "Negotiated protocol" if $OPENSSL supports TLSv1.3. This PR also fixes a bug in which the variable "proto" was defined as used as both a regular variable and as an array. --- etc/tls_data.txt | 4 ++++ testssl.sh | 35 ++++++++++++++++++++++------------- 2 files changed, 26 insertions(+), 13 deletions(-) diff --git a/etc/tls_data.txt b/etc/tls_data.txt index 3a73936..f95f4b3 100755 --- a/etc/tls_data.txt +++ b/etc/tls_data.txt @@ -3,6 +3,10 @@ # see #807 and #806 (especially # https://github.com/drwetter/testssl.sh/issues/806#issuecomment-318686374) +# All 5 ciphers defined for TLS 1.3 +readonly TLS13_CIPHER=" +13,01, 13,02, 13,03, 13,04, 13,05" + # 123 standard cipher + 4x GOST for TLS 1.2 and SPDY/NPN HTTP2/ALPN readonly TLS12_CIPHER=" c0,30, c0,2c, c0,28, c0,24, c0,14, c0,0a, 00,9f, 00,6b, diff --git a/testssl.sh b/testssl.sh index 8cf5689..0488e8c 100755 --- a/testssl.sh +++ b/testssl.sh @@ -4754,7 +4754,7 @@ run_server_preference() { local default_cipher default_cipher_ossl default_proto local limitedsense supported_sslv2_ciphers local -a cipher proto - local proto i + local proto_ossl proto_txt proto_hex cipherlist i local -i ret=0 j local list_fwd="DES-CBC3-SHA:RC4-MD5:DES-CBC-SHA:RC4-SHA:AES128-SHA:AES128-SHA256:AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-RSA-AES128-SHA:ECDH-RSA-AES256-SHA:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:DHE-DSS-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:AES256-SHA256" # now reversed offline via tac, see https://github.com/thomassa/testssl.sh/commit/7a4106e839b8c3033259d66697893765fc468393 : @@ -4844,6 +4844,10 @@ run_server_preference() { fi default_proto=$(get_protocol $TMPFILE) case "$default_proto" in + *TLSv1.3) + prln_done_best $default_proto + fileout "order_proto" "OK" "Default protocol TLS1.3" + ;; *TLSv1.2) prln_done_best $default_proto fileout "order_proto" "OK" "Default protocol TLS1.2" @@ -4918,8 +4922,8 @@ run_server_preference() { else pr_bold " Negotiated cipher per proto"; outln " $limitedsense" i=1 - for proto in ssl2 ssl3 tls1 tls1_1 tls1_2; do - if [[ $proto == ssl2 ]] && ! "$HAS_SSL2"; then + for proto_ossl in ssl2 ssl3 tls1 tls1_1 tls1_2 tls1_3; do + if [[ $proto_ossl == ssl2 ]] && ! "$HAS_SSL2"; then if ! "$using_sockets" || [[ $TLS_NR_CIPHERS -eq 0 ]]; then out " (SSLv2: "; pr_local_problem "$OPENSSL doesn't support \"s_client -ssl2\""; outln ")"; continue @@ -4949,15 +4953,20 @@ run_server_preference() { cipher[i]="" fi fi - elif [[ $proto == ssl3 ]] && ! "$HAS_SSL3"; then + elif ( [[ $proto_ossl == ssl3 ]] && ! "$HAS_SSL3" ) || ( [[ $proto_ossl == tls1_3 ]] && ! "$HAS_TLS13" ); then + if [[ $proto_ossl == ssl3 ]]; then + proto_txt="SSLv3" ; proto_hex="00" ; cipherlist="$TLS_CIPHER" + else + proto_txt="TLSv1.3" ; proto_hex="04" ; cipherlist="$TLS13_CIPHER" + fi if ! "$using_sockets"; then - out " (SSLv3: "; pr_local_problem "$OPENSSL doesn't support \"s_client -ssl3\"" ; outln ")"; + out " ($proto_txt: "; pr_local_problem "$OPENSSL doesn't support \"s_client -$proto_ossl\"" ; outln ")"; continue else - tls_sockets "00" "$TLS_CIPHER" + tls_sockets "$proto_hex" "$cipherlist" if [[ $? -eq 0 ]]; then - proto[i]="SSLv3" - cipher1=$(awk '/Cipher *:/ { print $3 }' "$TEMPDIR/$NODEIP.parse_tls_serverhello.txt") + proto[i]="$proto_txt" + cipher1=$(get_cipher "$TEMPDIR/$NODEIP.parse_tls_serverhello.txt") cipher[i]="$cipher1" if [[ "$DISPLAY_CIPHERNAMES" =~ openssl ]] && [[ $TLS_NR_CIPHERS -ne 0 ]]; then cipher[i]="$(rfc2openssl "$cipher1")" @@ -4970,8 +4979,8 @@ run_server_preference() { fi fi else - [[ "$proto" =~ ssl ]] && sni="" || sni="$SNI" - $OPENSSL s_client $STARTTLS -"$proto" $BUGS -connect $NODEIP:$PORT $PROXY $sni >$ERRFILE >$TMPFILE + [[ "$proto_ossl" =~ ssl ]] && sni="" || sni="$SNI" + $OPENSSL s_client $STARTTLS -"$proto_ossl" $BUGS -connect $NODEIP:$PORT $PROXY $sni >$ERRFILE >$TMPFILE if sclient_connect_successful $? $TMPFILE; then proto[i]=$(get_protocol $TMPFILE) cipher[i]=$(get_cipher $TMPFILE) @@ -4986,7 +4995,7 @@ run_server_preference() { cipher[i]="" fi fi - [[ -n "${cipher[i]}" ]] && add_tls_offered "$proto" yes + [[ -n "${cipher[i]}" ]] && add_tls_offered "$proto_ossl" yes i=$((i + 1)) done @@ -5112,7 +5121,7 @@ cipher_pref_check() { [[ $(has_server_protocol "$p") -eq 1 ]] && continue - if [[ $p != ssl3 ]] || "$HAS_SSL3"; then + if ( [[ $p != tls1_3 ]] || "$HAS_TLS13" ) && ( [[ $p != ssl3 ]] || "$HAS_SSL3" ); then # with the supplied binaries SNI works also for SSLv3 [[ "$p" =~ ssl ]] && sni="" || sni=$SNI @@ -5280,7 +5289,7 @@ cipher_pref_check() { out "$(out_row_aligned_max_width "$order" " " $TERM_WIDTH)" fileout "order_$p" "INFO" "Default cipher order for protocol $p: $order" fi - done <<< "$(tm_out " ssl3 00 SSLv3\n tls1 01 TLSv1\n tls1_1 02 TLSv1.1\n tls1_2 03 TLSv1.2\n")" + done <<< "$(tm_out " ssl3 00 SSLv3\n tls1 01 TLSv1\n tls1_1 02 TLSv1.1\n tls1_2 03 TLSv1.2\n tls1_3 04 TLSv1.3\n")" outln outln