Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-01-01 06:19:44 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch '2.9dev' of github.com:drwetter/testssl.sh into 2.9dev

Browse Source
This commit is contained in:
Dirk 2018-01-29 20:06:31 +01:00
commit d7a1236e9b
4 changed files with 115 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
doc/testssl.1
View File

@ -1,7 +1,7 @@
.\" generated with Ronn/v0.7.3
.\" http://github.com/rtomayko/ronn/tree/0.7.3
.
.TH "TESTSSL" "1" "December 2017" "" ""
.TH "TESTSSL" "1" "January 2018" "" ""
.
.SH "NAME"
\fBtestssl\fR
@ -25,7 +25,7 @@ testssl\.sh is a free command line tool which checks a server\'s service on any
The output rates findings by color (screen) or severity (file output) so that you are able to tell whether something is good or bad\. The (screen) output has several sections in which classes of checks are being performed\. To ease readability on the screen it aligns and indents the output properly\.
.
.P
Except DNS lookups it doesn\'t use any third parties for checks, it\'s only you who sees the result and you also can use it internally on your LAN\.
Only you see the result\. You also can use it internally on your LAN\. Except DNS lookups it doesn\'t use any other hosts or even third parties for checks\.
.
.P
It is out of the box pretty much portable: testssl\.sh runs under any Unix\-like stack (Linux, *BSD, MacOS X, WSL=bash on Windows, Cygwin and MSYS2)\. \fBbash\fR (also version 3 is still supported) is a prerequisite as well as standard utilities like awk, sed, tr and head\. This can be of BSD, System 5 or GNU flavor whereas grep from System V is not yet supported\.
@ -64,7 +64,7 @@ It is out of the box pretty much portable: testssl\.sh runs under any Unix\-like
9) client simulation
.
.SH "OPTIONS AND PARAMETERS"
Options are either short or long options\. All options requiring a value can be called with or without an equal sign \'=\' e\.g\. \fBtestssl\.sh \-t=smtp \-\-wide \-\-openssl=/usr/bin/openssl <URI>\fR is equivalent to \fBtestssl\.sh \-\-starttls smtp \-\-wide \-\-openssl /usr/bin/openssl <URI>\fR\. Some command line options can also be preset via ENV variables\. \fBWIDE=true OPENSSL=/usr/bin/openssl testssl\.sh \-\-starttls smtp <URI>\fR would be the equivalent to the aforementioned examples\. Preference has the command line over any environment variables\.
Options are either short or long options\. Any option requiring a value can be called with or without an equal sign \'=\' e\.g\. \fBtestssl\.sh \-t=smtp \-\-wide \-\-openssl=/usr/bin/openssl <URI>\fR (short option with equal sign) is equivalent to \fBtestssl\.sh \-\-starttls smtp \-\-wide \-\-openssl /usr/bin/openssl <URI>\fR (long option without equal sign)\. Some command line options can also be preset via ENV variables\. \fBWIDE=true OPENSSL=/usr/bin/openssl testssl\.sh \-\-starttls=smtp <URI>\fR would be the equivalent to the aforementioned examples\. Preference has the command line over any environment variables\.
.
.P
\fB<URI>\fR or \fB\-\-file <FILE>\fR always needs to be the last parameter\.
@ -134,7 +134,7 @@ Please note that the content of \fBfname\fR has to be in Unix format\. DOS carri
\fB\-\-proxy <host>:<port>\fR does the whole check via the specified HTTP proxy\. \fB\-\-proxy=auto\fR inherits the proxy setting from the environment\. Proxying via IPv6 addresses is not possible\. The hostname supplied will only be resolved to the first A record\. Authentication to the proxy is not supported\. In addition if you want lookups via proxy you can specify \fBDNS_VIA_PROXY=true\fR\.
.
.P
\fB\-6\fR does (also) IPv6 checks\. This works only with both a supporting openssl binary like the one supplied and IPv6 connectivity\. testssl\.sh does no connectivity checks for IPv6, it also cannot determine reliably whether the OpenSSL binary you are using has IPv6 support\. \fBHAS_IPv6\fR is the respective environment variable\.
\fB\-6\fR does (also) IPv6 checks\. Please note if a supplied URI resolves (also) to an IPv6 address that testssl\.sh doesn\'t do checks on an IPv6 address automatically\. This is because testssl\.sh does no connectivity checks for IPv6\. It also cannot determine reliably whether the OpenSSL binary you are using has IPv6 support\. \fB\-6\fR assumes both is the case\. If both conditions are met and you want in general enable IPv6 tests you might as well add \fBHAS_IPv6\fR to your shell environment\.
.
.P
\fB\-\-ssl\-native\fR instead of using a mixture of bash sockets and openssl s_client connects testssl\.sh uses the latter only\. This is at the moment faster but provides less accurate results, especially in the client simulation and if the openssl binary lacks cipher support\. For TLS protocol checks and standard cipher lists and certain other checks you will see a warning if testssl\.sh internally can tell if one check cannot be performed or will give you inaccurate results\. For e\.g\. single cipher checks (\fB\-\-each\-cipher\fR and \fB\-\-cipher\-per\-proto\fR) you might end up getting false negatives without a warning\.
@ -146,7 +146,7 @@ Please note that the content of \fBfname\fR has to be in Unix format\. DOS carri
\fB\-\-bugs\fR does some workarounds for buggy servers like padding for old F5 devices\. The option is passed as \fB\-bug\fR to openssl when needed, see \fBs_client(1)\fR\. For the socket part testssl\.sh tries its best also without that option to cope with broken server implementations (environment preset via \fBBUGS="\-bugs"\fR)
.
.P
\fB\-\-assuming\-http\fR testssl\.sh does upfront a protocol detection on the application layer\. In cases where for some reasons the usage of HTTP cannot be automatically detected you may want to use this option\. It tells testssl\.sh not to skip HTTP specific tests and to run the client simulation with browsers\. Sometimes also the severity depends on the application protocol, e\.g\. SHA1 signed certificates, the lack of any SAN matches and some vulnerabilities will be punished harder when checking a web server as opposed to a mail server\.
\fB\-\-assuming\-http\fR testssl\.sh does upfront an application protocol detection\. In cases where for some reasons the usage of HTTP cannot be automatically detected you may want to use this option\. It tells testssl\.sh not to skip HTTP specific tests and to run the client simulation with browsers\. Sometimes also the severity depends on the application protocol, e\.g\. SHA1 signed certificates, the lack of any SAN matches and some vulnerabilities will be punished harder when checking a web server as opposed to a mail server\.
.
.IP "\(bu" 4
\fB\-n, \-\-no\-dns\fR instructs testssl\.sh to not do any DNS lookups\. This is useful if you either can\'t or are not willing to perform DNS lookups\. The latter applies e\.g\. to some pentests, the former could e\.g\. help you to avoid timeouts by DNS lookups\. \fBNODNS=true\fR has the same effect\.
@ -195,7 +195,7 @@ Any single check switch supplied as an argument prevents testssl\.sh from doing
.IP "" 0
.
.P
\fB\-p, \-\-protocols\fR checks TLS/SSL protocols SSLv2, SSLv3, TLS 1\.0 \- TLS1\.2 and for HTTP: SPDY (NPN) and ALPN, a\.k\.a\. HTTP/2
\fB\-p, \-\-protocols\fR checks TLS/SSL protocols SSLv2, SSLv3, TLS 1\.0 \- TLS 1\.3 and for HTTP: SPDY (NPN) and ALPN, a\.k\.a\. HTTP/2\. For TLS 1\.3 several drafts (18\-23) and TLS 1\.3 final are suuported\.
.
.P
\fB\-P, \-\-preference\fR displays the servers preferences: cipher order, with used openssl client: negotiated protocol and cipher\. If there\'s a cipher order enforced by the server it displays it for each protocol (openssl+sockets)\. If there\'s not, it displays instead which ciphers from the server were picked with each protocol (by using openssl only)

18
doc/testssl.1.html
View File

@ -98,9 +98,13 @@
<p>The output rates findings by color (screen) or severity (file output) so that you are able to tell whether something is good or bad. The (screen) output has several sections in which classes of checks are being performed. To ease readability on the screen it aligns and indents the output properly.</p>
<p>Except DNS lookups it doesn't use any third parties for checks, it's only you who sees the result and you also can use it internally on your LAN.</p>
<p>Only you see the result. You also can use it internally on your LAN. Except DNS lookups it doesn't use any other hosts or even third parties for checks.</p>
<p>It is out of the box pretty much portable: testssl.sh runs under any Unix-like stack (Linux, *BSD, MacOS X, WSL=bash on Windows, Cygwin and MSYS2). <code>bash</code> (also version 3 is still supported) is a prerequisite as well as standard utilities like awk, sed, tr and head. This can be of BSD, System 5 or GNU flavor whereas grep from System V is not yet supported.</p>
<p>It is out of the box pretty much portable: testssl.sh runs under any Unix-like
stack (Linux, *BSD, MacOS X, WSL=bash on Windows, Cygwin and MSYS2). <code>bash</code>
(also version 3 is still supported) is a prerequisite as well as standard
utilities like awk, sed, tr and head. This can be of BSD, System 5 or GNU
flavor whereas grep from System V is not yet supported.</p>
<h2 id="GENERAL">GENERAL</h2>
@ -128,7 +132,7 @@
<h2 id="OPTIONS-AND-PARAMETERS">OPTIONS AND PARAMETERS</h2>
<p>Options are either short or long options. All options requiring a value can be called with or without an equal sign '=' e.g. <code>testssl.sh -t=smtp --wide --openssl=/usr/bin/openssl &lt;URI></code> is equivalent to <code>testssl.sh --starttls smtp --wide --openssl /usr/bin/openssl &lt;URI></code>. Some command line options can also be preset via ENV variables. <code>WIDE=true OPENSSL=/usr/bin/openssl testssl.sh --starttls smtp &lt;URI></code> would be the equivalent to the aforementioned examples. Preference has the command line over any environment variables.</p>
<p>Options are either short or long options. Any option requiring a value can be called with or without an equal sign '=' e.g. <code>testssl.sh -t=smtp --wide --openssl=/usr/bin/openssl &lt;URI></code> (short option with equal sign) is equivalent to <code>testssl.sh --starttls smtp --wide --openssl /usr/bin/openssl &lt;URI></code> (long option without equal sign). Some command line options can also be preset via ENV variables. <code>WIDE=true OPENSSL=/usr/bin/openssl testssl.sh --starttls=smtp &lt;URI></code> would be the equivalent to the aforementioned examples. Preference has the command line over any environment variables.</p>
<p><code>&lt;URI></code> or <code>--file &lt;FILE></code> always needs to be the last parameter.</p>
@ -181,7 +185,7 @@ host.example.com:631
<p><code>--proxy &lt;host>:&lt;port></code> does the whole check via the specified HTTP proxy. <code>--proxy=auto</code> inherits the proxy setting from the environment. Proxying via IPv6 addresses is not possible. The hostname supplied will only be resolved to the first A record. Authentication to the proxy is not supported. In addition if you want lookups via proxy you can specify <code>DNS_VIA_PROXY=true</code>.</p>
<p><code>-6</code> does (also) IPv6 checks. This works only with both a supporting openssl binary like the one supplied and IPv6 connectivity. testssl.sh does no connectivity checks for IPv6, it also cannot determine reliably whether the OpenSSL binary you are using has IPv6 support. <code>HAS_IPv6</code> is the respective environment variable.</p>
<p><code>-6</code> does (also) IPv6 checks. Please note if a supplied URI resolves (also) to an IPv6 address that testssl.sh doesn't do checks on an IPv6 address automatically. This is because testssl.sh does no connectivity checks for IPv6. It also cannot determine reliably whether the OpenSSL binary you are using has IPv6 support. <code>-6</code> assumes both is the case. If both conditions are met and you want in general enable IPv6 tests you might as well add <code>HAS_IPv6</code> to your shell environment.</p>
<p><code>--ssl-native</code> instead of using a mixture of bash sockets and openssl s_client connects testssl.sh uses the latter only. This is at the moment faster but provides less accurate results, especially in the client
simulation and if the openssl binary lacks cipher support. For TLS protocol checks and standard cipher lists and certain other checks you will see a warning if testssl.sh internally can tell if one check cannot be performed or will give you inaccurate results. For e.g. single cipher checks (<code>--each-cipher</code> and <code>--cipher-per-proto</code>) you might end up getting false negatives without a warning.</p>
@ -190,7 +194,7 @@ host.example.com:631
<p><code>--bugs</code> does some workarounds for buggy servers like padding for old F5 devices. The option is passed as <code>-bug</code> to openssl when needed, see <code>s_client(1)</code>. For the socket part testssl.sh tries its best also without that option to cope with broken server implementations (environment preset via <code>BUGS="-bugs"</code>)</p>
<p><code>--assuming-http</code> testssl.sh does upfront a protocol detection on the application layer. In cases where for some reasons the usage of HTTP cannot be automatically detected you may want to use this option. It tells testssl.sh not to skip HTTP specific tests and to run the client simulation with browsers. Sometimes also the severity depends on the application protocol, e.g. SHA1 signed certificates, the lack of any SAN matches and some vulnerabilities will be punished harder when checking a web server as opposed to a mail server.</p>
<p><code>--assuming-http</code> testssl.sh does upfront an application protocol detection. In cases where for some reasons the usage of HTTP cannot be automatically detected you may want to use this option. It tells testssl.sh not to skip HTTP specific tests and to run the client simulation with browsers. Sometimes also the severity depends on the application protocol, e.g. SHA1 signed certificates, the lack of any SAN matches and some vulnerabilities will be punished harder when checking a web server as opposed to a mail server.</p>
<ul>
<li><p><code>-n, --no-dns</code> instructs testssl.sh to not do any DNS lookups. This is useful if you either can't or are not willing to perform DNS lookups. The latter applies e.g. to some pentests, the former could e.g. help you to avoid timeouts by DNS lookups. <code>NODNS=true</code> has the same effect.</p></li>
@ -220,7 +224,7 @@ host.example.com:631
</ul>
<p><code>-p, --protocols</code> checks TLS/SSL protocols SSLv2, SSLv3, TLS 1.0 - TLS1.2 and for HTTP: SPDY (NPN) and ALPN, a.k.a. HTTP/2</p>
<p><code>-p, --protocols</code> checks TLS/SSL protocols SSLv2, SSLv3, TLS 1.0 - TLS 1.3 and for HTTP: SPDY (NPN) and ALPN, a.k.a. HTTP/2. For TLS 1.3 several drafts (18-23) and TLS 1.3 final are suuported.</p>
<p><code>-P, --preference</code> displays the servers preferences: cipher order, with used openssl client: negotiated protocol and cipher. If there's a cipher order enforced by the server it displays it for each protocol (openssl+sockets). If there's not, it displays instead which ciphers from the server were picked with each protocol (by using openssl only)</p>
@ -519,7 +523,7 @@ to create the hashes for HPKP.</li>
<ol class='man-decor man-foot man foot'>
<li class='tl'></li>
<li class='tc'>December 2017</li>
<li class='tc'>January 2018</li>
<li class='tr'>testssl(1)</li>
</ol>

17
doc/testssl.1.md
View File

@ -17,9 +17,13 @@ testssl.sh is a free command line tool which checks a server's service on any po
The output rates findings by color (screen) or severity (file output) so that you are able to tell whether something is good or bad. The (screen) output has several sections in which classes of checks are being performed. To ease readability on the screen it aligns and indents the output properly.
Except DNS lookups it doesn't use any third parties for checks, it's only you who sees the result and you also can use it internally on your LAN.
Only you see the result. You also can use it internally on your LAN. Except DNS lookups it doesn't use any other hosts or even third parties for checks.
It is out of the box pretty much portable: testssl.sh runs under any Unix-like stack (Linux, *BSD, MacOS X, WSL=bash on Windows, Cygwin and MSYS2). `bash` (also version 3 is still supported) is a prerequisite as well as standard utilities like awk, sed, tr and head. This can be of BSD, System 5 or GNU flavor whereas grep from System V is not yet supported.
It is out of the box pretty much portable: testssl.sh runs under any Unix-like
stack (Linux, *BSD, MacOS X, WSL=bash on Windows, Cygwin and MSYS2). `bash`
(also version 3 is still supported) is a prerequisite as well as standard
utilities like awk, sed, tr and head. This can be of BSD, System 5 or GNU
flavor whereas grep from System V is not yet supported.
## GENERAL
@ -46,9 +50,10 @@ It is out of the box pretty much portable: testssl.sh runs under any Unix-like s
9) client simulation
## OPTIONS AND PARAMETERS
Options are either short or long options. All options requiring a value can be called with or without an equal sign '=' e.g. `testssl.sh -t=smtp --wide --openssl=/usr/bin/openssl <URI>` is equivalent to `testssl.sh --starttls smtp --wide --openssl /usr/bin/openssl <URI>`. Some command line options can also be preset via ENV variables. `WIDE=true OPENSSL=/usr/bin/openssl testssl.sh --starttls smtp <URI>` would be the equivalent to the aforementioned examples. Preference has the command line over any environment variables.
Options are either short or long options. Any option requiring a value can be called with or without an equal sign '=' e.g. `testssl.sh -t=smtp --wide --openssl=/usr/bin/openssl <URI>` (short option with equal sign) is equivalent to `testssl.sh --starttls smtp --wide --openssl /usr/bin/openssl <URI>` (long option without equal sign). Some command line options can also be preset via ENV variables. `WIDE=true OPENSSL=/usr/bin/openssl testssl.sh --starttls=smtp <URI>` would be the equivalent to the aforementioned examples. Preference has the command line over any environment variables.
`<URI>` or `--file <FILE>` always needs to be the last parameter.
@ -103,7 +108,7 @@ Please note that the content of `fname` has to be in Unix format. DOS carriage r
`--proxy <host>:<port>` does the whole check via the specified HTTP proxy. `--proxy=auto` inherits the proxy setting from the environment. Proxying via IPv6 addresses is not possible. The hostname supplied will only be resolved to the first A record. Authentication to the proxy is not supported. In addition if you want lookups via proxy you can specify `DNS_VIA_PROXY=true`.
`-6` does (also) IPv6 checks. This works only with both a supporting openssl binary like the one supplied and IPv6 connectivity. testssl.sh does no connectivity checks for IPv6, it also cannot determine reliably whether the OpenSSL binary you are using has IPv6 support. `HAS_IPv6` is the respective environment variable.
`-6` does (also) IPv6 checks. Please note if a supplied URI resolves (also) to an IPv6 address that testssl.sh doesn't do checks on an IPv6 address automatically. This is because testssl.sh does no connectivity checks for IPv6. It also cannot determine reliably whether the OpenSSL binary you are using has IPv6 support. `-6` assumes both is the case. If both conditions are met and you want in general enable IPv6 tests you might as well add `HAS_IPv6` to your shell environment.
`--ssl-native` instead of using a mixture of bash sockets and openssl s_client connects testssl.sh uses the latter only. This is at the moment faster but provides less accurate results, especially in the client
simulation and if the openssl binary lacks cipher support. For TLS protocol checks and standard cipher lists and certain other checks you will see a warning if testssl.sh internally can tell if one check cannot be performed or will give you inaccurate results. For e.g. single cipher checks (`--each-cipher` and `--cipher-per-proto`) you might end up getting false negatives without a warning.
@ -112,7 +117,7 @@ Please note that the content of `fname` has to be in Unix format. DOS carriage r
`--bugs` does some workarounds for buggy servers like padding for old F5 devices. The option is passed as `-bug` to openssl when needed, see `s_client(1)`. For the socket part testssl.sh tries its best also without that option to cope with broken server implementations (environment preset via `BUGS="-bugs"`)
`--assuming-http` testssl.sh does upfront a protocol detection on the application layer. In cases where for some reasons the usage of HTTP cannot be automatically detected you may want to use this option. It tells testssl.sh not to skip HTTP specific tests and to run the client simulation with browsers. Sometimes also the severity depends on the application protocol, e.g. SHA1 signed certificates, the lack of any SAN matches and some vulnerabilities will be punished harder when checking a web server as opposed to a mail server.
`--assuming-http` testssl.sh does upfront an application protocol detection. In cases where for some reasons the usage of HTTP cannot be automatically detected you may want to use this option. It tells testssl.sh not to skip HTTP specific tests and to run the client simulation with browsers. Sometimes also the severity depends on the application protocol, e.g. SHA1 signed certificates, the lack of any SAN matches and some vulnerabilities will be punished harder when checking a web server as opposed to a mail server.
* `-n, --no-dns` instructs testssl.sh to not do any DNS lookups. This is useful if you either can't or are not willing to perform DNS lookups. The latter applies e.g. to some pentests, the former could e.g. help you to avoid timeouts by DNS lookups. `NODNS=true` has the same effect.
@ -141,7 +146,7 @@ Any single check switch supplied as an argument prevents testssl.sh from doing a
* `Strong grade Ciphers` (AEAD): 'AESGCM:CHACHA20:AESGCM:CamelliaGCM:AESCCM8:AESCCM'
`-p, --protocols` checks TLS/SSL protocols SSLv2, SSLv3, TLS 1.0 - TLS1.2 and for HTTP: SPDY (NPN) and ALPN, a.k.a. HTTP/2
`-p, --protocols` checks TLS/SSL protocols SSLv2, SSLv3, TLS 1.0 - TLS 1.3 and for HTTP: SPDY (NPN) and ALPN, a.k.a. HTTP/2. For TLS 1.3 several drafts (18-23) and TLS 1.3 final are suuported.
`-P, --preference` displays the servers preferences: cipher order, with used openssl client: negotiated protocol and cipher. If there's a cipher order enforced by the server it displays it for each protocol (openssl+sockets). If there's not, it displays instead which ciphers from the server were picked with each protocol (by using openssl only)

105
testssl.sh
View File

@ -6042,6 +6042,38 @@ get_server_certificate() {
local success
local npn_params="" line
if [[ "$1" =~ "-cipher tls1_3" ]]; then
[[ $(has_server_protocol "tls1_3") -eq 1 ]] && return 1
if "$HAS_TLS13"; then
if [[ "$1" =~ "-cipher tls1_3_RSA" ]]; then
$OPENSSL s_client $(s_client_options "$STARTTLS $BUGS -showcerts -connect $NODEIP:$PORT $PROXY $SNI -tls1_3 -tlsextdebug -status -sigalgs PSS+SHA256:PSS+SHA384") </dev/null 2>$ERRFILE >$TMPFILE
elif [[ "$1" =~ "-cipher tls1_3_ECDSA" ]]; then
$OPENSSL s_client $(s_client_options "$STARTTLS $BUGS -showcerts -connect $NODEIP:$PORT $PROXY $SNI -tls1_3 -tlsextdebug -status -sigalgs ECDSA+SHA256:ECDSA+SHA384") </dev/null 2>$ERRFILE >$TMPFILE
else
return 1
fi
sclient_connect_successful $? $TMPFILE || return 1
DETECTED_TLS_VERSION="0304"
extract_certificates "tls1_3"
success=$?
else
if [[ "$1" =~ "-cipher tls1_3_RSA" ]]; then
tls_sockets "04" "$TLS13_CIPHER" "all" "00,12,00,00, 00,05,00,05,01,00,00,00,00, 00,0d,00,10,00,0e,08,04,08,05,08,06,04,01,05,01,06,01,02,01"
elif [[ "$1" =~ "-cipher tls1_3_ECDSA" ]]; then
tls_sockets "04" "$TLS13_CIPHER" "all" "00,12,00,00, 00,05,00,05,01,00,00,00,00, 00,0d,00,0a,00,08,04,03,05,03,06,03,02,03"
else
return 1
fi
success=$?
[[ $success -eq 0 ]] || return 1
cp "$TEMPDIR/$NODEIP.parse_tls_serverhello.txt" $TMPFILE
fi
[[ $success -eq 0 ]] && add_tls_offered tls1_3 yes
extract_new_tls_extensions $TMPFILE
tmpfile_handle $FUNCNAME.txt
return $success
fi
"$HAS_SPDY" && [[ -z "$STARTTLS" ]] && npn_params="-nextprotoneg \"$NPN_PROTOs\""
if [[ -n "$2" ]]; then
@ -6306,6 +6338,7 @@ certificate_transparency() {
local sni=""
local ciphers=""
local hexc n ciph sslver kx auth enc mac export
local extra_extns=""
local -i success
# First check whether signed certificate timestamps (SCT) are included in the
@ -6331,13 +6364,24 @@ certificate_transparency() {
fi
if [[ $number_of_certificates -gt 1 ]] && ! "$SSL_NATIVE"; then
while read hexc n ciph sslver kx auth enc mac export; do
if [[ ${#hexc} -eq 9 ]]; then
ciphers+=", ${hexc:2:2},${hexc:7:2}"
if [[ "$tls_version" == "0304" ]]; then
ciphers=", 13,01, 13,02, 13,03, 13,04, 13,05"
if [[ "$cipher" == "tls1_3_RSA" ]]; then
extra_extns=", 00,0d,00,10,00,0e,08,04,08,05,08,06,04,01,05,01,06,01,02,01"
elif [[ "$cipher" == "tls1_3_ECDSA" ]]; then
extra_extns=", 00,0d,00,0a,00,08,04,03,05,03,06,03,02,03"
else
return 1
fi
done < <($OPENSSL ciphers -V $cipher 2>>$ERRFILE)
else
while read hexc n ciph sslver kx auth enc mac export; do
if [[ ${#hexc} -eq 9 ]]; then
ciphers+=", ${hexc:2:2},${hexc:7:2}"
fi
done < <($OPENSSL ciphers -V $cipher 2>>$ERRFILE)
fi
[[ -z "$sni_used" ]] && sni="$SNI" && SNI=""
tls_sockets "${tls_version:2:2}" "${ciphers:2}" "all" "00,12,00,00"
tls_sockets "${tls_version:2:2}" "${ciphers:2}" "all" "00,12,00,00$extra_extns"
success=$?
[[ -z "$sni_used" ]] && SNI="$sni"
if ( [[ $success -eq 0 ]] || [[ $success -eq 2 ]] ) && \
@ -6527,7 +6571,7 @@ certificate_info() {
case $cert_key_algo in
*RSA*|*rsa*) out "RSA ";;
*DSA*|*dsa*) out "DSA ";;
*ecdsa*|*ecPublicKey) out "ECDSA ";;
*ecdsa*|*ecPublicKey) out "EC ";;
*GOST*|*gost*) out "GOST ";;
*dh*|*DH*) out "DH " ;;
*) pr_fixme "don't know $cert_key_algo " ;;
@ -7128,23 +7172,26 @@ run_server_defaults() {
ciphers_to_test[5]="aECDH"
ciphers_to_test[6]="aECDSA"
ciphers_to_test[7]="aGOST"
ciphers_to_test[8]="tls1_3_RSA"
ciphers_to_test[9]="tls1_3_ECDSA"
certificate_type[1]="RSASig" ; certificate_type[2]="RSAKMK"
certificate_type[3]="DSA"; certificate_type[4]="DH"
certificate_type[5]="ECDH" ; certificate_type[6]="ECDSA"
certificate_type[7]="GOST"
certificate_type[7]="GOST" ; certificate_type[8]="RSASig"
certificate_type[9]="ECDSA"
for (( n=1; n <= 14 ; n++ )); do
for (( n=1; n <= 16 ; n++ )); do
# Some servers use a different certificate if the ClientHello
# specifies TLSv1.1 and doesn't include a server name extension.
# So, for each public key type for which a certificate was found,
# try again, but only with TLSv1.1 and without SNI.
if [[ $n -ge 8 ]]; then
if [[ $n -ge 10 ]]; then
ciphers_to_test[n]=""
[[ ${success[n-7]} -eq 0 ]] && ciphers_to_test[n]="${ciphers_to_test[n-7]}" && certificate_type[n]="${certificate_type[n-7]}"
[[ ${success[n-9]} -eq 0 ]] && ciphers_to_test[n]="${ciphers_to_test[n-9]}" && certificate_type[n]="${certificate_type[n-9]}"
fi
if [[ -n "${ciphers_to_test[n]}" ]] && [[ $(count_ciphers $($OPENSSL ciphers "${ciphers_to_test[n]}" 2>>$ERRFILE)) -ge 1 ]]; then
if [[ $n -ge 8 ]]; then
if [[ -n "${ciphers_to_test[n]}" ]] && ( [[ "${ciphers_to_test[n]}" =~ "tls1_3" ]] || [[ $(count_ciphers $($OPENSSL ciphers "${ciphers_to_test[n]}" 2>>$ERRFILE)) -ge 1 ]] ); then
if [[ $n -ge 10 ]]; then
sni="$SNI"
SNI=""
get_server_certificate "-cipher ${ciphers_to_test[n]}" "tls1_1"
@ -7154,8 +7201,8 @@ run_server_defaults() {
get_server_certificate "-cipher ${ciphers_to_test[n]}"
success[n]=$?
fi
if [[ ${success[n]} -eq 0 ]]; then
[[ $n -ge 8 ]] && [[ ! -e $HOSTCERT.nosni ]] && cp $HOSTCERT $HOSTCERT.nosni
if [[ ${success[n]} -eq 0 ]] && [[ -s "$HOSTCERT" ]]; then
[[ $n -ge 10 ]] && [[ ! -e $HOSTCERT.nosni ]] && cp $HOSTCERT $HOSTCERT.nosni
cp "$TEMPDIR/$NODEIP.get_server_certificate.txt" $TMPFILE
>$ERRFILE
if [[ -z "$sessticket_lifetime_hint" ]]; then
@ -7173,7 +7220,7 @@ run_server_defaults() {
fi
i=$((i + 1))
done
if ! "$match_found" && [[ $n -ge 8 ]] && [[ $certs_found -ne 0 ]]; then
if ! "$match_found" && [[ $n -ge 10 ]] && [[ $certs_found -ne 0 ]]; then
# A new certificate was found using TLSv1.1 without SNI.
# Check to see if the new certificate should be displayed.
# It should be displayed if it is either a match for the
@ -7224,7 +7271,7 @@ run_server_defaults() {
ocsp_response_status[certs_found]=$(grep -a "OCSP Response Status" $TMPFILE)
previous_hostcert[certs_found]=$newhostcert
previous_intermediates[certs_found]=$(cat $TEMPDIR/intermediatecerts.pem)
[[ $n -ge 8 ]] && sni_used[certs_found]="" || sni_used[certs_found]="$SNI"
[[ $n -ge 10 ]] && sni_used[certs_found]="" || sni_used[certs_found]="$SNI"
tls_version[certs_found]="$DETECTED_TLS_VERSION"
previous_hostcert_type[certs_found]=" ${certificate_type[n]}"
else
@ -7358,7 +7405,29 @@ run_server_defaults() {
if [[ -n "$SNI" ]] && [[ $certs_found -ne 0 ]] && [[ ! -e $HOSTCERT.nosni ]]; then
# no cipher suites specified here. We just want the default vhost subject
$OPENSSL s_client $(s_client_options "$STARTTLS $BUGS -connect $NODEIP:$PORT $PROXY $OPTIMAL_PROTO") 2>>$ERRFILE </dev/null | awk '/-----BEGIN/,/-----END/ { print $0 }' >$HOSTCERT.nosni
if ! "$HAS_TLS13" && [[ $(has_server_protocol "tls1_3") -eq 0 ]]; then
sni="$SNI" ; SNI=""
mv $HOSTCERT $HOSTCERT.save
# Send same list of cipher suites as OpenSSL 1.1.1 sends (but with
# all 5 TLSv1.3 ciphers offered.
tls_sockets "04" \
"c0,2c, c0,30, 00,9f, cc,a9, cc,a8, cc,aa, c0,2b, c0,2f,
00,9e, c0,24, c0,28, 00,6b, c0,23, c0,27, 00,67, c0,0a,
c0,14, 00,39, c0,09, c0,13, 00,33, 00,9d, 00,9c, 13,02,
13,03, 13,01, 13,04, 13,05, 00,3d, 00,3c, 00,35, 00,2f,
00,ff" \
"all"
success[0]=$?
if [[ ${success[0]} -eq 0 ]] || [[ ${success[0]} -eq 2 ]]; then
mv $HOSTCERT $HOSTCERT.nosni
else
echo "" > $HOSTCERT.nosni
fi
mv $HOSTCERT.save $HOSTCERT
SNI="$sni"
else
$OPENSSL s_client $(s_client_options "$STARTTLS $BUGS -connect $NODEIP:$PORT $PROXY $OPTIMAL_PROTO") 2>>$ERRFILE </dev/null | awk '/-----BEGIN/,/-----END/ { print $0 }' >$HOSTCERT.nosni
fi
fi
for (( i=1; i <= certs_found; i++ )); do
@ -11179,7 +11248,7 @@ resend_if_hello_retry_request() {
part2=$j+3
len_extn=3*$(hex2dec "${extra_extensions:j:2}${extra_extensions:part2:2}")
if [[ "$extn_type" != "00$KEY_SHARE_EXTN_NR" ]] && [[ "$extn_type" != "002c" ]]; then
j=12+$len_extn
j=11+$len_extn
new_extra_extns+=",${extra_extensions:i:j}"
fi
done