Commit Graph

2989 Commits

Author SHA1 Message Date
Dirk Wetter 613e1d0133
Merge pull request #1216 from dcooper16/add_determine_optimal_sockets_params
Add determine_optimal_sockets_params()
2019-09-24 08:46:49 +02:00
David Cooper 5cebf17287 Add more checks to determine_optimal_sockets_params()
This commit adds some more checks to determine_optimal_sockets_params(). These additional checks will almost never need to be run, and so will not slow down the typical run of testssl.sh, but adding them will provide information that can be useful for other parts of testssl.sh.

These additional checks will only be run if the server does not support TLSv1.3 and a TLSv1.2 ClientHello is not successful. This means that either:
   * The server is not an TLS/SSL enabled server.
   * The server only supports SSLv2.
   * The server supports some protocol in SSLv3 - TLSv1.1, but does not handle version negotiation correctly.

Adding these additional checks helps in at least the following ways.

If determine_optimal_proto() (assuming it is reverted to using OpenSSL) is unable to connect to the server using OpenSSL, it will be possible determine whether the problem is the the server does not support TLS/SSL or that a different version of OpenSSL is needed to test the server.

If the code in #1205 for run_server_preference() is unable to connect when checking for a cipher order, the reason for the failure will be known, making it possible to determine the correct response to the failure.
2019-09-23 15:57:07 -04:00
David Cooper ce9bc79422 Add determine_optimal_sockets_params()
This PR adds a new helper function that is run just prior to determine_optimal_proto() and that determines the what information tls_sockets() should include in a ClientHello.

For a TLSv1.3 ClientHello, determine_optimal_sockets_params() determines whether tls_sockets() should use 0x33 or 0x28 are the extension number for the key_share extension. 0x33 should be used with servers that support RFC 8446 or drafts 23-28. 0x28 should be used with servers that support drafts 18-22.

For a TLSv1.2 ClientHello, determine_optimal_sockets_params() determines what cipher list tls_sockets() should send. For most servers, the list of ciphers in $TLS12_CIPHER works best. But, there are some servers that do not support any ciphers in $TLS12_CIPHER, but do support one or more ciphers in $TLS12_CIPHER_2ND_TRY.
2019-09-23 15:56:08 -04:00
David Cooper 80a725541b Allow TLS12_CIPHER to be changed
In some rare cases a server does not support any of the ciphers in $TLS12_CIPHER, but does support at least one cipher in $TLS12_CIPHER_2ND_TRY. In such cases, TLS12_CIPHER should be changed to $TLS12_CIPHER_2ND_TRY so that subsequent tests using $TLS12_CIPHER will succeed.
2019-09-23 15:54:44 -04:00
Dirk Wetter da2beb48d3
Merge pull request #1330 from dcooper16/more_run_protocol_fixes
More run_protocol() fixes
2019-09-23 20:40:25 +02:00
David Cooper 25d68544ed
More run_protocol() fixes
This PR fixes a few issues with run_protocol():

* In the case that the call to `tls_sockets "03" "$TLS12_CIPHER"` had a return value of 2, the code determining what results to print was looking at `$DETECTED_TLS_VERSION`. However, the value of this variable was set by the later call to `tls_sockets "04" "$tls13_ciphers_to_test"`. This caused incorrect results in the case of a server that supports TLSv1.3 and TLS1.1 (or earlier), but not TLSv1.2. This PR saves the value of `$DETECTED_TLS_VERSION` in `$tls12_detected_version` and then uses this variable later rather than `$DETECTED_TLS_VERSION`.

* When running in debug mode with a server that does not support TLSv1.3, testssl.sh was printing

           TLS 1.3     -- downgradednot offered and downgraded to a weaker protocol"

This PR fixes the output by not printing the "--downgraded"

* As noted in #1329, run_protocols() was treating a downgrade from TLSv1.2 as less bad if the server supports TLSv1.3. This PR changes this code back to treat any downgrade from TLSv1.2 as equally bad.

* In order to be consistent with the TLSv1.3 test, this PR changes the TLS1.2 test output to say "not offered and downgraded to a weaker protocol" if a TLSv1.2 ClientHello results in a downgraded connection.
2019-09-23 11:26:40 -04:00
Dirk Wetter 9e3bcfb2ef
Merge pull request #1329 from dcooper16/fix_run_protocols
Fix run_protocols()
2019-09-21 11:27:01 +02:00
David Cooper 76fb81112b
Fix run_protocols()
This PR fixes a problem in run_protocols() that was introduced by 7ec3c6ab99.

7ec3c6ab99 changes run_protocols() to perform the initial testing for TLSv1.3 support before testing for TLSv1.2 support. The problem with this is that the code for testing TLSv1.3 makes use of the results of the TLSv1.2 testing.

In the current code, Line 5183 looks at the value of $subret to determine whether the TLSv1.2 ClientHello resulted in a successful connection. However, $subet has not yet been set (it has just been initialized to 0 at the beginning of the function). Since $subret will always be 0, the code will try to extract a cipher from $TEMPDIR/$NODEIP.parse_tls_serverhello.txt. This may work, since $TEMPDIR/$NODEIP.parse_tls_serverhello.txt may have been populated by a prior function call, but this is not how the code was intended to work.

This PR fixes the problem by doing the TLSv1.2 testing before the TLSv1.3 testing is done. It still waits until both have been tested, however, before outputting the results, so that the output for TLSv1.2 can be modified depending on whether TLSv1.3 is supported.
2019-09-20 17:37:11 -04:00
Dirk Wetter 1276c6754d
Merge pull request #1326 from drwetter/drwetter-idn-docker
Add idn support to Dockerfile
2019-09-19 09:14:17 +02:00
Dirk Wetter 7818f1acc8
Add idn support 2019-09-19 07:12:59 +00:00
Dirk Wetter 01f73a2249
Merge pull request #1325 from Phylu/patch-1
remove duplicate header name for other_header in file output
2019-09-18 20:42:33 +02:00
Janosch Maier 5e3d8755a1 remove duplicate header name for other_header in file output
The Finding of other_headers such as "Referrer-Policy" during file output are displayed as `$header: $HEADERVALUE` instead of only `$HEADERVALUE` as the good_headers. This leads to duplicate information e.g. in the JSON output file.
2019-09-18 19:36:57 +02:00
Dirk Wetter dcd5acb2af
Merge pull request #1323 from drwetter/protocol_improvements
Protocol improvements
2019-09-18 17:49:36 +02:00
Dirk Wetter 987bf845ad
Merge pull request #1322 from teward/idn-support
Add IDN/punycode support for non-ASCII URIs (#1319, #1320, #1321)
2019-09-18 17:49:13 +02:00
Thomas Ward ac9110549c
Update error message 2019-09-17 18:58:39 -04:00
Thomas Ward 62f504ab49
Add IDN support, if 'idn' executable is available 2019-09-17 18:57:48 -04:00
Dirk Wetter 7ec3c6ab99 Don't penalize TLS 1.2 is not available if TLS 1.3 is supported
... and thus this commit addresses #916.

It does that via a (quite) pre-test which checks for a general availabilty
of TLS 1.3 before the TLS 1.2 protocol test is being run and decides
based on that how a missing TLS 1.2 will be echoed.

Later on the complete TLS 1.3 test will be continued using the results
from the TLS 1.3 pre-test.
2019-09-14 17:56:31 +02:00
Dirk Wetter 231a29cdfd Deprecate TLS 1.0 and TLS 1.1
This commit addresses #1251 and gives a slight warning when still
using those protocols as government standards are or are at least
to expect also to deprecate those protocols. PCI DSS requires not
to use TLS 1.0 anymore and browser vendors supposedly will deprecate
TLS 1.0/1.1 next year.

This is a WIP for testing. It was committed already in May
(22ad490ea7b2868a4fd45862ca0bf8a3d8f24ea6) but somehow it was
lost.

Comments would be appeciated.

Open:
- how to treat non-HTTP protocols
- TLS 1.3 only hosts will mark the absence of TLS 1.2 as
  a medium finding
2019-09-14 10:41:54 +02:00
Dirk Wetter 3e4cd58f7b
Merge pull request #1318 from drwetter/dockerfile.docu
Resort and polish
2019-09-13 10:56:15 +02:00
Dirk Wetter 5767e1496e
Resort and polish 2019-09-13 10:54:18 +02:00
Dirk Wetter e4e3df50eb
Merge pull request #1307 from petegallagher/patch-1
Output files to host when using Docker
2019-09-13 10:42:02 +02:00
Dirk Wetter 96cf81f410
Merge pull request #1317 from drwetter/tls13_only
Better usability for TLS 1.3-only servers
2019-09-12 15:38:29 +02:00
Dirk 9c84129ff4 Better usability for TLS 1.3-only servers
In cases where TLS 1.3 is the only protocol supported by the server (as e.g.
in #1312), testssl.sh has some limits with the supplied binary.

For now (3.0) there's no perfect technical solution. This PR however improves
the verbosity what's going on and recommends to use an openssl binary
supporting TLS 1.3. And if the "secret" variable OSSL_SHORTCUT is set to true,
it automatically chooses that if available (it's a hack to do so and not
recommended. I just did it as a PoC).

In the next development we should consider probing this upfront!

Furthermore this PR removes some unnecessary quotes in double square brackets.
2019-09-12 10:55:32 +02:00
Peter Gallagher 860671ba76
Style change when referencing current directory. 2019-08-29 09:55:31 +01:00
Dirk Wetter 7b4eff3e58
Merge pull request #1309 from drwetter/unittest_json
remove -p from json unit test
2019-08-19 20:52:31 +02:00
Dirk Wetter 71e561ceba
Merge pull request #1308 from drwetter/binchar_fix
Binary string washer (0x00 bytes) (probably) after completed ClientHello
2019-08-19 20:51:21 +02:00
Dirk Wetter 5874a722d8 Binary string washer (0x00 bytes) (probably) after completed ClientHello
This commit proactively tries to address cases where the server side
    adds Null Bytes after or during ClientHello in cases where it should be text only.

    Now VAR2=$(< $VAR1) is being replaced by VAR2=$(cat -v $VAR1) which is normally
    not best practice and also considered a useless use of "cat", see
    https://web.archive.org/web/20160711205930/http://porkmail.org/era/unix/award.html#uucaletter.

    Especially with bash 3.2 (Mac OS X) AND when on the server side binary chars it
    was reported to not work ok, see #1292.

    Performance measurements showed no to barely measureable penalty (at max 1s displayed difference
    in 9 tries).
2019-08-19 20:51:45 +02:00
Peter Gallagher d471d7fdf3
Output files to host when using Docker
Provides an example of how to create output files in the host filesystem when using Docker.
2019-08-14 16:50:29 +01:00
Dirk Wetter 520fda64f0 remove -p from json unit test 2019-08-12 12:38:47 +02:00
Dirk Wetter 92654b2899
Merge pull request #1306 from drwetter/unittest_json
Fixes for travis
2019-08-12 12:31:46 +02:00
Dirk Wetter 874932774e Fixes for travis
Travis updated the container images so that the perl
reference to 5.18 was outdated. We use now 5.26 which
works, however we should consider to be more flexible.

JSON::Validator didn't compile in the container. Thus
we switched to just use 'JSON'. That also supports JSON
pretty. For the future we should just test for valid JSON
in all unit test files as it is more effective.
2019-08-12 12:25:54 +02:00
Dirk Wetter ddd9d76d3b try to fix travis 2019-08-09 21:08:48 +02:00
Dirk Wetter 251071081e
Merge pull request #1305 from drwetter/renego_fixes
Add CVE for Secure Client-Initiated Renegotiation vulnerability
2019-08-09 19:46:51 +02:00
Dirk Wetter fc1206cfea Add CVE for Secure Client-Initiated Renegotiation vulnerability 2019-08-09 19:44:03 +02:00
Dirk Wetter 5fed82f4c2
Merge pull request #1304 from drwetter/renego_fixes
Fix misleading CVE in Secure Renegotiation
2019-08-09 19:38:56 +02:00
Dirk Wetter 95a7b70765 Fix misleading CVE in Secure Renegotiation
For some reason CVE-2009-3555 ended up in Secure Renegotiation,
whereas CVE-2009-3555 is in fact the Insecure Client-Side Renegotiation
vulnerability with the MiTM problem <= OpenSSl 0.9.8k.

This fixes that (see also #1086 and #933, #907) by removing the CVE #
from the output. Also tyhe output was changed for Secure Renegotiation
into supported/not vulnerable vs. Not supported / VULNERABLE

Some comments were added.
2019-08-09 19:35:11 +02:00
Dirk Wetter e25a80263f ignore perl version for travis 2019-08-08 21:19:43 +02:00
Dirk Wetter f3230a870c
Merge pull request #1303 from drwetter/contributing
Fix stale links
2019-08-08 21:11:28 +02:00
Dirk Wetter 3a1025f886 Fix stale links 2019-08-08 21:10:07 +02:00
Dirk 65e5d58793 Fix travis 2019-08-08 20:59:13 +02:00
Dirk Wetter 49fc218424
Merge pull request #1302 from drwetter/contributing
Add CONTRIBUTING.md, docker changes in Readme.md
2019-08-08 18:36:11 +02:00
Dirk Wetter 642cfe46dd Add CONTRIBUTING.md, docker changes in Readme.md
.. also reviewed https://github.com/drwetter/testssl.sh/wiki/Coding-Style
2019-08-08 18:34:14 +02:00
Dirk Wetter 7468776656
Merge pull request #1299 from drwetter/psql_mysql_fix 2019-08-06 20:13:15 +02:00
Dirk Wetter 42f2b83a92 Improvements for MySQL via STARTTLS
* labeling is just "experimental"
* use similar functions as in psql
* faster
2019-08-06 20:04:19 +02:00
Dirk Wetter 75a0f14bff Fix message 'tr : command not found' when debugging in determine_sizelimitbug() 2019-08-06 19:06:23 +02:00
Dirk Wetter 206c80aed5 Fix for STARTTLS+socket of postgresql
As noted in #1249 STARTTLS with sockets doesn't
work.

This commit fixes that by correcting the STARTTLS
handshake for postgresql. It has to be send via
sockets instead of echo. The server side then will
respond with "S" when STARTTLS is supported. For this
starttls_io() was slightly modified so that also
an input (from the server perspective) is not necessary.

It's fast too
2019-08-06 18:49:31 +02:00
Dirk Wetter 00d39693f3
Merge pull request #1295 from pihug12/3.0
Fix "make-openssl111.sh"
2019-07-10 10:15:44 +02:00
pihug12 dbacbe7912 Fix "make-openssl111.sh" 2019-07-10 08:54:55 +02:00
Dirk Wetter f405991b8c
Merge pull request #1293 from drwetter/alpha_unittest_self
Enable more tests, change to newer JSON scheme
2019-07-09 22:51:51 +02:00
Dirk c335ded6d3 Enable more tests, change to newer JSON scheme 2019-07-09 22:49:12 +02:00