Commit Graph

2489 Commits

Author SHA1 Message Date
David Cooper
6536c21bec TLSv1.3 draft 24
This commit adds support for TLSv1.3 draft 24. The only change between draft 23 and draft 24 is that draft 24 requires the version number of the record layer to be "0303" for a second ClientHello, whereas draft 23 allowed the version number for both the initial and second ClientHello to be "0301".

The current text reads:

   legacy_record_version  This value MUST be set to 0x0303 for all
      records generated by a TLS 1.3 implementation other than an
      initial ClientHello (i.e., one not generated after a
      HelloRetryRequest), where it MAY also be 0x0301 for compatibility
      purposes.
2018-02-15 14:29:17 -05:00
David Cooper
41839ab221
Bugfix for extra extensions
If extra extensions are provided to socksend_tls_clienthello(), the socksend_tls_clienthello() needs to determine what extensions were provided so that it doesn't add any of these extensions a second time. The code that was looping through the extra extensions to get the extension IDs was using the value for the length of the string. This commit fixes the error.
2018-02-15 14:13:04 -05:00
Dirk
e564783fec Addding private CAs
As per @krissi's suggestion this is a smart addition to add privat CAs
to all certificate stores -- during runtime only. The switch --add-ca or
--add-CA expects an argument of one additional CA file or a comma separated
lists of them. The enviroment file ADDITIONAL_CA_FILES can be used
alternatively.

This fixes eventually #230.
2018-02-15 19:28:22 +01:00
Dirk
ba8d613aa5 Add documentation about the current and corrected exit codes 2018-02-14 23:40:08 +01:00
Dirk
a0dabf9acf cleaned up exit codes for error cases
For recognising error conditions during run any testssl.sh run, the program
returns 0 if all checks have been performed successfully and unambiguously. 1
is returned per error or unambiguous condition and per IP. E.g. ./testssl.sh
--ssl-native testssl.net with two IP addresses returns 2 as each client
simulation gets a "1" (ssl-native returns currently wrong results here).

This fixes #986.

A kind of vulnerability scoring for monitoring tools or CI will be done
later separately, see #985 and #327.
2018-02-14 23:15:29 +01:00
Dirk
17e6802fb4 return codes for all vulnerabilities, #986 2018-02-14 22:59:17 +01:00
Dirk
79427e3040 jsonID, code housekeeping, some CWEs added, split time
As before (see #971) and as indicated (#970) some minor
changed to the jsonID have been taking place. Some
redundant verbosity has been eliminated, some IDs
changed the name.

For HTTP2 you should now ALPN_HTTP2.

Some obvious CWEs were added in the JSON section.
ke for null cipher list, information leakage in
the http headers. There's probably space for improvements.

A few early time marks were added to debug time spend.
2018-02-14 17:21:48 +01:00
Dirk Wetter
7b5a7579d7
Merge pull request #991 from dcooper16/fix990
Fix #990
2018-02-14 11:28:51 +01:00
David Cooper
4ba52f3a99
Fix #990
Some servers will respond with an alert to a ClientHello that does not indicate support for secure renegotiation, which may be signaled through either an extension or the 0x00,0xff "cipher suite." In some cases testssl.sh calls tls_sockets() without including "00,ff" in the list of cipher suites, which results in some servers rejecting a ClientHello that would otherwise result in a successful connection.

This PR fixes the problem by adding "00,ff" to any ClientHello where it was previously missing, with one exception. If a TLSv1.3 ClientHello is being sent and only TLSv1.3 ciphers are listed, then the "00,ff" cipher suite is not added.
2018-02-13 11:55:24 -05:00
Dirk
3633704fa5 remove extra spaces as suggested by #989
but leave the HERE document as it is...
2018-02-13 16:55:57 +01:00
Dirk
a2156904eb fix h2 reward for ALPN in JSON output (#988) 2018-02-13 16:50:35 +01:00
Dirk
59c5c95efe try to address #928 2018-02-13 16:32:28 +01:00
Dirk
fb844e8510 address #986 for do_header() + some code housekeeping 2018-02-12 12:50:06 +01:00
Dirk
619dabdb38 fix borken case statement, ((ret++) doesn't seem to work 2018-02-11 14:04:45 +01:00
Dirk
5862a90319 mind certificate_info() result from previous commit 2018-02-11 13:57:26 +01:00
Dirk
f4918c8fd3 further address #986
Error codes now done until run_server_defaults(). Previous
sections modified so that execution errors are added.

Modified in compare_server_name_to_cert() ret --> subret.
From the code perspective a clear distinction between
passing an error code and a functional return code
would be great. Still has to be determined whether it
maybe better to rename ret into something different.

Removed a stale code line in run_server_preference() for STARTTLS.
2018-02-11 13:43:35 +01:00
Dirk
b6d4a7d4cd adress #986 for PFS, cipherlists, GREASE 2018-02-09 20:24:59 +01:00
Dirk
cdced650bf try to address #769, first fix for return values (protocol section)
Following the recommendation from @dcooper16 this commit is addressing
a situation when the scan couldn't finish for external reasons and as
a consequence left a non-valid JSON file behind.

It also starts addressing #986 so that the protcol section only returns
a non-zero value if a check coundn't be performed or gave results which
weren't clear.

It also fixes a typo where in the TLS 1.3 check a status from the TLS 1.2
check was not correctly interpreted (TLS 1.2 not offered).
2018-02-09 19:42:40 +01:00
Dirk
d1f0380173 add coreutils to provide full date command 2018-02-08 21:50:20 +01:00
Dirk
46fa94fa33 Merge branch '2.9dev' of github.com:drwetter/testssl.sh into 2.9dev 2018-02-08 21:15:12 +01:00
Dirk
cbe38cc4bb convert Dockerfile to alpine linux 2018-02-08 21:06:19 +01:00
Dirk Wetter
38f0aa04b3
Merge pull request #984 from dcooper16/fix983
Fix #983
2018-02-08 18:24:41 +01:00
Dirk
8930fe7fb3 add a imssing blank between Access-Control-Allow-Origin Upgrade X-Served-By Referrer-Policy X-UA-Compatible and their value 2018-02-08 18:20:24 +01:00
David Cooper
3084f241af Fix #983
This commit fixes #983 by ensuring that the line printed just before calling "return" prints a newline character. It also fixes the problem that no output is sent to the JSON/CSV file in some cases in which no fallback is possible since the server does not support two different protocols below TLSv1.3.
2018-02-08 12:02:02 -05:00
Dirk
7bf070b016 Changes in NPN+ALPN, internal improvements for all *_done_* calls
In order to be more consistent with the other output functions having
"svrty" in their name, *_done_best and *_done_good were changed to
*_svrty_best and *_svrty_good.

run_spdy/run_http2 were renamed to run_npn and run_alpn as this is
what is actually being tested. Also the terminal and file output
is now reflecting this.

Also #980 was fixed in a sense that (only) for ALPN the protocol
h2 will get a "good". There will be an additional CSV/JSON line
for this.
2018-02-08 14:02:24 +01:00
Dirk Wetter
eb6f9788f6
Merge pull request #982 from dcooper16/fix_981
Fix #981
2018-02-08 11:39:10 +01:00
David Cooper
39990f5ace Fix #981
This commit fixes #981 by using a while loop instead of a for loop to check each DNS name in the SAN extension, copying the syntax used in certificate_info() to display all of the SANs.
2018-02-07 13:18:43 -05:00
Dirk
364011b6ca add missing space for RC4 screen output 2018-02-05 18:56:33 +01:00
Dirk
3cfe3ab87e polish #977 -> re-add commas in screen/html output (not JSON/CSV) 2018-02-05 13:27:25 +01:00
Dirk Wetter
8289e8ba88
Merge pull request #978 from dcooper16/hostcert_txt
Fix HOSTCERT_TXT
2018-02-03 10:22:28 +01:00
David Cooper
8bf21d90e2
Save all server certificates for debugging
This commit adds code to run_server_defaults() so that in debug mode all of the server's certificates are saved in $TMPDIR in both PEM-encoded format and pretty-print text format.
2018-02-02 15:31:49 -05:00
David Cooper
3bee522a4c
Fix HOSTCERT_TXT
testssl.sh was recently changed to store the text printout of the host's certificate in a file, $HOSTCERT_TXT, and then use this file in some places rather than calling "$OPENSSL x509 -in $HOSTCERT -text -noout". There was a problem, however, in cases in which the server had more than one certificate (including cases in which the server returned an unrelated certificate when sent a ClientHello w/o SNI), since the contents of $HOSTCERT_TXT was not always being updated whenever $HOSTCERT changed.

This commit fixes that problem by replacing the previous solution with a less ambitious one. In this version, the global variable is eliminated and instead run_server_defaults() stores a text version of each certificate it finds in an array. This value is then passed to certificate_transparency() and certificate_info() for use. It is also passed from certificate_info() to must_staple().
2018-02-02 10:26:27 -05:00
Dirk Wetter
46539d4adf
Merge pull request #977 from AresS31/2.9dev
Remove CVEs commas for better consistency
2018-02-02 12:54:55 +01:00
Alexandre Teyar
195fcf09ad Remove CVE commas for consistency 2018-02-02 11:50:45 +00:00
Dirk Wetter
e4d3ccc725
Merge pull request #975 from dcooper16/determine_trust_ossl111
Fix determine_trust() for OpenSSL 1.1.1
2018-02-02 12:43:22 +01:00
Alexandre Teyar
530710f65f Add CVE commas for consistency 2018-02-02 02:04:31 +00:00
David Cooper
f839aab044
Fix determine_trust() for OpenSSL 1.1.1
determine_trust() uses the output of "$OPENSSL verify" to determine whether OpenSSL can construct a valid certification path for the server's certificate. If it does not find a string of the form "error [1-9][0-9]? at [0-9]+ depth lookup:" in the output, then it assumes that validation was successful. In current versions of OpenSSL, when this error is created it is printed to stdout, but in OpenSSL 1.1.1 is it printed to stderr. Since testssl.sh only checks the output sent to stdout, it incorrectly treats all certificates as valid if OpenSSL 1.1.1 is used.

This commit fixes the problem by checking the text that is sent to both stdout and stderr.

This commit also fixes a typo in the call to "$OPENSSL verify" which resulted in the environment variables SSL_CERT_DIR and SSL_CERT_FILE not being set to "/dev/null".
2018-02-01 16:51:12 -05:00
Dirk
7585ab60e5 fix Travis CI 2018-01-31 21:44:33 +01:00
Dirk
20d33da11b unifying output for missing must_staple xt and CT 2018-01-31 20:38:40 +01:00
Dirk
d2d62a9c55 jsonID changed (server defaults), host certificate in JSON, HOSTCERT_TXT
In ``must_staple()`` and ``certificate_info()``  were the jsonIDs
changed to OpenSSLi / IETF names so that testssl.sh is more compliant
to the rest of the world. There might be still space for improvements
are far as common naming scheme is concerned.

The host certificate is now being delivered in JSON and CSV. For
further usage " " needs to be converted back to linefeeds.

Certificate Expiration was renamed to Certificate Validity.

The order of outputting the certificate serial and SHA1 fingerprint
has been swapped.

Also ``certificate_info()`` makes more use of HOSTCERT_TXT.
2018-01-31 20:01:12 +01:00
Dirk
656016eae4 Changes to outputs: certificate start+end time, CRL+OCSP
For certificate start+end time it is now displaying the
time on UTC and without mentioning the timezone twice.

Also if neither CRL nor OCSP URI is provided it'll appear
on the screen below those two checks. JSON/CSV has then an
additional finding
2018-01-31 17:23:50 +01:00
Dirk
02b5497864 remove string GMT from certificate start+end time 2018-01-29 23:54:22 +01:00
Dirk
01f7612bd0 add keys to server defaults, cert start/end time in GMT 2018-01-29 23:43:25 +01:00
Dirk
6d0123d33c changes + bug fix for certificate expiration time
This PR fixes one minor bug where the start and end time were
displayed in different time formats.

It now displays both time values in GMT.
2018-01-29 23:12:15 +01:00
Dirk
d7a1236e9b Merge branch '2.9dev' of github.com:drwetter/testssl.sh into 2.9dev 2018-01-29 20:06:31 +01:00
Dirk
88cd5528e7 HOSTCERT_TXT populated, certificate end+startdate in JSON
HOSTCERT_TXT is now generated each time a HOSTCERT is
written. For now it is just being used in ``read_sigalg_from_file()``.
More to come.

Also in JSON output the start date and end date of the certificate
are now in separate objects. (the time format could need some polishing though).
2018-01-29 20:03:00 +01:00
Dirk
659a6176b6 Add TLS 1.3, better explanation for -6 2018-01-28 12:47:05 +01:00
Dirk Wetter
4cb43733d6
Merge pull request #973 from dcooper16/tls13_run_server_defaults
Add TLSv1.3 support for run_server_defaults()
2018-01-27 10:30:44 +01:00
Dirk Wetter
52feb4f578
Merge pull request #972 from dcooper16/fix_HRR
Fix HelloRetryRequest
2018-01-27 10:18:40 +01:00
Dirk Wetter
018af9972f
Merge pull request #974 from dcooper16/relabel_ec_bits
Label elliptic curve public keys as "EC"
2018-01-27 10:16:58 +01:00