Commit Graph

3868 Commits

Author SHA1 Message Date
Dirk Wetter 1758d18672 Merge pull request #842 from dcooper16/tls13_part1
Initial support for TLSv1.3
2017-10-09 14:53:32 +02:00
Dirk 6f896a057b add missing \n for html output 2017-10-08 22:03:29 +02:00
Dirk e8e4609495 function safe_echo
In order to santize input better there's a fucntion
now which does the work . ``safe_echo()``.

It is actually the same as ``tml_out()`` but is a bit snappier.
2017-10-08 21:40:28 +02:00
David Cooper fd1f4b3b43 Add TLSv1.3 ciphers
This commit adds the 5 TLSv1.3 ciphers to the list.
2017-10-06 10:05:18 -04:00
David Cooper 968b37e5fe Initial support for TLSv1.3
This PR adds initial support for TLSv1.3 to tls_sockets() and for run_client_simulation(). It does not change any of the other functions test TLSv1.3. So, with the exception of run_client_simulation(), the functionality added by this PR can only be tested using the --devel option.

This PR does not include the ability to decrypt the encrypted portions of the server's response. So, it does not support functions that need to see such things as the server's certificate, status information, or extensions (other than key share).
2017-10-06 10:05:18 -04:00
David Cooper c690d355af has_server_protocol() fixes
This PR fixes the use of has_server_protocol() in two places.

Currently std_ciphersuites() only tries SSLv2 if the server is known to support SSLv2. This changes it to try SSLv2 unless the server is known to not support SSLv2.

In run_beast(), tests against the server are run to determine support for TLSv1.2, TLSv1.1, TLSv1, and SSLv3 unless the server is known to support that protocol (i.e., even if has_server_protocol() reports that the server does not support the protocol). This changes it so that a test is only performed against the server if has_server_protocol() reports that it doesn't know whether the protocol is supported.
2017-10-06 09:56:11 -04:00
Dirk Wetter 833f724689 Merge pull request #843 from dcooper16/client_sim_data_error
Fix incorrect client simulation data
2017-10-04 13:05:32 +02:00
David Cooper 555ce31ab8 Fix incorrect client simulation data
In the data provided by https://api.dev.ssllabs.com/api/v3/getClients, Chrome 57 Win 7 and Firefox 53 Win 7 send ClientHellos that indicate support for TLSv1.3 draft 18, but the highest_protocol for each of these is specified as 0x0303. The result is that if the server being tested supports TLSV1.3 draft 18, `run_client_simulation()` will incorrectly report "No connection" for these servers since the DETECTED_TLS_VERSION (0x0304) will be higher than the specified highest_protocol.

This PR fixes the problem by changing the highest_protocol to 0x0304. Note that another solution to this problem would be to change the ClientHello messages for these two browsers. It is my understanding that TLSv1.3 is disabled by default for these browsers, so presumably the ClientHello messages would not specify TLSv1.3 support if they were configured with TLSv1.3 support disabled.
2017-10-03 16:34:56 -04:00
Dirk Wetter f1efe6b7ba Merge pull request #833 from dcooper16/no_ossl_config
Suppress config file warning
2017-10-03 11:14:52 +02:00
David Cooper dd2e17ac18 Suppress config file warning
This may not be specific to LibreSSL, but just my local setup. However, when I test using LibreSSL testssl.sh still prints the following message several times:

     WARNING: can't open config file: /usr/local/etc/ssl/openssl.cnf

This PR suppresses the error message for several calls to $OPENSSL and so fixes the problem.
2017-10-02 09:54:07 -04:00
Dirk d5e03299e5 Merge branch '2.9dev' of github.com:drwetter/testssl.sh into 2.9dev 2017-10-02 15:19:40 +02:00
Dirk 12c47d1912 FIX #401, first part 2017-10-02 15:18:31 +02:00
Dirk 5b294618c0 first part of #371 2017-10-02 15:11:58 +02:00
Dirk 59d4a9fa65 fix borken conflict resolving editing 2017-10-02 14:58:30 +02:00
Dirk 411accb66d manually resolved conflict from #839 + change it to new logic 2017-10-02 14:55:57 +02:00
Dirk f3dc53f554 Complete $PROTOS_OFFERED / has_server_protocol(), FIX #759
The logic is complete now, so that if a protocol has been detected as
    supported or not supported it will save a few cycles not to test
    this protocol again.

    There's probably -- also besides #839 space for improvements. The
    advantage of this solution is that ``has_server_protocol()`` also
    marks a protocol as tested if the result of the test is negative.
2017-10-02 13:48:55 +02:00
Dirk Wetter 36236b6def Merge pull request #838 from dcooper16/remove_extra_space
Remove extra space in BEAST output
2017-09-28 09:12:37 +02:00
David Cooper 87fe0c15da Remove extra space in BEAST output
testssl.sh was inserting two spaces between the CBC ciphers detected by OpenSSL and those detected to tls_sockets(). This PR fixes the problem.
2017-09-27 13:21:48 -04:00
Dirk af94d46232 minor additions wrt LibreSSL and OpenBSD 2017-09-27 09:26:36 +02:00
Dirk e32479818d mentioning BiGIP cookies and MongoDB 2017-09-27 09:25:22 +02:00
Dirk Wetter ce0a00be37 reordered features 2017-09-27 09:07:21 +02:00
Dirk Wetter fa5700644b Merge pull request #837 from sdann/mongodb_detection
Add support for MongoDB service detection
2017-09-27 08:37:58 +02:00
Steven Danneman ee0ba18995 Add support for MongoDB service detection
MongoDB listens on port 27017 and will respond to a direct TLS
ClientHello without the need for STARTTLS. Thus, testssl.sh already
mostly works to scan a MongoDB server.

The problem is that MongoDB will also reply to an HTTP GET request with
a mocked up HTTP response, which was tricking the tool into believing it
was dealing with an HTTP server. The response looks like this:

---
HTTP/1.0 200 OK
Connection: close
Content-Type: text/plain
Content-Length: 84

It looks like you are trying to access MongoDB over HTTP on the native
driver port.
---

Thus, the detection algorith must first look for HTTP, then dig deeper
into the body looking for "MongoDB".

The tool output now says:

Service detected:       MongoDB, thus skipping HTTP specific checks
2017-09-26 15:57:28 -07:00
Dirk Wetter 5a6646ca98 f5 cookie 2017-09-25 22:07:40 +02:00
Dirk Wetter 2c76025ade Merge pull request #836 from drwetter/bigip
F5 cookie detection
2017-09-25 20:02:03 +02:00
Dirk dbab397645 finalized work on integrating my f5 cookie decoder
see https://github.com/drwetter/F5-BIGIP-Decoder
2017-09-25 19:51:10 +02:00
Dirk f6cf96d916 polish help for -g option 2017-09-23 12:54:44 +02:00
Dirk 68509694d4 NO_ENGINE (#834) and GREASE (#814) 2017-09-23 11:55:09 +02:00
Dirk 4523eea398 More LibreSSL patches
As dcooper16 noted in #834 there are checks which test for openssl versions
but don't take LibreSSL in account. This adds checks to it for several
LibreSSL versions (>=2.1.x) which are known to support ``determine_trust()``
and it HAS_DH_BITS.

Moreover engine check has been improved. Older LibreSSL versions (2.1 specifically)
had different error messages, so the previous checks failed. There's also
a CMD_LINE flag now where one can switch the engine support off: NO_ENGINE .

run_renogo from #834 is still an open issue.
2017-09-23 11:34:37 +02:00
Dirk 695d02157a FIX #829 (OpenBSD fixes)
All three issues fixed. Terminal code were actually
tow problems: Logging in from Linux with a 256 color xterm
makes tput set AF from  OpenBSD hiccup. And the detection
of not-ncurses style underline e.g. was not working under OpenBSD.

The engine fix was done by David Cooper (see #831).

There's also a name of the binary now (OpenSSL/LibreSSL) for tracking
the flavor used.
2017-09-22 18:48:38 +02:00
Dirk d3c3d65e1f wording client simulation 2017-09-22 10:32:28 +02:00
Dirk 3abbddbad7 F5 cookie detection works for testcases. Output needs to be worked on 2017-09-21 10:19:47 +02:00
Dirk Wetter 3e69304e6d Merge pull request #828 from dcooper16/correct_typos
Correct typos
2017-09-20 20:06:59 +02:00
David Cooper a6f7121d25 Correct typos 2017-09-20 12:10:29 -04:00
Dirk a330fafb3b regression fix: output for CVE-2015-3197 was missing in DROWN 2017-09-20 17:22:54 +02:00
Dirk 84c112561b workaround due to problem with blanks in $SWURL
SWURL contained for historical reasons trailing blanks
for released versions.
This caused an error in pr_boldurl --> html_out which
didn't write the trailing style info and didn't close
the href tag (travis complained.)

This patch removes the trailing blank but it doesn't
fix the error.
2017-09-20 10:56:33 +02:00
Dirk 02f4f1bae1 reflect GREASE commit by David 2017-09-19 17:34:22 +02:00
Dirk Wetter 55db191a2d Merge pull request #814 from dcooper16/grease
GREASE
2017-09-19 17:24:00 +02:00
David Cooper 49a4133979 GREASE
This is an initial implementation of the idea I proposed in #791. It includes checks based on draft-ietf-tls-grease as well as checks for specific implementation bugs that have previously been encountered.

This code needs testing. While I know of one server that will fail if the ClientHello contains more than 128 ciphers, I haven't been able to test any of the other code against any servers that have the tested-for bugs.

In addition, there is a need for polishing. The tests are referred to as `--grease`, which may not be a very user-friendly name. In addition, there is no output providing information about what tests are being performed. If a server fails a test, then a warning message is printed and is sent to `fileout()`. If the server passes all of the tests, then there is just a single output of "No bugs found."

At the moment, the code is not run by default. Unless `-g` or `--grease` is explicitly included in the command line, the code in this commit is not executed.
2017-09-19 09:18:46 -04:00
Dirk b9b09f586e added MS CA store, see #825
Finally complete, thx @naumanshah03
2017-09-19 15:15:54 +02:00
Dirk Wetter f48deaaa9d Update README.md 2017-09-19 14:50:08 +02:00
Dirk 4972cda2af FIX #762 (replace which by 'type -p') 2017-09-19 00:08:33 +02:00
Dirk 1c10ad0124 remove echoing ~ /usr/bin/timeout 2017-09-18 23:38:06 +02:00
Dirk b222fe8f53 Merge branch '2.9dev' of github.com:drwetter/testssl.sh into 2.9dev 2017-09-18 23:34:12 +02:00
Dirk Wetter 95af735862 Update README.md 2017-09-18 23:33:25 +02:00
Dirk Wetter 3caa73c1b8 Update README.md 2017-09-18 23:32:35 +02:00
Dirk bd55830a7e FIX #823, for jabber try PTR record first or fail 2017-09-18 23:25:07 +02:00
Dirk f014a1853b missing update from 985c845486 2017-09-18 23:01:37 +02:00
Dirk Wetter 7294df927f Merge pull request #677 from dcooper16/no_sni
Just get non-SNI certificate once
2017-09-18 21:14:34 +02:00
David Cooper 34fa8fc98e Just get non-SNI certificate once
Currently the call to `$OPENSSL s_client` to obtain the certificate returned by the server when SNI is not provided is in `certificate_info()`, which means that it is called once for each certificate found the various called to `get_server_certificates()`.

This PR moves the call to `$OPENSSL s_client` to `run_server_defaults()` so that the call is made only once, even if more than one server certificate was found.

In addition, in most cases the certificate returned by the server when SNI is not provided will already have been retrieved by `run_server_defaults()` (in rounds 8-14), in which case `$HOSTCERT.nosni` can just be copied from there rather than making an additional call to `$OPENSSL s_client`.
2017-09-18 13:31:38 -04:00