Commit Graph

3155 Commits

Author SHA1 Message Date
Dirk Wetter
c228b578dd Remove --warnings=false from documenation
... and reorder manpages also so that --warnings, --connect-timeout
and --openssl-timeout appear in the "input parameter" section.

The HTML manpage looks in the diff view quite different as previously
another computer was used for converting the source format with ronn(1).

The manpage in (g)roff format was manually edited with .RE / .RS
for provide indented bulletpoints.

See also #1419
2020-01-08 14:24:41 +01:00
Dirk Wetter
25913cfa4f
Merge pull request #1426 from drwetter/fix_1425
Fix bits errors in OpenBSDs
2020-01-08 11:43:07 +01:00
Dirk Wetter
35e6adccc4 Fix bits errors in OpenBSDs
The expression 'grep -aw "Public-Key:"' hiccuped on the colon
under OpenBSD, so that any bitsize on a certificate had wrong
values, see #1425. (FreeBSD was fine)

This PR fixes that. It updates the expression by using awk and
bash internal functions.

The same problem occured in run_robot(). The strong typing of
pubkeybits had to be relaxed to a dynamic typing, unless we
choose to define a second string variable.
2020-01-08 10:56:45 +01:00
Dirk Wetter
1fa0094b3b
Merge pull request #1423 from fbacchella/3.0
cert_validityPeriod is wrong.
2020-01-04 10:41:47 +01:00
Fabrice Bacchella
0e5376042b cert_validityPeriod is wrong. 2020-01-03 16:30:40 +01:00
Dirk Wetter
1bc50bb7d3
Merge pull request #1421 from drwetter/fix_1418
Fix s_client capability test for LLMNR, add HAS_PKEY
2020-01-02 17:21:48 +01:00
Dirk Wetter
f99959a228
Merge pull request #1420 from vitaliytv/patch-2
Dockerfile: Alpine 3.11
2020-01-02 17:03:11 +01:00
Dirk Wetter
accdb3d4f6 Fix s_client capability tet for LLMNR, add HAS_PKEY
As noted in #1418 LLMNR (Link-Local Multicast Name Resolution)
resolution times out when using x as an argument to "-connect".

This commit fixes that by replacing "-connect x" by "-connect invalid."
which is supposedly also generally more "DNS query friendly", see
https://tools.ietf.org/html/rfc6761#section-6.4 .

In addition this commit adds a check in get_common_prime() whether
the openssl version used has pkey support. If not with old openssl
versions and previously testssl.sh terminated after presenting garbledoutput.
(This was found as tested how very old version of openssl versions
handle "-connect invalid.")
2020-01-02 16:16:54 +01:00
Vitalii Tverdokhlib
fbc2661fbe
Dockerfile: Alpine 3.11 2020-01-02 13:52:30 +02:00
Dirk Wetter
45683f3452
Merge pull request #1378 from dcooper16/unsupported_ossl_protocols
Don't call s_client for unsupported protocol versions
2020-01-02 12:12:43 +01:00
David Cooper
7c1b8139b2 Minor tweak to run_tls_fallback_scsv()
If the server is known not to support TLS 1.3 (as well as TLS 1.2, TLS 1.1, and TLS 1), then mention TLS 1.3 in the list of not supported protocols. While lack of TLS 1.3 support is not part of the reason that no fallback is possible, it is part of the reason that the result is reported as prln_svrty_high.
2019-12-27 09:33:08 -05:00
David Cooper
a0b2fb5d56 Minor tweak to run_tls_fallback_scsv()
Don't report "OK" if the server may be TLS 1.3-only or SSLv3-only, as one is very good and one is very bad.
2019-12-27 09:33:08 -05:00
David Cooper
3f25bcc6d4 Minor tweaks to run_tls_fallback_scsv() 2019-12-27 09:33:08 -05:00
David Cooper
e457ff8cc1 Improve check for $low_proto in run_tls_fallback_scsv()
If $high_proto is set to something other than SSLv3, support for SSLv3 will not have been determined by determine_optimal_sockets_params(), but it may have been determined later (e.g., by run_protocols()). So, this commit changes the loop to always check for SSLv3 support (without calling "$OPENSSL s_client" if $HAS_SSL3 is false). The check for whether the fallback test can be performed is moved until after the loop
2019-12-27 09:33:08 -05:00
David Cooper
00f613f62d WIP: Don't call s_client for unsupported protocol versions
This PR fixes a couple of places where "$OPENSSL s_client" is called with "-ssl3" even if SSLv3 is not supported.

The fix in ciphers_by_strength() is easy, as the issue only occurs if "$using_sockets" is true. If SSLv3 (or TLSv1.3) is not supported, then testing using "$OPENSSL s_client" is skipped and all of the supported ciphers are found using tls_sockets().

The fix for run_tls_fallback_scsv() is more complicated. While it is easy to avoid calling "$OPENSSL s_client" with "-ssl3" if SSLv3 is not supported, it is not easy to determine the correct message to present to the user if support for SSLv3 (and possibly also TLSv1.3) is unknown.

For the case in which $high_proto cannot be set, I believe that I have covered all of the possibilities, but an not sure if the correct message/rating is used in every case.

For the case in which it is not possible to determine whether SSLv3 is the $low_proto, more could be done. If $high_proto is TLS 1.1 or TLS 1, then this PR is okay, as it is possible that SSLv3 would be the fallback protocol, but there is no way to tell. However, it seems unlikely that a server would support TLS 1.2 and SSLv3, but not TLS 1.1 or TLS 1. So, perhaps if $high_proto is TLS 1.2 and the server does not support TLS 1.1 or TLS 1, it should just be assumed that SSLv3 is not supported, even if it cannot be tested.
2019-12-27 09:33:08 -05:00
Dirk Wetter
fa5bb18d15
Merge pull request #1416 from drwetter/cipher-categories
Bring pr_cipher_quality() and run_cipherlists() in line
2019-12-24 11:47:41 +01:00
Dirk Wetter
9f58ba4733
Merge pull request #1417 from dcooper16/fix_tls13_key_derivation
Fix TLS 1.3 key derivation
2019-12-24 11:47:08 +01:00
David Cooper
ce4f923c6b
Fix TLS 1.3 key derivation
At the moment, testssl.sh does not correctly derive the handshake traffic keys in the case that the server responds to the initial ClientHello with a HelloRetryRequest. The handshake traffic keys are computed incorrectly because the wrong messages are provided to derive-handshake-traffic-keys() for input to the Transcript-Hash calculation:

* TLS_CLIENT_HELLO is not updated to contain the value of the second ClientHello, and so the first ClientHello is being provided to derive-handshake-traffic-keys() as both the first and the second ClientHello.

* In middlebox compatibility mode the server may send a dummy ChangeCipherSpec message immediately after the HelloRetryRequest. Since it is part of the server's response to the initial ClientHello, the ChangeCipherSpec message is included in the $hrr that is sent to derive-handshake-traffic-keys(), but it should not be included in the computation of the Transcript-Hash.

This PR fixes the above two problems by updating TLS_CLIENT_HELLO when a second ClientHello is sent and by removing any ChangeCipherSpec message (140303000101) from the end of the server's initial response.
2019-12-23 15:37:26 -05:00
Dirk Wetter
70112a989e Bring pr_cipher_quality() and run_cipherlists() in line
* Severity of RC4 in run_cipherlists() is now high as everywhere else
* Same for RC2 and DES. Only Export, NULL and ADH remain critical
* 3DES and IDEA in run_cipherlists() is now medium (see #1393)
* CBC3  SEED 3DES IDEA added in pr_cipher_quality()
* MD5 added to pr_cipher_quality() and labled as high
* double RC2 switch statemnet removed in pr_cipher_quality()
2019-12-22 14:41:39 +01:00
Dirk Wetter
710f915660
update version 2019-12-12 11:34:33 +01:00
Dirk Wetter
db558de147
Merge pull request #1412 from drwetter/minor_code_improvements1
fix errorneous insertion
2019-12-11 22:22:35 +01:00
Dirk
c960bd16f9 fix errorneous insertion 2019-12-11 22:20:58 +01:00
Dirk Wetter
9c2666a2d6
Merge pull request #1411 from drwetter/minor_code_improvements1
Minor internal code improvements
2019-12-11 22:10:07 +01:00
Dirk
849a41a371 Minor internal code improvements
* rename actually_supported_ciphers() to actually_supported_osslciphers()
* remove some redundant quotes at rhs of double brackets checks
2019-12-11 22:07:53 +01:00
Dirk Wetter
93a1d9441c
Merge pull request #1410 from drwetter/drwetter-clpatch
Amend with log for upcoming rc6
2019-12-11 21:49:36 +01:00
Dirk Wetter
2b08b593a8
Amend with log for upcoming rc6 2019-12-11 21:49:23 +01:00
Dirk Wetter
442c728187
Merge pull request #1408 from drwetter/connect-timeout
Connect timeout
2019-12-10 21:55:02 +01:00
Dirk
055a2e9bb4 --connect-timeout finalized
* openssl timeout tested
* one openssl related error message fixed when timeout is used (timeout was included)
2019-12-10 21:02:32 +01:00
Dirk
3fdb5617db --connect-timeout 2019-12-10 20:44:55 +01:00
Dirk
20e77318ca Further improving socket connect timeout
* Handle case when "timeout" couldn't be found
* Proper error message when timeout requested but isn't available
* Fix errorneous message in help()
2019-12-10 13:18:45 +01:00
Dirk Wetter
b38e433ec4
Merge pull request #1407 from drwetter/dockerIDcheck
Handle problem when pulling container fails
2019-12-09 11:04:17 +01:00
Dirk
8e02b4a261 Improvements to socket timeouts
* timeouts are not default anymore but need a cmdline param (or ENV param)
* check whether "timeout" exists

Also:
* allow OPENSSL_TIMEOUT to be passed via ENV similar to others
* replace timeout variable in run_robot() by robottimeout, to avoid
  misunderstandings by a human

ToDos: see inline. Mainly if timeout isn't available, testssl.sh doesn't
work.

Not to self: help function still says 60 second is default.
2019-12-09 10:47:58 +01:00
Dirk
ce0be5fefc Handle problem when pulling fails
... when e.g. sitting in a German train with bad internet connection
2019-12-09 10:26:39 +01:00
Dirk Wetter
b1f4713287 Merge branch '3.0' of https://github.com/goncalor/testssl.sh into goncalor-3.0 2019-12-06 16:29:45 +01:00
Dirk Wetter
c5a13ed689
Merge pull request #1406 from drwetter/drwetter-patch-4
Upgrade to Alpine 3.10
2019-12-03 23:10:20 +01:00
Dirk Wetter
2cf8997635
Upgrade to Alpine 3.10 2019-12-03 23:10:06 +01:00
Dirk Wetter
37be442b2b
Merge pull request #1405 from dcooper16/fix_http_header_formatting
Fix formatting of HTTP security headers
2019-12-03 23:04:32 +01:00
David Cooper
0b94a14614 Indent subsequent rows of HTTP security headers by two spaces
When printing a long HTTP security header, this commit causes every row after the first one to be indented by two additional spaces. In the case of very long headers, this extra indentation makes it a little easier for readers to see where the next security header begins.
2019-12-03 16:19:01 -05:00
David Cooper
725fdc11cb
Fix formatting of HTTP security headers
When printing out HTTP security headers, run_security_headers() uses out_row_aligned_max_width(), since some headers are very long and need to be wrapped. At the moment, however, the first line is too long. The problem is that while "$header $HEADERVALUE" is printed in the indented area, only $HEADERVALUE is passed to out_row_aligned_max_width().

This PR fixes the problem by passing "$header $HEADERVALUE" to out_row_aligned_max_width() so that the the first line is wrapped at the correct place.
2019-12-03 15:38:16 -05:00
Dirk Wetter
9ee0feef3d
Merge pull request #1403 from drwetter/drwetter-patch-3
simplify Dockerfile
2019-12-03 12:05:23 +01:00
Dirk Wetter
c163f3ec99
simplify Dockerfile
.. according to  #1402 and #1142
2019-12-03 12:05:07 +01:00
Dirk Wetter
10fc1416b5
Merge pull request #1401 from drwetter/catch_someuser_errors
Catch user error using --json/--html and friends
2019-12-02 15:39:15 +01:00
Dirk Wetter
4c1bee181b Catch user error using --json/--html and friends
testssl.sh hiccups when a user supplied after --json*/--html/-csv
a filename instead of using the corresponding  --json*file/--htmlfile/-csvfile
arguments, see #1397.

This PR adresses that in a sense that it tries to detect to following
argument of --json*/--html/-csv. If that matches a suspected filename
it bails out using fatal().

This is not intended to be perfect (when the pattern doesn't match)
but catches the user error in an early stage. See also #1398
2019-12-02 15:32:06 +01:00
Dirk Wetter
58cfe1220b
Merge pull request #1396 from dcooper16/align_cipher_rating_numbers
Align cipher rating numbers
2019-12-02 14:26:00 +01:00
Dirk Wetter
b4f69fbdf6
Merge pull request #1400 from drwetter/drwetter-patch-2
Housekeeping
2019-11-27 09:50:02 +01:00
Dirk Wetter
8e563e5361
Housekeeping
* add --rm
* better description of output
2019-11-27 09:49:51 +01:00
Dirk Wetter
9ce04a6219
Merge pull request #1399 from max-wittig/patch-1
docs(readme): delete container after run
2019-11-27 09:35:47 +01:00
Max Wittig
57b46ba58c
docs(readme): delete container after run 2019-11-26 14:32:06 +01:00
David Cooper
9cb95e9f70 Align cipher rating numbers
Currently sub_cipherlists() and pr_cipher_quality() use different numbers for the same cipher quality ratings. sub_cipherlists() uses:

   -2 = pr_svrty_critical, -1= pr_svrty_high, 0 = pr_svrty_low, 1 = pr_svrty_good, 2 = pr_svrty_best

while pr_cipher_quality() uses:

   1 = pr_svrty_critical, 2 = pr_svrty_high, 3 = pr_svrty_medium, 4 = pr_svrty_low
   5 = neither good nor bad, 6 = pr_svrty_good, 7 = pr_svrty_best

This PR changes sub_cipherlists() (and run_cipherlists()) to use the same numbers for cipher quality as pr_cipher_quality(). It does not change any of the ratings assigned to ciphers by run_cipherlists() or pr_cipher_quality(), so the two are still not in alignment. But, hopefully using the same numbering in both functions will make it a bit easier to compare them and bring them into alignment.
2019-11-25 10:07:33 -05:00
Dirk Wetter
c645dc9f23
Merge pull request #1395 from drwetter/fix_get_caa
Fix getting CAA record
2019-11-24 20:33:52 +01:00