The actual code grep for "MongoDB" keyword in the head of the HTTP
session.
In case of "compressed" HTML, a big page is on one line.
On a IT page, we could encounter the "MongoDB" keyword and
miss-identify the application protocol.
Fixed by matching on a longuer string taken from a live MogoDB
server.
Implemnation for 3.0, 3.2 see #2450
If a user chose a broken umask testssl.sh will start but emits subsequent errors.
This patch adds two sanity checks whether it is allowed to create and read files in the temp directory.
Fixes#2449
What was problematic was the error message when the certificate stores were missing. This fixes it by redirecting the error message to /dev/null so that if the sub function detects the missing file it returns with an error by the program and not by executing "basename"
As for 3.2 this is for the 3.0 branch.
This is for 3.0. For 3.1dev, see #2332 .
This PR addresses the bug #2330 by implementing a function which removes control characters from the file output format html,csv,json in the output.
In every instance called there's a check before whether the string contains control chars, hoping it'll save a few milli seconds.
A tr function is used, omitting LF.
It doesn't filter the terminal output and the log file output, yet. It provides a function though which is not being called.
see #2325. This is for the 3.0 branch (for 3.1dev see #2326)
"whenever HTTP/1.1 is used then the Accept header uses "text/*" as a MIME type.
This causes some minor issues with some of the checks we are doing"
Grading is a new feature in 3.1dev,, so set_grade_cap() is not defined in the 3.0 branch.
This commit removes the call to set_grade_cap() in certificate_info().
As noted in #2304, the way that the '&' character is treated in the string part of a pattern substitution changed in Bash 5.2. As a result, the change that was made in #1481 to accommodate older versions of Bash (e.g., on MacOS) now causes testssl.sh to produce incorrect HTML output when run on Bash 5.2.
This commit encodes the '&' characters in the substitution strings in a way that produces correct results on multiple versions of Bash (3.2 on MacOS, 5.2 on Ubuntu 23.10, 5.0 on Ubuntu 20.04).
This commit fixes#2271 by adding the `-no_ssl2` option to the call to get_host_cert() in run_drown(). There is at least one server that causes OpenSSL to hang if this call to get_host_cert() results in an SSLv2 ClientHello being sent. Since this call to get_host_cert() only needs to find the server's certificate in cases in which the server does not support SSLv2, there is no need to send an SSLv2 ClientHello.
This commit fixes an infinite loop in run_pfs() that occurs in cases in which $OPENSSL supports TLS 1.3 and the server supports all of the non-TLS 1.3 FS ciphers that $OPENSSL supports but not all of the TLS 1.3 ciphers that $OPENSSL supports.
The problem is that testing for supported ciphers using $OPENSSL, testing should stop if there are no more ciphers to test (because all of the ciphers supported by $OPENSSL have been determined to be supported by the server). However, currently testing only stops if both the list of TLS 1.3 ciphers and non-TLS 1.3 ciphers is empty. In the problematic case, only the list of non-TLS 1.3 ciphers is empty. Instead of stopping, s_client_options() is called with a -cipher option with an empty list, and s_client_options() simply removes the -cipher option from the command, resulting in a call to $OPENSSL s_client with a full list of non-TLS 1.3 ciphers. Since this call succeeds, the loop continues.
This commit fixes the problem by stopping TLS 1.3 ClientHello testing when the list of TLS 1.3 ciphers is empty and stopping non-TLS 1.3 ClientHello testing when the list of non-TLS 1.3 ciphers is empty.
When neat_list() is printing information about a cipher suite that uses (EC)DH key exchange that was obtained using an old version of OpenSSL the rows are not properly aligned, since the key exchange input includes an unexpected trailing space. This commit fixes the problem by removing any trailing spaces from $kx.
certificate_transparency() does not work in debug mode, since tls_sockets() writes debugging messages to stdout. This commit fixes the problem by having certificate_transparency() return its results using a global variable rather than writing the results to stdout and having having run_server_defaults() catch the output.
There is at least one server that includes a new session ticket in the same packet as the Finished message. This confuses check_tls_serverhellodone() since the new session ticket is encrypted under the application traffic keys rather than the handshake keys. check_tls_serverhellodone(), being unable to decrypt the new session ticket, reports a failure and does not return any of the decrypted data.
This commit fixes the problem by having check_tls_serverhellodone() simply ignore any data that appears after the Finished message.
As jsonID is not set by run_crime, make the fileout invocation for
servers supporting only TLS 1.3 use the literal "CRIME_TLS" instead.
Previously running testssl with CSV or JSON output would produce an item
with the wrong ID.
On macOS in dark mode the git tag in grey wasn't visible. It was
changed now to light grey. It also works at least on Linux
using a light terminal background.
The NNTP server which we used for STARTTLS checks seems ofen
not to work. Thus this PR removes that for the 3.0 branch.
In rare? occassions where the STARTTLS FEAT request only displays AUTH instead
of AUTH TLS, testssl.sh fails as it cannot upgrade to TLS.
Required by RFC 4217 is only AUTH ("MUST"), AUTH TLS is optional ("should"), see section 6.
This PR relaxes the presence of TLS after AUTH and fixes#2132 for the 3.0 branch.
run_server_preference() calls "default_proto=$(get_protocol $TMPFILE)" even if all attempts to connect to the server failed. This will result in default_proto incorrectly being set to TLS 1.2. This commit fixes the issue by only calling get_protocol() if an attempt to connect to the server was successful.
With a TLS 1.3 connection, a session ID will only appears as part of a post-handshake session ticket. However, with OpenSSL 1.1.1 or newer when using $OPENSSL s_client as it is called in determine_optimal_proto() (i.e., with "< /dev/null"), a post-handshake session ticket will usually not be received, even if the server supports it. With versions of LibreSSL that support TLS 1.3, a post-handshake session ticket is never displayed (even without "< /dev/null"). This can result in NO_SESSION_ID incorrectly being set to true.
This commit fixes the issue by setting NO_SESSION_ID to true by default, and then setting it to false if a session ID is returned by any connection to the server.
OpenSSL 3.X pretty prints certificates in a slightly different way than previous versions, and this breaks the code for getting the URIs from the CRLDP extension.
This commit fixes the issue by having awk search for additional possible strings to start the CRL Distribution Points output. Unless the CRLDP extension is malformed, it will begin with "Full Name", "Relative Name", "Reasons", or "CRL Issuer".
This commit fixes yet another issue with using OpenSSL 3.X with the 3.0 branch. When $OPENSSL is used to obtain a fingerprint, OpenSSL 3.X prepends the fingerprint with "sha1" or "sha256" rather than "SHA1" or "SHA256".
OpenSSL 3.0.X uses different names for some elliptic cures in the "Server Temp Key" line than previous previous versions. This commit addresses this issue by checking for both names.
There is at least one server that will not negotiate TLS_DHE_* cipher suites with TLS 1.2 and below if the supported_groups extension is present but does not include any DH groups. This commit adds the DH groups that are currently in the TLS 1.3 ClientHello to the TLS 1.2 and earlier ClientHello.
This commit changes prepare_tls_clienthello() so that the RSA-PSS algorithms are offered in the signature algorithms extension of TLS 1.2 and below ClientHello messages.
Under Darwin using LibreSSL it was not possible to test for session
resumption by session ID.
This fixes the issue #2096 for 3.0 by checking not only the return value of the
s_client hello but also whether a probable certificate is being returned.
It is now being tested whether the binary locale exists and
there's a global introduced for that.
Also there's no fileout warning at this early stage anymore
as it leads to non-valid JSON
Dirk Wetter