From 94efc235d0fc7fb010d456258d6995cb342f108b Mon Sep 17 00:00:00 2001 From: Hubert Kario Date: Wed, 20 Jul 2016 20:43:47 +0200 Subject: [PATCH] use more robust trust path building by default use the -trusted_first flag to openssl, so that it tries alternative trust paths to verify validity of server presented certificate --- cipherscan | 32 +++++++++++++++++++++++--------- 1 file changed, 23 insertions(+), 9 deletions(-) diff --git a/cipherscan b/cipherscan index 236b34f..461d1f8 100755 --- a/cipherscan +++ b/cipherscan @@ -690,7 +690,8 @@ get_cipher_pref() { elif [[ -e $CACERTS ]]; then sslcommand+=" -CAfile $CACERTS" fi - sslcommand+=" -status $SCLIENTARGS -connect $TARGET -cipher $ciphersuite" + sslcommand+=" -trusted_first -status $SCLIENTARGS -connect $TARGET" + sslcommand+=" -cipher $ciphersuite" verbose "Connecting to '$TARGET' with ciphersuite '$ciphersuite'" # If the connection succeeded with the current cipher, benchmark and store @@ -1095,7 +1096,8 @@ test_serverside_ordering() { elif [[ -e "$CACERTS" ]]; then sslcommand+=" -CAfile $CACERTS" fi - sslcommand+=" -status $SCLIENTARGS -connect $TARGET -cipher $ciphersuite" + sslcommand+=" -trusted_first -status $SCLIENTARGS -connect $TARGET" + sslcommand+=" -cipher $ciphersuite" test_cipher_on_target "$sslcommand" if (( $? != 0 )); then @@ -1130,6 +1132,7 @@ test_curves() { sslcommand+=" -CAfile $CACERTS" fi sslcommand+=" -status $SCLIENTARGS -connect $TARGET -cipher $current_cipher" + sslcommand+=" -trusted_first" # force the TLS to send a TLS1.0 client hello at least, as with SSLv2 # ciphers present it will try to send a SSLv2 compatible client hello sslcommand+=" -no_ssl2 -no_ssl3" @@ -1248,6 +1251,7 @@ test_curves_fallback() { elif [[ -e "$CACERTS" ]]; then sslcommand+=" -CAfile $CACERTS" fi + sslcommand+=" -trusted_first" sslcommand+=" -status $SCLIENTARGS -connect $TARGET -cipher $ecc_ciphers" # force the TLS to send a TLS1.0 client hello at least, as with SSLv2 # ciphers present it will try to send a SSLv2 compatible client hello @@ -1310,7 +1314,12 @@ test_tls_tolerance() { tls_vers_tests['big-SSLv3']="-no_tls1_2 -no_tls1_1 -no_tls1" local sslcommand="$TIMEOUTBIN $TIMEOUT $OPENSSLBIN s_client" - sslcommand+=" -status -nextprotoneg 'http/1.1'" + if [ -n "$CAPATH" ]; then + sslcommand+=" -CApath $CAPATH -showcerts" + elif [ -e "$CACERTS" ]; then + sslcommand+=" -CAfile $CACERTS" + fi + sslcommand+=" -trusted_first -status -nextprotoneg 'http/1.1'" sslcommand+=" $SCLIENTARGS -connect $TARGET -cipher $CIPHERSUITE" for version in "${!tls_vers_tests[@]}"; do @@ -1350,7 +1359,7 @@ test_tls_tolerance() { elif [[ -e "$CACERTS" ]]; then sslcommand+=" -CAfile $CACERTS" fi - sslcommand+=" -connect $TARGET -cipher $CIPHERSUITE" + sslcommand+=" -trusted_first -connect $TARGET -cipher $CIPHERSUITE" ratelimit verbose "Testing fallback with $sslcommand" @@ -1375,7 +1384,7 @@ test_tls_tolerance() { elif [[ -e "$CACERTS" ]]; then sslcommand+=" -CAfile $CACERTS" fi - sslcommand+=" -connect $TARGET -cipher $ciphers" + sslcommand+=" -trusted_first -connect $TARGET -cipher $ciphers" ratelimit verbose "Testing fallback with $sslcommand" @@ -1446,6 +1455,7 @@ test_tls_tolerance() { elif [[ -e "$CACERTS" ]]; then sslcommand+=" -CAfile $CACERTS" fi + sslcommand+=" -trusted_first" sslcommand+=" $SCLIENTARGS -connect $TARGET -cipher $ciphers:!SSLv2" ratelimit @@ -1581,7 +1591,8 @@ test_kex_sigalgs() { elif [ -e "$CACERTS" ]; then sslcommand+=" -CAfile $CACERTS" fi - sslcommand+=" $SCLIENTARGS -connect $TARGET -cipher $supported_ecdsa_ciphers" + sslcommand+=" -trusted_first $SCLIENTARGS -connect $TARGET" + sslcommand+=" -cipher $supported_ecdsa_ciphers" # since some ciphers supported by server may be SSLv2 only, we need to # force use of TLSv1.2, otherwise openssl will send a SSLv2 compatible # client hello @@ -1661,7 +1672,8 @@ test_kex_sigalgs() { elif [ -e "$CACERTS" ]; then sslcommand+=" -CAfile $CACERTS" fi - sslcommand+=" $SCLIENTARGS -connect $TARGET -cipher $supported_rsa_ciphers" + sslcommand+=" -trusted_first $SCLIENTARGS -connect $TARGET" + sslcommand+=" -cipher $supported_rsa_ciphers" # since some ciphers supported by server may be SSLv2 only, we need to # force use of TLSv1.2, otherwise openssl will send a SSLv2 compatible # client hello @@ -1761,7 +1773,8 @@ test_kex_sigalgs() { elif [ -e "$CACERTS" ]; then sslcommand+=" -CAfile $CACERTS" fi - sslcommand+=" $SCLIENTARGS -connect $TARGET -cipher $supported_ecdsa_ciphers" + sslcommand+=" -trusted_first $SCLIENTARGS -connect $TARGET" + sslcommand+=" -cipher $supported_ecdsa_ciphers" # since some ciphers supported by server may be SSLv2 only, we need to # force use of TLSv1.2, otherwise openssl will send a SSLv2 compatible # client hello @@ -1805,7 +1818,8 @@ test_kex_sigalgs() { elif [ -e "$CACERTS" ]; then sslcommand+=" -CAfile $CACERTS" fi - sslcommand+=" $SCLIENTARGS -connect $TARGET -cipher $supported_rsa_ciphers" + sslcommand+=" -trusted_first $SCLIENTARGS -connect $TARGET" + sslcommand+=" -cipher $supported_rsa_ciphers" # since some ciphers supported by server may be SSLv2 only, we need to # force use of TLSv1.2, otherwise openssl will send a SSLv2 compatible # client hello