Closed kitzmiller closed 1 year ago
Whoops, my bad. I was unaware that s_client did not do SNI by default. Adding -servername null.badssl.com
allows the older versions of OpenSSL to connect and they see the following ciphers:
ECDHE-RSA-NULL-SHA:AECDH-NULL-SHA:NULL-SHA:AECDH-AES256-SHA:ADH-AES256-SHA:ADH-CAMELLIA256-SHA:AECDH-AES128-SHA:ADH-AES128-SHA:ADH-SEED-SHA
Adding @SECLEVEL=0
to the front of my -cipher string for 1.1.1f and 1.1.1q got:
ECDHE-RSA-NULL-SHA:AECDH-NULL-SHA:NULL-SHA256:NULL-SHA:AECDH-AES256-SHA:ADH-AES256-GCM-SHA384:ADH-AES256-SHA256:ADH-AES256-SHA:ADH-CAMELLIA256-SHA:AECDH-AES128-SHA:ADH-AES128-GCM-SHA256:ADH-AES128-SHA256:ADH-AES128-SHA:ADH-SEED-SHA:ADH-CAMELLIA128-SHA
On modern versions of OpenSSL (1.1.1f, 1.1.1q) I'm not able to connect to null.badssl.com but with older versions (1.0.1e, 1.0.1t) I'm able to connect with TLSv1.1 and TLSv1.0 and get cipher suites with AES128, AES256, 3DES, and Camellia but do not get any NULL cipher suites.
Enumerating the ciphers at null.badssl.com shows that it supports the following cipher suites with TLSv1.1 and TLSv1.0:
ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA:DHE-RSA-CAMELLIA256-SHA:CAMELLIA256-SHA:DHE-RSA-CAMELLIA128-SHA:CAMELLIA128-SHA
Using either
-cipher 'eNULL'
,-cipher 'COMPLEMENTOFALL'
, or-cipher 'ECDHE-RSA-NULL-SHA:ECDHE-ECDSA-NULL-SHA:AECDH-NULL-SHA:ECDH-RSA-NULL-SHA:ECDH-ECDSA-NULL-SHA:NULL-SHA256:NULL-SHA:NULL-MD5'
I get:I'm not sure why newer OpenSSL versions don't connect at all. I'm guessing that because null.badssl.com doesn't appear to support TLSv1.2 that no modern browsers are able to connect to it and then it generates the expected result (but for the wrong reason).