Shell warnings during Heartbleed and CCS tests @ OSX?

xeron commented 8 years ago

testssl.sh: latest master. OS X: 10.11.4. bash: 4.4.0(1)-rc1

Tried with default bash from OS X (3.2.57(1)-release) – same result.

$ ./testssl.sh --wide my.example.com
…
 Heartbleed (CVE-2014-0160)                ./testssl.sh: line 1445: warning: command substitution: ignored null byte in input
./testssl.sh: line 1445: warning: command substitution: ignored null byte in input
./testssl.sh: line 1445: warning: command substitution: ignored null byte in input
[REPEATED MULTIPLE TIMES]
…
not vulnerable (OK) (timed out)
 CCS (CVE-2014-0224)                       ./testssl.sh: line 1445: warning: command substitution: ignored null byte in input
./testssl.sh: line 1445: warning: command substitution: ignored null byte in input
./testssl.sh: line 1445: warning: command substitution: ignored null byte in input
[REPEATED MULTIPLE TIMES]
…

drwetter commented 8 years ago

Could you pls give it a swing?

xeron commented 8 years ago

Nope, the same issue for both Heartbleed and CCS:

 Heartbleed (CVE-2014-0160)                ./testssl.sh: line 1442: warning: command substitution: ignored null byte in input
./testssl.sh: line 1442: warning: command substitution: ignored null byte in input

drwetter commented 8 years ago

Am 28. Mai 2016 22:08:48 MESZ, schrieb Ivan Larionov notifications@github.com:

Nope, the same issue for both Heartbleed and CCS:

Heartbleed (CVE-2014-0160)                ./testssl.sh: line 1442:
warning: command substitution: ignored null byte in input
./testssl.sh: line 1442: warning: command substitution: ignored null
byte in input

Thx.

I doubt this is a typical OS X behavior. But as a baseline @ all: can anybody please double check?

@ Ivan: you need to provide proper input if this should be a bug report, see wiki.

Cheers, Dirk

Set from my mobile. Excuse my brevity&typos

drwetter commented 8 years ago

That's a bash 4.4 "bug" which hiccups at NULL bytes : https://github.com/dracutdevs/dracut/issues/118#issuecomment-190857829

Better CCS and HB need to be changed to the socket functions used elsewhere (sockread_serverhello())

xeron commented 7 years ago

@drwetter just wanted to make sure, this issue has been fixed, right?

drwetter commented 7 years ago

Yes, please. I am pretty sure it is so this ticket should have been closed already.

-- Sent from my mobile. Excuse my brevity&typos+the phone's autocorrection

dcooper16 commented 7 years ago

I believe that this issue has only been partially resolved. I believe that it has been resolved for Heartbleed, and that it is less of a problem than before for CCS, but there is still the following code in run_ccs_injection():

     sockreply=$(cat "$SOCK_REPLY_FILE" 2>/dev/null)
     rm "$SOCK_REPLY_FILE"

     byte6=$(echo "$sockreply" | "${HEXDUMPPLAIN[@]}" | sed 's/^..........//')
     lines=$(echo "$sockreply" | "${HEXDUMP[@]}" | count_lines )

For some reason, though, I'm not seeing an error even if $SOCK_REPLY_FILE does contain a null character.

However, even if the issue hasn't been totally resolved, it should only rarely occur, since it is very difficult to find a server that provides a non-empty response to the second CCS injection message.

xeron commented 7 years ago

Ok, it doesn't affect me anymore so I'm ok with either closing it or keeping open to fix run_ccs_injection().

drwetter commented 7 years ago

The cat will disappear soon, I'll close this then.

bknowles commented 5 years ago

This bug is still present in macOS, even with commit 893cad542dd51d42d03a10c5bcb56f2a6f4fb888

I get lots and lots of these:

./testssl.sh: line 6804: warning: command substitution: ignored null byte in input
./testssl.sh: line 1264: warning: command substitution: ignored null byte in input
./testssl.sh: line 6804: warning: command substitution: ignored null byte in input
./testssl.sh: line 1264: warning: command substitution: ignored null byte in input
./testssl.sh: line 6804: warning: command substitution: ignored null byte in input
./testssl.sh: line 1264: warning: command substitution: ignored null byte in input
./testssl.sh: line 6804: warning: command substitution: ignored null byte in input
./testssl.sh: line 1264: warning: command substitution: ignored null byte in input
./testssl.sh: line 6804: warning: command substitution: ignored null byte in input
./testssl.sh: line 1264: warning: command substitution: ignored null byte in input
./testssl.sh: line 6804: warning: command substitution: ignored null byte in input
./testssl.sh: line 1264: warning: command substitution: ignored null byte in input
./testssl.sh: line 6804: warning: command substitution: ignored null byte in input
./testssl.sh: line 1264: warning: command substitution: ignored null byte in input
./testssl.sh: line 6804: warning: command substitution: ignored null byte in input
./testssl.sh: line 1264: warning: command substitution: ignored null byte in input
./testssl.sh: line 6804: warning: command substitution: ignored null byte in input
./testssl.sh: line 1264: warning: command substitution: ignored null byte in input
./testssl.sh: line 6804: warning: command substitution: ignored null byte in input
./testssl.sh: line 1264: warning: command substitution: ignored null byte in input
./testssl.sh: line 6804: warning: command substitution: ignored null byte in input
./testssl.sh: line 1264: warning: command substitution: ignored null byte in input
./testssl.sh: line 6804: warning: command substitution: ignored null byte in input
./testssl.sh: line 1264: warning: command substitution: ignored null byte in input
./testssl.sh: line 6804: warning: command substitution: ignored null byte in input
./testssl.sh: line 1264: warning: command substitution: ignored null byte in input
./testssl.sh: line 6804: warning: command substitution: ignored null byte in input
./testssl.sh: line 1264: warning: command substitution: ignored null byte in input
./testssl.sh: line 6804: warning: command substitution: ignored null byte in input
./testssl.sh: line 1264: warning: command substitution: ignored null byte in input
./testssl.sh: line 6804: warning: command substitution: ignored null byte in input
./testssl.sh: line 1264: warning: command substitution: ignored null byte in input
./testssl.sh: line 6804: warning: command substitution: ignored null byte in input
./testssl.sh: line 1264: warning: command substitution: ignored null byte in input
./testssl.sh: line 6804: warning: command substitution: ignored null byte in input
./testssl.sh: line 1264: warning: command substitution: ignored null byte in input
./testssl.sh: line 6804: warning: command substitution: ignored null byte in input
./testssl.sh: line 1264: warning: command substitution: ignored null byte in input
./testssl.sh: line 6804: warning: command substitution: ignored null byte in input
./testssl.sh: line 1264: warning: command substitution: ignored null byte in input
./testssl.sh: line 6804: warning: command substitution: ignored null byte in input
./testssl.sh: line 1264: warning: command substitution: ignored null byte in input
./testssl.sh: line 6804: warning: command substitution: ignored null byte in input
./testssl.sh: line 1264: warning: command substitution: ignored null byte in input
./testssl.sh: line 6804: warning: command substitution: ignored null byte in input
./testssl.sh: line 1264: warning: command substitution: ignored null byte in input
./testssl.sh: line 6804: warning: command substitution: ignored null byte in input
./testssl.sh: line 1264: warning: command substitution: ignored null byte in input
./testssl.sh: line 6804: warning: command substitution: ignored null byte in input
./testssl.sh: line 1264: warning: command substitution: ignored null byte in input
./testssl.sh: line 6804: warning: command substitution: ignored null byte in input
./testssl.sh: line 1264: warning: command substitution: ignored null byte in input
./testssl.sh: line 6804: warning: command substitution: ignored null byte in input
./testssl.sh: line 1264: warning: command substitution: ignored null byte in input
./testssl.sh: line 6804: warning: command substitution: ignored null byte in input
./testssl.sh: line 1264: warning: command substitution: ignored null byte in input
./testssl.sh: line 6804: warning: command substitution: ignored null byte in input
./testssl.sh: line 1264: warning: command substitution: ignored null byte in input
./testssl.sh: line 6804: warning: command substitution: ignored null byte in input
./testssl.sh: line 1264: warning: command substitution: ignored null byte in input
./testssl.sh: line 6804: warning: command substitution: ignored null byte in input
./testssl.sh: line 1264: warning: command substitution: ignored null byte in input

drwetter commented 5 years ago

Hi Brad,

don't know which version are you using but this doesn't seem related -- the line numbers do not fit. While I don't understand what's happening @ L6804, L1264 looks to me like you targeted google.com which in 1 or two requests they send non-printable chars over openssl s_client

Maybe you you open a separate issue and fill in the details?

Cheers, Dirk

bknowles commented 5 years ago

On my copy of testssl.sh, looking at the latest 2.9dev branch, line 6804 looks like it came from commit 32b8c70d, and appears like this:

   6803 sclient_connect_successful() {
   6804      local server_hello="$(<"$2")"
   6805      local re='Master-Key: ([^\
   6806 ]*)'

It's the "local server_hello" definition that seems to be a problem.

The code is basically the same on line 1264:

   1262 get_cipher() {
   1263      local cipher=""
   1264      local server_hello="$(< "$1")"

Although in this case, it appears line 1264 came from commit 11d74d2f.

I'm happy to open a new issue, if this is actually unrelated to the one that was originally reported by @xeron.

bknowles commented 5 years ago

Doing a git log, the most recent commit here looks like:

commit 893cad542dd51d42d03a10c5bcb56f2a6f4fb888 (HEAD -> 2.9dev, origin/HEAD, origin/2.9dev)
Author: Dirk Wetter <dirk@testssl.sh>
Date:   Wed Apr 24 18:44:14 2019 +0000

    Delete CHANGELOG.stable-releases.txt

bknowles commented 5 years ago

Note that I've verified this status on both my work laptop and on my home laptop. I had not previously cloned this repo on my work laptop, so that was a completely fresh copy of the repo. I had previously cloned the repo on my home laptop, so I did a git pull, then git checkout 2.9dev, and then another git pull.

bknowles commented 5 years ago

Unless maybe there is a branch I should be looking at that is something other than 2.9dev?

drwetter commented 5 years ago

3.0 is the latest.

Don't use 2.9dev anymore.

Which server did you aim at?

bknowles commented 5 years ago

Sorry, I thought I had checked all the github and testssl.sh website before posting that addendum to this issue, and everywhere I could find had said that 2.9dev was the latest so long as you were in RC mode, and a 3.0 branch would be created once you actually did a release. My bad. I'll retest with 3.0.

I was hitting an internal non-HTTP server that sits on an RFC-1918 private network, so there's no way you could possibly hit it from the outside. At least, I hope not....

bknowles commented 5 years ago

Okay, I just retested with 3.0rc5 (eef63b1). Same problem, different lines:

The error message:

 Testing robust (perfect) forward secrecy, (P)FS -- omitting Null Authentication/Encryption, 3DES, RC4 

 PFS is offered (OK)          ./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
^C

The code around line 1265:

 1262 # retrieve cipher from ServerHello (via openssl)
 1263 get_cipher() {
 1264      local cipher=""
 1265      local server_hello="$(< "$1")"
 1266 
 1267      if [[ "$server_hello" =~ Cipher\ *:\ ([A-Z0-9]+-[A-Za-z0-9\-]+|TLS_[A-Za-z0-9_]+) ]]; then
 1268           cipher="${BASH_REMATCH##* }"

The code around line 6941:

 6935 # core function determining whether handshake succeeded or not
 6936 # arg1: return value of "openssl s_client connect"
 6937 # arg2: temporary file with the server hello
 6938 # returns 0 if connect was successful, 1 if not
 6939 #
 6940 sclient_connect_successful() {
 6941      local server_hello="$(<"$2")"
 6942      local re='Master-Key: ([^\
 6943 ]*)'

bknowles commented 5 years ago

In both cases, the problem is clearly the code that starts with local server_hello=.

Here's the top entry from git log for the 3.0 branch I've checked out:

commit eef63b1726b9f44ff63a6dc19c6e2ea16e78b644 (HEAD -> 3.0, origin/3.0)
Merge: 3d5982e af6f232
Author: Dirk Wetter <dirk@testssl.sh>
Date:   Wed Jul 3 11:54:56 2019 +0200

    Merge pull request #1289 from drwetter/tput_sgr_fix

    Fix terminal codes / tput

bknowles commented 5 years ago

So, is there a reason why we're using local server_hello= on these lines instead of something like sockread_serverhello?

drwetter commented 5 years ago

That is part of the very few places where we need openssl. E.g. when we finish the TLS handshake and look into HTTP headers.

Still curious about the TLS stack of server and the check where this happened. Was that only PFS? Do you use --ssl-native?

So far I have seen this only @ google.TLD (under Linux), and only one check (and only one line)

bknowles commented 5 years ago

Unfortunately, that TIBCO server at the moment is having problems. The port in question is somehow open while the application behind that port is not working, and at the moment we can't get any kind of SSL connection to it with any of the programs we throw at it.

I'll try --ssl-native the next time I can get some sort of connection working.

bknowles commented 5 years ago

Of course, the moment I say that, it looks like the server is now working again (for at least some values of "working"), and so I'm now re-testing.

¯\(ツ)/¯

dcooper16 commented 5 years ago

As Dirk noted, this isn't really related to the original issue that was reported here.

The problem that was reported 3 years ago was that binary data was being loaded into a bash variable.

In the two lines where you are experiencing a problem, the data that is being loaded into a bash variable is the text that openssl s_client prints to stdout and stderr. So, if you are receiving an error saying that the input contains a null byte, that seems to suggest that openssl s_client is printing a null byte to either stdout or stderr, which seems odd. I think we need more information to figure out why that is happening.

Dirk suggested that the server may be sending non-printable characters, but that would only seem to apply in tests such as the one that retrieves the server's HTTP headers, where the server is sending data over the TLS connection that is established. In PFS, the TLS connection is established, but no data is sent.

The only guess I have at the moment is the server's certificate. openssl s_client prints the issuer and subject names in the certificates sent by the server to the client. If one of these names (incorrectly) included a null byte, then perhaps OpenSSL would just print that null byte to the terminal.

bknowles commented 5 years ago

Here's the first part of the --ssl-native run, with a redacted hostname:

$ ./testssl.sh --color=3 --ssl-native https://hostname.domain.private:7233

###########################################################
    testssl.sh       3.0rc5 from https://testssl.sh/dev/
    (eef63b1 2019-07-03 11:54:56 -- )

      This program is free software. Distribution and
             modification under GPLv2 permitted.
      USAGE w/o ANY WARRANTY. USE IT AT YOUR OWN RISK!

       Please file bugs @ https://testssl.sh/bugs/

###########################################################

 Using "OpenSSL 1.0.2-chacha (1.0.2k-dev)" [~183 ciphers]
 on CECEN-SX2EVGTFL:./bin/openssl.Darwin.x86_64
 (built: "Feb 22 09:55:43 2019", platform: "darwin64-x86_64-cc")

 Start 2019-07-08 13:42:34        -->> 10.0.0.0:7233 (hostname.domain.private) <<--

 rDNS (10.6.54.98):      --
 Service detected:       Couldn't determine what's running on port 7233, assuming no HTTP service => skipping all HTTP checks

 Testing protocols via native openssl

 SSLv2      not offered (OK)
 SSLv3      not offered (OK)
 TLS 1      ./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
offered
 TLS 1.1    ./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
offered
 TLS 1.2    ./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
offered (OK)
 TLS 1.3    Local problem: ./bin/openssl.Darwin.x86_64 doesn't support "s_client -tls1_3"
 NPN/SPDY   not offered
 ALPN/HTTP2 not offered

 Testing cipher categories 

 NULL ciphers (no encryption)                  not offered (OK)
 Anonymous NULL Ciphers (no authentication)    not offered (OK)
 Export ciphers (w/o ADH+NULL)                 not offered (OK)
 LOW: 64 Bit + DES, RC[2,4] (w/o export)       ./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
offered (NOT ok)
 Triple DES Ciphers / IDEA                     ./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
offered (NOT ok)
 Average: SEED + 128+256 Bit CBC ciphers       ./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
offered
 Strong encryption (AEAD ciphers)              ./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
offered (OK)

 Testing robust (perfect) forward secrecy, (P)FS -- omitting Null Authentication/Encryption, 3DES, RC4 

./testssl.sh: line 6941: warning: command substitution: ignored null byte in input

 PFS is offered (OK)          ./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-SHA256 DHE-RSA-AES128-SHA DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA256 
                              DHE-RSA-AES256-SHA DHE-RSA-CAMELLIA128-SHA DHE-RSA-CAMELLIA256-SHA DHE-RSA-SEED-SHA ECDHE-RSA-AES128-GCM-SHA256 
                              ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA 
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
 Elliptic curves offered:     sect283k1 sect283r1 sect409k1 sect409r1 sect571k1 sect571r1 secp256k1 prime256v1 secp384r1 secp521r1 brainpoolP256r1 
                              brainpoolP384r1 brainpoolP512r1 

 Testing server preferences 

 Has server cipher order?     ./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 1278: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
nope (NOT ok)
 Negotiated protocol          TLSv1.2
 Negotiated cipher            ./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
ECDHE-RSA-RC4-SHA, 570 bit ECDH (B-571) -- inconclusive test, matching cipher in list missing, better see below
 Negotiated cipher per proto  (matching cipher in list missing)
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1278: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1278: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1278: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
     (TLSv1.3: Local problem: ./bin/openssl.Darwin.x86_64 doesn't support "s_client -tls1_3")
     ECDHE-RSA-AES256-SHA:          TLSv1, TLSv1.1
     ECDHE-RSA-AES256-GCM-SHA384:   TLSv1.2
 No further cipher order check has been done as order is determined by the client

./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 7126: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 7126: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 7126: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 7126: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input

bknowles commented 5 years ago

Here's the same test, omitting --ssl-native:

$ ./testssl.sh --color=3 https://hostname.domain.private:7233

###########################################################
    testssl.sh       3.0rc5 from https://testssl.sh/dev/
    (eef63b1 2019-07-03 11:54:56 -- )

      This program is free software. Distribution and
             modification under GPLv2 permitted.
      USAGE w/o ANY WARRANTY. USE IT AT YOUR OWN RISK!

       Please file bugs @ https://testssl.sh/bugs/

###########################################################

 Using "OpenSSL 1.0.2-chacha (1.0.2k-dev)" [~183 ciphers]
 on CECEN-SX2EVGTFL:./bin/openssl.Darwin.x86_64
 (built: "Feb 22 09:55:43 2019", platform: "darwin64-x86_64-cc")

 Start 2019-07-08 13:47:22        -->> 10.0.0.0:7233 (hostname.domain.private) <<--

 rDNS (10.6.54.98):      --
 Service detected:       Couldn't determine what's running on port 7233, assuming no HTTP service => skipping all HTTP checks

 Testing protocols via sockets except NPN+ALPN 

 SSLv2      not offered (OK)
 SSLv3      not offered (OK)
 TLS 1      offered
 TLS 1.1    offered
 TLS 1.2    offered (OK)
 TLS 1.3    not offered
 NPN/SPDY   not offered
 ALPN/HTTP2 not offered

 Testing cipher categories 

 NULL ciphers (no encryption)                  not offered (OK)
 Anonymous NULL Ciphers (no authentication)    not offered (OK)
 Export ciphers (w/o ADH+NULL)                 not offered (OK)
 LOW: 64 Bit + DES, RC[2,4] (w/o export)       offered (NOT ok)
 Triple DES Ciphers / IDEA                     offered (NOT ok)
 Average: SEED + 128+256 Bit CBC ciphers       offered
 Strong encryption (AEAD ciphers)              offered (OK)

 Testing robust (perfect) forward secrecy, (P)FS -- omitting Null Authentication/Encryption, 3DES, RC4 

 PFS is offered (OK)          ./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA DHE-RSA-AES256-GCM-SHA384 
                              DHE-RSA-AES256-SHA256 DHE-RSA-AES256-SHA DHE-RSA-CAMELLIA256-SHA ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 
                              ECDHE-RSA-AES128-SHA DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-SHA256 DHE-RSA-AES128-SHA DHE-RSA-SEED-SHA 
                              DHE-RSA-CAMELLIA128-SHA 
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
 Elliptic curves offered:     sect283k1 sect283r1 sect409k1 sect409r1 sect571k1 sect571r1 secp256k1 prime256v1 secp384r1 secp521r1 brainpoolP256r1 
                              brainpoolP384r1 brainpoolP512r1 
 DH group offered:            Unknown DH group (1024 bits)

 Testing server preferences 

 Has server cipher order?     ./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
nope (NOT ok)
 Negotiated protocol          TLSv1.2
 Negotiated cipher            ECDHE-RSA-RC4-SHA, 570 bit ECDH (B-571) -- inconclusive test, matching cipher in list missing, better see below
 Negotiated cipher per proto  (matching cipher in list missing)
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1278: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
./testssl.sh: line 6941: warning: command substitution: ignored null byte in input
./testssl.sh: line 1278: warning: command substitution: ignored null byte in input
./testssl.sh: line 1265: warning: command substitution: ignored null byte in input
     ECDHE-RSA-AES256-SHA:          TLSv1, TLSv1.1
     ECDHE-RSA-AES256-GCM-SHA384:   TLSv1.2
 No further cipher order check has been done as order is determined by the client

./testssl.sh: line 6941: warning: command substitution: ignored null byte in input

bknowles commented 5 years ago

So, using --ssl-native, the connection gets errors when looking at the TLS 1, TLS 1.1, and TLS 1.2 connection strings, but without --ssl-native, and using your bundled SSL library at least those parts are parsed okay.

bknowles commented 5 years ago

If you guys can give me some clues on how I would determine whether or not the certificate has null characters in it somewhere, I'll be happy to look at that.

But in any event, it sounds like maybe the output from s_client should be post-processed to remove nulls, and before trying to parse those results with bash?

dcooper16 commented 5 years ago

Hi @bknowles,

I would suggest trying the following test:

testssl.sh --protocols --ssl-native --debug 1 <hostname>

When testssl.sh is done, you should see a line that looks like:

DEBUG (level 1): see files in /tmp/testssl.xxxxxx

In the directory that it mentions will be some of the files that were created during the test, including the ones that seem to be causing problems. For example, \<IP address>.run_prototest_openssl-tls1.txt, where \<IP address> is the IP address of your server. Try looking at that file for a null character. You might try:

hexdump -C  <IP address>.run_prototest_openssl-tls1.txt | grep --color -A 4 -B 4 " 00 "

Some of the things grep finds may be "false positives" (i.e., the string " 00 " appearing the plain text on the right), but this should make it relatively easy to find the null character in the file. Then print the file in plain text (more <IP address>.run_prototest_openssl-tls1.txt) and look for the text that contained the null character.

bknowles commented 5 years ago

So, the irony here is that 2.9.5 and 2.9dev don't have this error, when running the exact same tests against the same targets.

So, it seems to me that there may have been some sort of regression between 2.9dev and 3.0.

I'll still try to help debug what's going on, and why.

drwetter commented 5 years ago

@bknowles : see David's comment.

The problem I spotted before but which had only two hiccups when testing was easily detectable by bin/openssl.Linux.x86_64 s_client -tls1_2 -connect google.com:443 -servername google.com </dev/null. The were some non-printable chars. Tthis is not anymore the case though.

Please open a new issue once you have more information for us.

bknowles commented 5 years ago

Okay, I opened a new ticket at https://github.com/drwetter/testssl.sh/issues/1292

drwetter / testssl.sh

Shell warnings during Heartbleed and CCS tests @ OSX? #352