Improper handling of TLS 1.3 ciphers causes endless loop in analyze.pl

noxxi / p5-ssl-tools

various standalone perl scripts

199 stars 78 forks source link

Improper handling of TLS 1.3 ciphers causes endless loop in analyze.pl #15

Open darren12345 opened 4 years ago

darren12345 commented 4 years ago

Hi. I am running the analyze-ssl.pl script with the --all-ciphers option and it's taking ages. I can see it's doing something in Wireshark but otherwise I would just have been staring at an unresponsive prompt for hours. Even knowing it's doing something doesn't tell me how far there is to go. Some kind of "testing cipher number x out of y" indicator would be most appreicated.

noxxi commented 4 years ago

Please use the existing verbose option (-v|--verbose) if you want to have more output about what it is doing currently.

darren12345 commented 4 years ago

I tried it with verbose too and same result. Perhaps it wasn’t working for me as it ran for hours with no output before I killed it.

noxxi commented 4 years ago

Perhaps it wasn’t working for me as it ran for hours with no output before I killed it.

It is impossible to tell for me what you did based on the current description. Is there any way for me to reproduce your issue?

darren12345 commented 4 years ago

I was just running it against my private server, both with the local IP and the domain name (which then tries the public IP address). I'd prefer not to share the domain name. analyze-ssl.pl --all-ciphers 192.168.10.1

analyze-ssl.pl --all-ciphers www.domainname.com

I get this output, and then nothing, even with the -v option:

+ checking host=domainname.com(192.168.10.1) port=443
+ successful connect with TLSv1_3, cipher=ECDHE-RSA-CHACHA20-POLY1305, sni=domainname.com and no other TLS extensions+ SNI success
+ certificate verify success
+ OCSP stapling: no stapled response
+ all certificates verified

I can see in my WireShark capture a continous loop of attempts to connect with various ciphers, so I'm sure it's doing something, but it doesn't output anything on the command prompt and never seems to finish.

I should probably add I'm running this under WSL on Windows 10 in case it's relevant. Although seems to be the same on Debian Buster.

darren12345 commented 4 years ago

A-ha! I found the -v3 option in the help examples and now I get something. A continous string of this;

* connect with version TLSv1_3 cipher TLS_AES_256_GCM_SHA384
* connect with version TLSv1_3 cipher TLS_AES_256_GCM_SHA384
* connect with version TLSv1_3 cipher TLS_AES_256_GCM_SHA384
* connect with version TLSv1_3 cipher TLS_AES_256_GCM_SHA384
* connect with version TLSv1_3 cipher TLS_AES_256_GCM_SHA384
* connect with version TLSv1_3 cipher TLS_AES_256_GCM_SHA384

So it looks like it's stuck trying the same cipher over and again. Same happens when I point it at google.com so not specific to my server.

noxxi commented 4 years ago

Interesting issue. The real problem is improper handling of TLS 1.3 ciphers.