Add in support for TLSv1.3 to Framework and Rex::Proto::Http::Client

[gwillcox-r7]

Summary

Currently our Rex::Proto::Http::Client only supports SSLv2, SSLv3, TLSv1.0, TLSv1.1, and TLSv1.2. We have no support for TLSv1.3 despite increased use in the wild.

Motivation

Adding support for TLSv1.3 to Rex::Proto::Http::Client will be needed as older versions of TLS start to become deprecated and more and more people move to using more recent versions of TLS. Whilst its likely that TLSv1.2 will still be maintained for some time given its popularity there are speed and security benefits to using TLSv1.3 that may encourage people to switch over, so Metasploit should be able to accommodate sites that make this decision to help support pentesters engaging targets running more recent cryptographic protocols.

[adfoster-r7]

This support comes from OpenSSL

The Rex::Proto::Http::Client can successfully interact with TLS1.3 if the ssl version is set to Auto:

# Run TLS1.3 server
openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 365 -nodes
openssl s_server -key key.pem -cert cert.pem -accept 5000 -www -tls1_3

# Run the scanner module
msf6 auxiliary(scanner/http/title) > run https://192.168.123.128:5000/ httptrace=true sslversion=Auto

####################
# Request:
####################
GET / HTTP/1.1
Host: www.rapid7.com:5000                                                                      
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 12_2_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.81 Safari/537.36                                                           

####################
# Response:
####################
HTTP/1.0 200 ok
Content-type: text/html                                                                        

<HTML><BODY BGCOLOR="#ffffff">                                                                 
<pre>                                                                                          

s_server -key key.pem -cert cert.pem -accept 5000 -www -tls1_3                                 
Secure Renegotiation IS supported                                                              
Ciphers supported in s_server binary                                                           
vvvvvvvvvvvvvvvvvvvvvvvvvv
TLSv1.3    :TLS_AES_256_GCM_SHA384    TLSv1.3    :TLS_CHACHA20_POLY1305_SHA256                 
TLSv1.3    :TLS_AES_128_GCM_SHA256    TLSv1.2    :ECDHE-ECDSA-AES256-GCM-SHA384  
^^^^^^^^^^^^^^^^^^^^^^^^^^              
TLSv1.2    :ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2    :DHE-RSA-AES256-GCM-SHA384                  

... etc ...

</pre></BODY></HTML>                                                                           

[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed

For some reason the Ruby OpenSSL library doesn't seem to include TLSV1.3 in the SSLContext map - which metasploit relies on here; that would require a deeper look into, or a code change in Ruby OpenSSL from what I can see

# https://github.com/ruby/openssl/blob/6182ac07821b3a8c6267ca9c31d3bf3f09485e70/lib/openssl/ssl.rb#L223-L238
>> OpenSSL::SSL::SSLContext::METHODS
=> 
[:SSLv23,
 :SSLv23_client,
 :SSLv23_server,
 :SSLv2,
 :SSLv2_client,
 :SSLv2_server,
 :SSLv3,
 :SSLv3_client,
 :SSLv3_server,
 :TLSv1,
 :TLSv1_client,
 :TLSv1_server,
 :TLSv1_1,
 :TLSv1_1_client,
 :TLSv1_1_server,
 :TLSv1_2,
 :TLSv1_2_client,
 :TLSv1_2_server]

Edit: Looks like METHODS is is part of an older OpenSSL API; I believe we can make changes in framework to create a better list of supported tls/ssl versions

[gwillcox-r7]

Sounds good, and if that method is part of an older API then it might be a good idea to just update it to prevent future issues whilst we are looking at this code.