Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Hang on testing non-TLS HTTP port 80 #2366

Open
AndreyMZ opened this issue May 30, 2023 · 10 comments
Open

Hang on testing non-TLS HTTP port 80 #2366

AndreyMZ opened this issue May 30, 2023 · 10 comments
Labels
bug:minor

Comments

@AndreyMZ
Copy link

Before you open an issue please check which version you are running and whether it is the latest in stable / dev branch

> docker run --rm drwetter/testssl.sh:latest -v | grep from
    testssl.sh       3.2rc2 from https://testssl.sh/dev/

Before you open an issue please whether this is a known problem by searching the issues

Couldn't find anything related by the search phrase "server hello empty".

Command line / docker command to reproduce

> docker run --rm drwetter/testssl.sh:latest --debug=2 -- www.example.com:80
We provide our own openssl.cnf file as the one from your system cannot be used

###########################################################
    testssl.sh       3.2rc2 from https://testssl.sh/dev/

      This program is free software. Distribution and
             modification under GPLv2 permitted.
      USAGE w/o ANY WARRANTY. USE IT AT YOUR OWN RISK!

       Please file bugs @ https://testssl.sh/bugs/

###########################################################

 Using "OpenSSL 1.0.2-bad (1.0.2k-dev)" [~183 ciphers]
 on 3794d44175ec:/home/testssl/bin/openssl.Linux.x86_64
 (built: "Sep  1 14:03:44 2022", platform: "linux-x86_64")


www.example.com:80
URL_PATH: /
 Start 2023-05-30 20:16:05                -->> 93.184.216.34:80 (www.example.com) <<--

 Further IP addresses:   2606:2800:220:1:248:1893:25c8:1946
 rDNS (93.184.216.34):   --

sending client hello... sending client hello... reading server hello...
Content type other than alert, handshake, change cipher spec, or application data detected.
  (37 lines returned)

sending client hello... sending client hello... reading server hello...
Content type other than alert, handshake, change cipher spec, or application data detected.
  (37 lines returned)

sending client hello... sending client hello... reading server hello...
Content type other than alert, handshake, change cipher spec, or application data detected.
  (31 lines returned)

sending client hello... sending client hello... reading server hello...
Content type other than alert, handshake, change cipher spec, or application data detected.
  (28 lines returned)

sending client hello... sending client hello... reading server hello...
Content type other than alert, handshake, change cipher spec, or application data detected.

  (133 lines returned)
sending client hello... sending client hello... reading server hello...
Content type other than alert, handshake, change cipher spec, or application data detected.
  (28 lines returned)

sending client hello... sending client hello... reading server hello...
Content type other than alert, handshake, change cipher spec, or application data detected.
  (28 lines returned)

sending client hello... sending client hello... reading server hello...
Content type other than alert, handshake, change cipher spec, or application data detected.
  (28 lines returned)
sending client hello... reading server hello...
server hello empty

Expected behavior

No hang. Terminating with the message like

 93.184.216.34:80 doesn't seem to be a TLS/SSL enabled server

Your system

Official docker image.

Additional context

I haven't experienced such problem if the HTTP port is not standard 80, but e.g. 8080.
@drwetter
Copy link
Owner

drwetter commented Jun 1, 2023

I can't reproduce that

image

@drwetter drwetter closed this as completed Jun 1, 2023
@AndreyMZ
Copy link
Author

AndreyMZ commented Jun 1, 2023

Ok, that means that the problem only appears in some environments, and it is not so easy to reproduce. But why have you closed the issue?

In my environment the execution flow goes to testssl.sh#L12129:

          debugme echo "server hello empty"

In your environment it goes to testssl.sh#L12159:

                    echo "no correct server hello"

The bifurcation is here: testssl.sh#L12127

     if [[ -z "$v2_hello_ascii" ]]; then

It remains to figure out how to reliably direct the execution flow to the first branch.

@drwetter
Copy link
Owner

drwetter commented Jun 2, 2023

Ok, that means that the problem only appears in some environments, and it is not so easy to reproduce

I used the same docker image.

@drwetter drwetter reopened this Jun 2, 2023
@drwetter
Copy link
Owner

drwetter commented Jun 2, 2023

Can you use testssl.sh:80 as a target?

Not sure why the return code indicates "success" when the SSLv2 ServerHello is empty. There maybe a reason, or not.

@AndreyMZ
Copy link
Author

AndreyMZ commented Jun 2, 2023

For me it is consistently reproduced with testssl.sh:80.

Output 
> docker pull drwetter/testssl.sh:latest
latest: Pulling from drwetter/testssl.sh
Digest: sha256:34ab5e68061d3e467b11471af122c9695a8f07277070a6913c083033f7394432
Status: Image is up to date for drwetter/testssl.sh:latest
docker.io/drwetter/testssl.sh:latest

> docker run --rm drwetter/testssl.sh:latest --debug=2 -- testssl.sh:80
We provide our own openssl.cnf file as the one from your system cannot be used

###########################################################
    testssl.sh       3.2rc2 from https://testssl.sh/dev/

      This program is free software. Distribution and
             modification under GPLv2 permitted.
      USAGE w/o ANY WARRANTY. USE IT AT YOUR OWN RISK!

       Please file bugs @ https://testssl.sh/bugs/

###########################################################

 Using "OpenSSL 1.0.2-bad (1.0.2k-dev)" [~183 ciphers]
 on bc363126a0b1:/home/testssl/bin/openssl.Linux.x86_64
 (built: "Sep  1 14:03:44 2022", platform: "linux-x86_64")


testssl.sh:80
URL_PATH: /
 Start 2023-06-02 22:53:15                -->> 81.169.166.184:80 (testssl.sh) <<--

 Further IP addresses:   2a01:238:4308:a920:1000:0:e571:51
 rDNS (81.169.166.184):  --

sending client hello... sending client hello... reading server hello...
Content type other than alert, handshake, change cipher spec, or application data detected.
  (37 lines returned)

sending client hello... sending client hello... reading server hello...
Content type other than alert, handshake, change cipher spec, or application data detected.
  (37 lines returned)

sending client hello... sending client hello... reading server hello...
Content type other than alert, handshake, change cipher spec, or application data detected.
  (31 lines returned)

sending client hello... sending client hello... reading server hello...
Content type other than alert, handshake, change cipher spec, or application data detected.
  (28 lines returned)

sending client hello... sending client hello... reading server hello...
Content type other than alert, handshake, change cipher spec, or application data detected.
  (106 lines returned)

sending client hello... sending client hello... reading server hello...
Content type other than alert, handshake, change cipher spec, or application data detected.
  (28 lines returned)

sending client hello... sending client hello... reading server hello...
Content type other than alert, handshake, change cipher spec, or application data detected.
  (28 lines returned)

sending client hello... sending client hello... reading server hello...
Content type other than alert, handshake, change cipher spec, or application data detected.
  (28 lines returned)
sending client hello... reading server hello...
server hello empty

@drwetter
Copy link
Owner

drwetter commented Jun 5, 2023

Ok, thanks.

Not trying to blame your environment but I am curious what your host and docker version is like?

@AndreyMZ
Copy link
Author

AndreyMZ commented Jun 5, 2023

No problem, here they are.

  • Windows 10 Pro, version 22H2, OS build 19045.2965.
  • Docker Desktop 4.19.0 (106363).
  • Docker version 23.0.5, build bc4487a

@drwetter
Copy link
Owner

drwetter commented Jun 12, 2023
edited

I believe for some reason in sslv2_sockets() your setup ends up with an empty SOCK_REPLY_FILE but I don't get why.

Is that possible for you to pull the container and insert set -x in the beginning of the function and a set +x before close_socket 5, running it against e.g. testssl.sh:80 and and sending me the output?

@AndreyMZ
Copy link
Author

Here it is: output.txt

@drwetter
Copy link
Owner

Sorry for the delay.

Thanks for the feedback! Status was not as enlightening as I hoped: For some reason the data buffer which is being read is empty -- in your case. On Mac and Linux it is not (Linux also tested w docker).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug:minor
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@drwetter @AndreyMZ