Implement --negotiate-freely to address server renegotiation requests / "no renegotiation" error #334
Conversation
Merge master into fork
Merge back into master
Sync master
Sync with upstream master
Feature/tls1.3
…egotiation" error
|
Also- ughh, I'm sorry the commits are so messy, I must have done some unusual merging to get my fork up to date |
|
I have some high level data on how common this configuration is and where it tends to exist, for those interested Based on the input I have, most of the sites with this renegotiation behavior are in Azure
I see a very small handful of hosts that do not have Azure names or are not in Azure,, but the majority are It's a relatively small number of hosts in my scope, only about a half a percent across ~75k endpoints |
Co-authored-by: erik <fake@not.real> zmap#329
|
@dadrian @zakird sorry to be persistent, just a nudge for this one More than any of the other things I've sent along, I think this feature is critical in for comprehensive coverage with the Thanks as always for your patience and consideration with PRs :) EDIT: I can fix the merge conflicts, just looking for a yay/nay on whether you would accept this |
|
Sorry for the delay. Do feel free to @ me on general, it's more likely I'll notice. This seems like a reasonable idea. I can do a review once merge cleanup is fixed, please @ me again. |
Terrific, thanks! I generally hesitate to poke people but I will keep this in mind for issues like this |
|
I'm closing this but will reenter a new one, I got all mixed up with the changes to the heartbleed option ... |
This is driven by zmap#378, zmap/zcrypto#364 and zmap#334 This allows a number of scans to actually succeed, rather than fail out when parsing the certificate Example without permissive parsing: ``` echo FAILING_IP | ./zgrab2 http -p 443 --use-https INFO[0000] started grab at 2023-09-21T21:25:29-05:00 {"ip":"FAILING_IP","data":{"http":{"status":"unknown-error","protocol":"http","result":{},"timestamp":"2023-09-21T21:25:29-05:00","error":"tls: failed to parse certificate from server: asn1: structure error: explicitly tagged member didn't match"}}} INFO[0001] finished grab at 2023-09-21T21:25:29-05:00 {"statuses":{"http":{"successes":0,"failures":1}},"start":"2023-09-21T21:25:29-05:00","end":"2023-09-21T21:25:29-05:00","duration":"987.606886ms"} ``` With Permissive parsing: ``` echo FAILING_IP | ./zgrab2 http -p 443 --use-https --permissive-parsing INFO[0000] started grab at 2023-09-21T21:25:34-05:00 {"ip":"FAILING_UP","data":{"http":{"status":"application-error","protocol":"http","result":{"response":{"status_line":"302 Found","status_code":302,"protocol":{"name":"HTTP/1.1","major":1,"minor":1},"headers":{"content_length":["0"], ... all the HTTP and TLS handshake log data ```
* Add permissive parsing TLS option This is driven by #378, zmap/zcrypto#364 and #334 This allows a number of scans to actually succeed, rather than fail out when parsing the certificate Example without permissive parsing: ``` echo FAILING_IP | ./zgrab2 http -p 443 --use-https INFO[0000] started grab at 2023-09-21T21:25:29-05:00 {"ip":"FAILING_IP","data":{"http":{"status":"unknown-error","protocol":"http","result":{},"timestamp":"2023-09-21T21:25:29-05:00","error":"tls: failed to parse certificate from server: asn1: structure error: explicitly tagged member didn't match"}}} INFO[0001] finished grab at 2023-09-21T21:25:29-05:00 {"statuses":{"http":{"successes":0,"failures":1}},"start":"2023-09-21T21:25:29-05:00","end":"2023-09-21T21:25:29-05:00","duration":"987.606886ms"} ``` With Permissive parsing: ``` echo FAILING_IP | ./zgrab2 http -p 443 --use-https --permissive-parsing INFO[0000] started grab at 2023-09-21T21:25:34-05:00 {"ip":"FAILING_UP","data":{"http":{"status":"application-error","protocol":"http","result":{"response":{"status_line":"302 Found","status_code":302,"protocol":{"name":"HTTP/1.1","major":1,"minor":1},"headers":{"content_length":["0"], ... all the HTTP and TLS handshake log data ``` * Make permissive parsing the default/no option
Feature as requested in #252, which is required for some endpoints. Without this, negotiation fails with:
How to Test
To reproduce a failure, you'll need to find an endpoint that has the behavior of requesting a renegotiation during the handshake. I have an example here that I found by grepping for "tls: no renegotiation" in a sample dataset I had handy:
With the patch applied, and with the
--renegotiate-freelyflag, it works as expected:Notes & Caveats
I think it may be best to remove the flag and make this a default setting rather than a flag. There may be potential security concerns by allowing unlimited renegotiation requests, but the goal of zgrab2 (and zcrypto) is to be as compatible as possible, not to negotiate unbreakable TLS sessions, obviously :)
In addition, I'll add that there are three settings for this behavior in golang tls- disallow, allow once, or allow freely- as many times as the server requests. I think it's best to either allow it as many times as the server wants or not at all
Issue Tracking
#252