3

How to check TLS version intolerance on a terminal for a remote website?

Using openssl or without it!

schroeder
  • 123,438
  • 55
  • 284
  • 319
Aghori
  • 33
  • 5
  • I don't know of a way to do this on a terminal. But this post here might be interesting to you: LWN.net, Hanno Böck, 2016-09-28, [*The trouble with new TLS version numbers*](https://lwn.net/Articles/701956/) -- They mention the SSL-Labs web site and the "testssl.sh" command line utility. – StackzOfZtuff Mar 16 '18 at 14:22

3 Answers3

1

If you can install python and scapy you can use the tolerantls command-line utility to check for TLS version intolerance.

Usage is quite straight-forward, e.g.:

$ tolerantls.py --host example.com [*] Testing TLS version intolerance against example.com:443 [+] Server is not intolerant - it downgraded the client request and proposed to use TLS_1_2

llmora
  • 336
  • 1
  • 3
0

I found Mozilla's Cipherscan a great tool for this and other TLS related testing.
All you need to do is

It output information related to cihersuite, ordering, OCSP stapling, etc.
The related sample output for TLS intolerance looks like below :

Intolerance to:
SSL 3.254           : absent
TLS 1.0             : PRESENT
TLS 1.1             : PRESENT
TLS 1.2             : absent
TLS 1.3             : absent
TLS 1.4             : absent
-2

You can do this as you suggested with OpenSSL by selectively removing supported TLS version:

openssl s_client -connect google.com:443 -no_tls1_2 -no_tls1_1 -no_tls1

This example will deactivate TLS versions: 1.2/1.1/1.0. Leaving only the choice of ssl3 and ssl2. It also fails because the server doesn't support neither of the remaining choices.

List of options from the manual:

  • -no-tls1_2
  • -no-tls1_1
  • -no-tls1
  • -no-ssl3
  • -no-ssl2
Patrick Mevzek
  • 1,748
  • 2
  • 10
  • 23
tehmoon
  • 237
  • 2
  • 6
  • 2
    That's not really TLS version intolerance. This is checking if the server supports specific existing versions or not. TLS version tolerance means that the server can properly deal with TLS versions in the ClientHello which the server is not aware of, i.e. things which don't exist like TLS 1.98 or similar. It might help to read the question the OP has linked to which explained what is meant. – Steffen Ullrich Mar 16 '18 at 19:20
  • 1
    True, this method won't ever test non existing version. So it might be more for `version tolerance` than `version intolerance` like you stated. Apologies. – tehmoon Mar 16 '18 at 20:00
  • Thanks for this active discussion. I am looking for server response for tls versions which don't exist i.e. True intolerance ! With openssl we can not forge predefined versions as it give command arguments error. – Aghori Mar 17 '18 at 06:03