Redo PR for Opossum

Fixes #2833

This does a check for the opossum vulnerability, see https://opossum-attack.com/ .

It uses a separate function to send the payload and retrieve the result via `http_header_printf()`.  It doesn't use curl or wget. The latter wouldn't work anyway as according to the manpage as the HTTP header which needs to be sent must not contain LFs.  This function was introduced because `http_get_header()` -- which was renamed to `http_head()` -- could use wget if curl is not available. On the way to this PR `http_head()` was improved, so that timeouts were used for curl and wget for better maturity.

`http_header_printf()` now uses bach sockets , strips the URI so that a plaintext request is made. This will be done in the background because not every host will answer.

Done also:
- handling when PROXY is requested (try anyway directly as the payload is not "proxyable")
- print a message when no HTTP service is present
- try hard to use plaintext HTTP when auth is required for HTTPS and service HTTP would not be defined otherwise
- manpages
- help

Also when pwnedkeys are checked a not pwned certificate is labled not neutral but OK=green.

Author: drwetter

CHANGELOG.md

@@ -5,6 +5,7 @@
 
 * QUIC protocol check
 * bump SSLlabs rating guide to 2009r
+* Check for Opossum vulnerability
 
 ### Features implemented / improvements in 3.2
 

doc/testssl.1

@@ -659,6 +659,9 @@ variable \f[CR]CCS_MAX_WAITSOCK\f[R].
 \f[CR]\-T, \-\-ticketbleed\f[R] Checks for Ticketbleed memory leakage in
 BigIP loadbalancers.
 .PP
+\f[CR]\-\-OP, \-\-opossum\f[R] Checks for HTTP to HTTPS upgrade
+vulnerability named Opossum.
+.PP
 \f[CR]\-\-BB, \-\-robot\f[R] Checks for vulnerability to ROBOT /
 (\f[I]Return Of Bleichenbacher\[cq]s Oracle Threat\f[R]) attack.
 .PP
@@ -1312,6 +1315,8 @@ RFC 2246: The TLS Protocol Version 1.0
 .IP \[bu] 2
 RFC 2595: Using TLS with IMAP, POP3 and ACAP
 .IP \[bu] 2
+RFC 2817: Upgrading to TLS Within HTTP/1.1
+.IP \[bu] 2
 RFC 2818: HTTP Over TLS
 .IP \[bu] 2
 RFC 2830: Lightweight Directory Access Protocol (v3): Extension for

doc/testssl.1.html

@@ -590,6 +590,8 @@ <h3 id="vulnerabilities">VULNERABILITIES</h3>
         <code>CCS_MAX_WAITSOCK</code>.</p>
         <p><code>-T, --ticketbleed</code> Checks for Ticketbleed memory
         leakage in BigIP loadbalancers.</p>
+        <p><code>--OP, --opossum</code> Checks for HTTP to HTTPS upgrade
+        vulnerability named Opossum.</p>
         <p><code>--BB, --robot</code> Checks for vulnerability to ROBOT
         / (<em>Return Of Bleichenbacher’s Oracle Threat</em>)
         attack.</p>
@@ -1131,6 +1133,7 @@ <h2 id="rfcs-and-other-standards">RFCs and other standards</h2>
         <ul>
         <li>RFC 2246: The TLS Protocol Version 1.0</li>
         <li>RFC 2595: Using TLS with IMAP, POP3 and ACAP</li>
+        <li>RFC 2817: Upgrading to TLS Within HTTP/1.1</li>
         <li>RFC 2818: HTTP Over TLS</li>
         <li>RFC 2830: Lightweight Directory Access Protocol (v3):
         Extension for Transport Layer Security</li>

doc/testssl.1.md

@@ -236,9 +236,11 @@ Also for multiple server certificates are being checked for as well as for the c
 
 `-T, --ticketbleed`             Checks for Ticketbleed memory leakage in BigIP loadbalancers.
 
-`--BB, --robot`          Checks for vulnerability to ROBOT / (*Return Of Bleichenbacher's Oracle Threat*) attack.
+`--OP, --opossum`               Checks for HTTP to HTTPS upgrade vulnerability named Opossum.
 
-`--SI, --starttls-injection`          Checks for STARTTLS injection vulnerabilities (SMTP, IMAP, POP3 only). `socat` and OpenSSL >=1.1.0 is needed.
+`--BB, --robot`                 Checks for vulnerability to ROBOT / (*Return Of Bleichenbacher's Oracle Threat*) attack.
+
+`--SI, --starttls-injection`    Checks for STARTTLS injection vulnerabilities (SMTP, IMAP, POP3 only). `socat` and OpenSSL >=1.1.0 is needed.
 
 `-R, --renegotiation`           Tests renegotiation vulnerabilities. Currently there's a check for *Secure Renegotiation* and for *Secure Client-Initiated Renegotiation*. Please be aware that vulnerable servers to the latter can likely be DoSed very easily (HTTP). A check for *Insecure Client-Initiated Renegotiation* is not yet implemented.
 
@@ -490,6 +492,7 @@ Please note that for plain TLS-encrypted ports you must not specify the protocol
 
 * RFC 2246: The TLS Protocol Version 1.0
 * RFC 2595: Using TLS with IMAP, POP3 and ACAP
+* RFC 2817: Upgrading to TLS Within HTTP/1.1
 * RFC 2818: HTTP Over TLS
 * RFC 2830: Lightweight Directory Access Protocol (v3): Extension for Transport Layer Security
 * RFC 3207: SMTP Service Extension for Secure SMTP over Transport Layer Security
@@ -551,7 +554,6 @@ Please note that for plain TLS-encrypted ports you must not specify the protocol
 
 **etc/client-simulation.txt**  contains client simulation data.
 
-
 **etc/cipher-mapping.txt**  provides a mandatory file with mapping from OpenSSL cipher suites names to the ones from IANA / used in the RFCs.
 
 **etc/tls_data.txt**        provides a mandatory file for ciphers (bash sockets) and key material.

t/32_isHTML_valid.t

@@ -48,7 +48,7 @@ $edited_html =~ s/'/'/g;
 
 $diff = diff \$edited_html, \$out;
 
-cmp_ok($edited_html, "eq", $out, "Checking if HTML file matches terminal output") or
+ok($edited_html eq $out, "Checking if HTML file matches terminal output") or
      diag ("\n%s\n", "$diff");
 
 $tests++;
@@ -82,7 +82,7 @@ $debughtml =~ s/.*Using bash .*\n//g;
 
 $diff = diff \$debughtml, \$html;
 
-cmp_ok($debughtml, "eq", $html, "Checking if HTML file created with --debug 4 matches HTML file created without --debug") or
+ok($debughtml eq $html, "Checking if HTML file created with --debug 4 matches HTML file created without --debug") or
      diag ("\n%s\n", "$diff");
 $tests++;
 

t/baseline_data/default_testssl.csvfile

@@ -90,6 +90,7 @@
 "heartbleed","testssl.sh/81.169.166.184","443","OK","not vulnerable, no heartbeat extension","CVE-2014-0160","CWE-119"
 "CCS","testssl.sh/81.169.166.184","443","OK","not vulnerable","CVE-2014-0224","CWE-310"
 "ticketbleed","testssl.sh/81.169.166.184","443","OK","no session ticket extension","CVE-2016-9244","CWE-200"
+"opossum","testssl.sh/81.169.166.184","443","OK","not vulnerable","CVE-2025-49812","CWE-287"
 "ROBOT","testssl.sh/81.169.166.184","443","OK","not vulnerable","CVE-2017-17382 CVE-2017-17427 CVE-2017-17428 CVE-2017-13098 CVE-2017-1000385 CVE-2017-13099 CVE-2016-6883 CVE-2012-5081 CVE-2017-6168","CWE-203"
 "secure_renego","testssl.sh/81.169.166.184","443","OK","supported","","CWE-310"
 "secure_client_renego","testssl.sh/81.169.166.184","443","OK","not vulnerable","CVE-2011-1473","CWE-310"