-
Notifications
You must be signed in to change notification settings - Fork 2.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
nsock_connect_ssl cannot connect to SSLv2 server #319
Comments
Just wondering, was this issue discovered with the DROWN attack in mind? |
@h4ck3rk3y Was trying to determine if ssl-cert.nse could grab certs from SSLv2-only servers. That question is still open, because I ran into this bug instead. But yes, DROWN prompted the check. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Due to the use of
SSL_set_tlsext_host_name
innsock/src/nsock_core.c
, SSLv2 is precluded when scanning systems by name (as opposed to by IP address) because SSLv2 does not support extensions. SSLv3 also does not support extensions, but is allowed as a fallback. SSLv2 is never allowed as a fallback, so it has to be negotiated correctly from the beginning.Low priority, probably, but we should make every effort to allow Nmap to connect to all SSL/TLS servers. Observations:
SSL_OP_NO_SSLv2
for the case whereSSLv23_client_method
fails because the server doesn't accept SSLv2 handshakes. This currently isn't exercised in cases where there's a hostname available, because of the reason listed above.The text was updated successfully, but these errors were encountered: