From 01489b9ca1a3bc1ee04d69dda5971d016c01c5c0 Mon Sep 17 00:00:00 2001
From: Dirk <dirk@testssl.sh>
Date: Mon, 24 Apr 2017 09:25:23 +0200
Subject: [PATCH] special treatment for empty serverhello for ticketbleed

---
 testssl.sh | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/testssl.sh b/testssl.sh
index e2372c1..fe66255 100755
--- a/testssl.sh
+++ b/testssl.sh
@@ -9234,10 +9234,15 @@ run_ticketbleed() {
           pr_done_best "not vulnerable (OK)"
           fileout "ticketbleed" "OK" "Ticketbleed: not vulnerable" "$cve" "$cwe"
      else
-          ret=1
-          pr_warning "test failed "
-          out "around line $LINENO (debug info: ${tls_hello_ascii:0:2}, ${tls_hello_ascii:2:10})"
-          fileout "ticketbleed" "WARN" "Ticketbleed: test failed, around $LINENO (debug info: ${tls_hello_ascii:0:2}, ${tls_hello_ascii:2:10})" "$cve" "$cwe"
+          ret=7
+          pr_warning "test failed"
+          if [[  -z "${tls_hello_ascii:0:2}" ]]; then
+               out ": reply empty"
+               fileout "ticketbleed" "WARN" "Ticketbleed: test failed with empty ServerHello" "$cve" "$cwe"
+          else
+               out " around line $LINENO (debug info: ${tls_hello_ascii:0:2}, ${tls_hello_ascii:2:10})"
+               fileout "ticketbleed" "WARN" "Ticketbleed: test failed, around $LINENO (debug info: ${tls_hello_ascii:0:2}, ${tls_hello_ascii:2:10})" "$cve" "$cwe"
+          fi
      fi
      outln