Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-10-30 21:35:26 +01:00
Code Issues Packages Projects Releases Wiki Activity

Reduce redundant code

Browse Source 
Move some checks into functions so that the code doesn't have to be repeated.
This commit is contained in:
David Cooper
2018-05-30 08:55:15 -04:00
parent 998c2aa1f8
commit 02d1071b9c
1 changed files with 7 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
testssl.sh
View File

@@ -1456,6 +1456,7 @@ check_revocation_crl() {
local -i success local -i success
"$PHONE_OUT" || return 0 "$PHONE_OUT" || return 0
[[ -n "$GOOD_CA_BUNDLE" ]] || return 0
scheme="$(tolower "${crl%%://*}")" scheme="$(tolower "${crl%%://*}")"
# The code for obtaining CRLs only supports LDAP, HTTP, and HTTPS URLs. # The code for obtaining CRLs only supports LDAP, HTTP, and HTTPS URLs.
[[ "$scheme" == "http" ]] || [[ "$scheme" == "https" ]] || [[ "$scheme" == "ldap" ]] || return 0 [[ "$scheme" == "http" ]] || [[ "$scheme" == "https" ]] || [[ "$scheme" == "ldap" ]] || return 0
@@ -1520,6 +1521,8 @@ check_revocation_ocsp() {
local host_header="" local host_header=""
"$PHONE_OUT" || return 0 "$PHONE_OUT" || return 0
[[ -n "$GOOD_CA_BUNDLE" ]] || return 0
grep -q "\-\-\-\-\-BEGIN CERTIFICATE\-\-\-\-\-" $TEMPDIR/intermediatecerts.pem || return 0
tmpfile=$TEMPDIR/${NODE}-${NODEIP}.${uri##*\/} || exit $ERR_FCREATE tmpfile=$TEMPDIR/${NODE}-${NODEIP}.${uri##*\/} || exit $ERR_FCREATE
host_header=${uri##http://} host_header=${uri##http://}
host_header=${host_header%%/*} host_header=${host_header%%/*}
@@ -7597,7 +7600,7 @@ certificate_info() {
else else
if [[ $(count_lines "$crl") -eq 1 ]]; then if [[ $(count_lines "$crl") -eq 1 ]]; then
out "$crl" out "$crl"
if [[ "$expfinding" != "expired" ]] && [[ -n "$GOOD_CA_BUNDLE" ]]; then if [[ "$expfinding" != "expired" ]]; then
check_revocation_crl "$crl" "cert_crlRevoked${json_postfix}" check_revocation_crl "$crl" "cert_crlRevoked${json_postfix}"
ret=$((ret +$?)) ret=$((ret +$?))
fi fi
@@ -7611,7 +7614,7 @@ certificate_info() {
out "$spaces" out "$spaces"
fi fi
out "$line" out "$line"
if [[ "$expfinding" != "expired" ]] && [[ -n "$GOOD_CA_BUNDLE" ]]; then if [[ "$expfinding" != "expired" ]]; then
check_revocation_crl "$line" "cert_crlRevoked${json_postfix}" check_revocation_crl "$line" "cert_crlRevoked${json_postfix}"
ret=$((ret +$?)) ret=$((ret +$?))
fi fi
@@ -7630,8 +7633,7 @@ certificate_info() {
else else
if [[ $(count_lines "$ocsp_uri") -eq 1 ]]; then if [[ $(count_lines "$ocsp_uri") -eq 1 ]]; then
out "$ocsp_uri" out "$ocsp_uri"
if [[ "$expfinding" != "expired" ]] && [[ -n "$GOOD_CA_BUNDLE" ]] && \ if [[ "$expfinding" != "expired" ]]; then
grep -q "\-\-\-\-\-BEGIN CERTIFICATE\-\-\-\-\-" $TEMPDIR/intermediatecerts.pem; then
check_revocation_ocsp "$ocsp_uri" "cert_ocspRevoked${json_postfix}" check_revocation_ocsp "$ocsp_uri" "cert_ocspRevoked${json_postfix}"
fi fi
ret=$((ret +$?)) ret=$((ret +$?))
@@ -7645,8 +7647,7 @@ certificate_info() {
out "$spaces" out "$spaces"
fi fi
out "$line" out "$line"
if [[ "$expfinding" != "expired" ]] && [[ -n "$GOOD_CA_BUNDLE" ]] && \ if [[ "$expfinding" != "expired" ]]; then
grep -q "\-\-\-\-\-BEGIN CERTIFICATE\-\-\-\-\-" $TEMPDIR/intermediatecerts.pem; then
check_revocation_ocsp "$line" "cert_ocspRevoked${json_postfix}" check_revocation_ocsp "$line" "cert_ocspRevoked${json_postfix}"
ret=$((ret +$?)) ret=$((ret +$?))
fi fi