mirror of
https://github.com/drwetter/testssl.sh.git
synced 2025-01-22 08:29:31 +01:00
Fix #1514
This commit is an attempt to fix #1514. The commit is mostly based on a suggestion at https://unix.stackexchange.com/questions/57940/trap-int-term-exit-really-necessary. Even with that change, it seemed that if testssl.sh were in the middle of executing run_cipher_per_proto() when it received a signal, it would not stop until that function had completed. This seems to have something to do with subshells. Changing the while loop in run_cipher_per_proto() seems to have fixed that issue. So, I also made similar changes to the while loops in prettyprint_local().
This commit is contained in:
parent
dbff4a3706
commit
04e51db402
22
testssl.sh
22
testssl.sh
@ -113,7 +113,8 @@ fi
|
|||||||
|
|
||||||
########### Traps! Make sure that temporary files are cleaned up after use in ANY case
|
########### Traps! Make sure that temporary files are cleaned up after use in ANY case
|
||||||
#
|
#
|
||||||
trap "cleanup" QUIT EXIT
|
trap "cleanup" EXIT
|
||||||
|
trap "sig_cleanup" INT QUIT TERM
|
||||||
trap "child_error" USR1
|
trap "child_error" USR1
|
||||||
|
|
||||||
|
|
||||||
@ -3142,21 +3143,21 @@ prettyprint_local() {
|
|||||||
neat_header
|
neat_header
|
||||||
|
|
||||||
if [[ -z "$1" ]]; then
|
if [[ -z "$1" ]]; then
|
||||||
actually_supported_osslciphers 'ALL:COMPLEMENTOFALL:@STRENGTH' 'ALL' "-V" | while read -r hexcode dash ciph sslvers kx auth enc mac export ; do # -V doesn't work with openssl < 1.0
|
while read -r hexcode dash ciph sslvers kx auth enc mac export ; do
|
||||||
hexc="$(normalize_ciphercode $hexcode)"
|
hexc="$(normalize_ciphercode $hexcode)"
|
||||||
outln "$(neat_list "$hexc" "$ciph" "$kx" "$enc" "$export")"
|
outln "$(neat_list "$hexc" "$ciph" "$kx" "$enc" "$export")"
|
||||||
done
|
done < <(actually_supported_osslciphers 'ALL:COMPLEMENTOFALL:@STRENGTH' 'ALL' "-V") # -V doesn't work with openssl < 1.0
|
||||||
else
|
else
|
||||||
#for arg in $(echo $@ | sed 's/,/ /g'); do
|
#for arg in $(echo $@ | sed 's/,/ /g'); do
|
||||||
for arg in ${*//,/ /}; do
|
for arg in ${*//,/ /}; do
|
||||||
actually_supported_osslciphers 'ALL:COMPLEMENTOFALL:@STRENGTH' 'ALL' "-V" | while read -r hexcode dash ciph sslvers kx auth enc mac export ; do # -V doesn't work with openssl < 1.0
|
while read -r hexcode dash ciph sslvers kx auth enc mac export ; do
|
||||||
hexc="$(normalize_ciphercode $hexcode)"
|
hexc="$(normalize_ciphercode $hexcode)"
|
||||||
# for numbers we don't do word matching:
|
# for numbers we don't do word matching:
|
||||||
[[ $arg =~ $re ]] && \
|
[[ $arg =~ $re ]] && \
|
||||||
line="$(neat_list "$hexc" "$ciph" "$kx" "$enc" "$export" | grep -ai "$arg")" || \
|
line="$(neat_list "$hexc" "$ciph" "$kx" "$enc" "$export" | grep -ai "$arg")" || \
|
||||||
line="$(neat_list "$hexc" "$ciph" "$kx" "$enc" "$export" | grep -wai "$arg")"
|
line="$(neat_list "$hexc" "$ciph" "$kx" "$enc" "$export" | grep -wai "$arg")"
|
||||||
[[ -n "$line" ]] && outln "$line"
|
[[ -n "$line" ]] && outln "$line"
|
||||||
done
|
done < <(actually_supported_osslciphers 'ALL:COMPLEMENTOFALL:@STRENGTH' 'ALL' "-V") # -V doesn't work with openssl < 1.0
|
||||||
done
|
done
|
||||||
fi
|
fi
|
||||||
outln
|
outln
|
||||||
@ -4274,9 +4275,9 @@ run_cipher_per_proto() {
|
|||||||
fi
|
fi
|
||||||
outln
|
outln
|
||||||
neat_header
|
neat_header
|
||||||
echo -e " -ssl2 22 SSLv2\n -ssl3 00 SSLv3\n -tls1 01 TLS 1\n -tls1_1 02 TLS 1.1\n -tls1_2 03 TLS 1.2\n -tls1_3 04 TLS 1.3" | while read proto proto_hex proto_text; do
|
while read proto proto_hex proto_text; do
|
||||||
ciphers_by_strength "$proto" "$proto_hex" "$proto_text" "$using_sockets"
|
ciphers_by_strength "$proto" "$proto_hex" "$proto_text" "$using_sockets"
|
||||||
done
|
done <<< "$(tm_out " -ssl2 22 SSLv2\n -ssl3 00 SSLv3\n -tls1 01 TLS 1\n -tls1_1 02 TLS 1.1\n -tls1_2 03 TLS 1.2\n -tls1_3 04 TLS 1.3")"
|
||||||
return 0
|
return 0
|
||||||
#FIXME: no error condition
|
#FIXME: no error condition
|
||||||
}
|
}
|
||||||
@ -18674,6 +18675,13 @@ cleanup() {
|
|||||||
grep -q xtrace <<< "$SHELLOPTS" && ! "$DEBUG_ALLINONE" && exec 2>&42 42>&-
|
grep -q xtrace <<< "$SHELLOPTS" && ! "$DEBUG_ALLINONE" && exec 2>&42 42>&-
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# see https://unix.stackexchange.com/questions/57940/trap-int-term-exit-really-necessary
|
||||||
|
sig_cleanup() {
|
||||||
|
trap '' EXIT
|
||||||
|
cleanup
|
||||||
|
exit 0
|
||||||
|
}
|
||||||
|
|
||||||
child_error() {
|
child_error() {
|
||||||
cleanup
|
cleanup
|
||||||
exit $ERR_CHILD
|
exit $ERR_CHILD
|
||||||
|
Loading…
Reference in New Issue
Block a user