Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-01-06 00:39:44 +01:00
Code Issues Packages Projects Releases Wiki Activity

--connect-timeout finalized

Browse Source 
* openssl timeout tested
* one openssl related error message fixed when timeout is used (timeout was included)
This commit is contained in:
Dirk 2019-12-10 21:02:32 +01:00
parent 3fdb5617db
commit 055a2e9bb4
1 changed files with 4 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
testssl.sh
View File

@ -16846,8 +16846,8 @@ find_openssl_binary() {
[[ "$(echo -e "\x78\x9C\xAB\xCA\xC9\x4C\xE2\x02\x00\x06\x20\x01\xBC" | $OPENSSL zlib -d 2>/dev/null)" == zlib ]] && HAS_ZLIB=true [[ "$(echo -e "\x78\x9C\xAB\xCA\xC9\x4C\xE2\x02\x00\x06\x20\x01\xBC" | $OPENSSL zlib -d 2>/dev/null)" == zlib ]] && HAS_ZLIB=true
if [[ -n "$CONNECT_TIMEOUT" ]] || [[ -n "$OPENSSL_TIMEOUT" ]]; then if [[ -n "$CONNECT_TIMEOUT" ]] || [[ -n "$OPENSSL_TIMEOUT" ]]; then
# We don't set a general timeout as other OS might not have "timeout" installed # We don't set a general timeout as we might not have "timeout" installed and we only
# and we only do what is instructed. Thus we check first what the command line params were, # do what is instructed. Thus we check first what the command line params were,
# then we proceed # then we proceed
if type -p timeout >/dev/null 2>&1; then if type -p timeout >/dev/null 2>&1; then
# There are different versions of "timeout". Check whether --preserve-status is supported # There are different versions of "timeout". Check whether --preserve-status is supported
@ -16861,8 +16861,6 @@ find_openssl_binary() {
outln outln
fatal "You specified a connect or openssl timeout but the binary \"timeout\" couldn't be found " $ERR_RESOURCE fatal "You specified a connect or openssl timeout but the binary \"timeout\" couldn't be found " $ERR_RESOURCE
fi fi
# FIXME: santity check for OPENSSL_TIMEOUT
# OPENSSL_TIMEOUT="$TIMEOUT_CMD"
fi fi
if ! "$do_mass_testing"; then if ! "$do_mass_testing"; then
@ -16871,8 +16869,6 @@ find_openssl_binary() {
fi fi
fi fi
# FIXME: manpage
return 0 return 0
} }
@ -17032,7 +17028,7 @@ tuning / connect options (most also can be preset via environment variables):
output options (can also be preset via environment variables): output options (can also be preset via environment variables):
--warnings <batch|off|false> "batch" doesn't ask for a confirmation, "off" or "false" skips connection warnings --warnings <batch|off|false> "batch" doesn't ask for a confirmation, "off" or "false" skips connection warnings
--connect-timeout <seconds> useful to avoid hangers. Max <seconds> to wait for the TCP socket connect to return --connect-timeout <seconds> useful to avoid hangers. Max <seconds> to wait for the TCP socket connect to return
--openssl-timeout <seconds> useful to avoid hangers. <seconds> to wait before openssl connect will be terminated --openssl-timeout <seconds> useful to avoid hangers. Max <seconds> to wait before openssl connect will be terminated
--quiet don't output the banner. By doing this you acknowledge usage terms normally appearing in the banner --quiet don't output the banner. By doing this you acknowledge usage terms normally appearing in the banner
--wide wide output for tests like RC4, BEAST. PFS also with hexcode, kx, strength, RFC name --wide wide output for tests like RC4, BEAST. PFS also with hexcode, kx, strength, RFC name
--show-each for wide outputs: display all ciphers tested -- not only succeeded ones --show-each for wide outputs: display all ciphers tested -- not only succeeded ones
@ -18210,7 +18206,7 @@ determine_optimal_proto() {
[[ $? -ne 0 ]] && exit $ERR_CLUELESS [[ $? -ne 0 ]] && exit $ERR_CLUELESS
MAX_OSSL_FAIL=10 MAX_OSSL_FAIL=10
else else
prln_bold " Your $OPENSSL cannot connect to $NODEIP:$PORT" prln_bold " Your OpenSSL cannot connect to $NODEIP:$PORT"
ignore_no_or_lame " The results might look ok but they could be nonsense. Really proceed ? (\"yes\" to continue)" "yes" ignore_no_or_lame " The results might look ok but they could be nonsense. Really proceed ? (\"yes\" to continue)" "yes"
[[ $? -ne 0 ]] && exit $ERR_CLUELESS [[ $? -ne 0 ]] && exit $ERR_CLUELESS
fi fi