Try /usr/bin/echo for testing

.. although it seems not an option to include this in prod. RSsee https://github.com/testssl/testssl.sh/issues/2765 Omitting redirecting stderr
2025-09-02 18:18:29 +02:00 · 2025-05-12 10:43:43 +02:00
parent f1daf10c30
commit 0aad0a0fac
1 changed files with 1 additions and 1 deletions
--- a/testssl.sh
+++ b/testssl.sh
@ -17656,7 +17656,7 @@ run_renego() {
               # s_client STDIN too early as the close could come at any time and race with the tear down of s_client.
               # See https://github.com/drwetter/testssl.sh/issues/2590
               # In this case the added iteration is harmless as it will just spin in backgroup
-               for ((i=0; i <= ssl_reneg_attempts; i++ )); do sleep $ssl_reneg_wait; echo R 2>/dev/null; k=0; \
+               for ((i=0; i <= ssl_reneg_attempts; i++ )); do sleep $ssl_reneg_wait; /usr/bin/echo R 2>/dev/null; k=0; \
                   # 0 means client is renegotiating & doesn't return an error --> vuln!
                   # 1 means client tried to renegotiating but the server side errored then. You still see RENEGOTIATING in the output
                   # Exemption from above: server closed the connection but return value was zero