Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-10-30 21:35:26 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1044 from dcooper16/only_show_supported_ciphers

Browse Source 
Only list supported ciphers
This commit is contained in:
Dirk Wetter
2018-10-15 09:08:27 +02:00
committed by GitHub
parent 2a27416fd7 92f9134c4c
commit 1821204d6e
1 changed files with 6 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
testssl.sh
View File

@@ -5728,9 +5728,10 @@ run_server_preference() {
fi fi
$OPENSSL s_client $(s_client_options "$STARTTLS -cipher $list_fwd -ciphersuites $tls13_list_fwd $BUGS -connect $NODEIP:$PORT $PROXY $addcmd") </dev/null 2>$ERRFILE >$TMPFILE $OPENSSL s_client $(s_client_options "$STARTTLS -cipher $list_fwd -ciphersuites $tls13_list_fwd $BUGS -connect $NODEIP:$PORT $PROXY $addcmd") </dev/null 2>$ERRFILE >$TMPFILE
if ! sclient_connect_successful $? $TMPFILE && [[ -z "$STARTTLS_PROTOCOL" ]]; then if ! sclient_connect_successful $? $TMPFILE && [[ -z "$STARTTLS_PROTOCOL" ]]; then
list_fwd="$(actually_supported_ciphers $list_fwd $tls13_list_fwd '-tls1')"
pr_warning "no matching cipher in this list found (pls report this): " pr_warning "no matching cipher in this list found (pls report this): "
outln "$list_fwd:$tls13_list_fwd . " outln "$list_fwd . "
fileout "$jsonID" "WARN" "Could not determine server cipher order, no matching cipher in list found (pls report this): $list_fwd:$tls13_list_fwd" fileout "$jsonID" "WARN" "Could not determine server cipher order, no matching cipher in list found (pls report this): $list_fwd"
tmpfile_handle ${FUNCNAME[0]}.txt tmpfile_handle ${FUNCNAME[0]}.txt
return 1 return 1
# we assume the problem is with testing here but it could be also the server side # we assume the problem is with testing here but it could be also the server side
@@ -5742,9 +5743,10 @@ run_server_preference() {
[[ ! "$STARTTLS_OPTIMAL_PROTO" =~ ssl ]] && addcmd2="$SNI" [[ ! "$STARTTLS_OPTIMAL_PROTO" =~ ssl ]] && addcmd2="$SNI"
$OPENSSL s_client $(s_client_options "$STARTTLS $STARTTLS_OPTIMAL_PROTO -cipher $list_fwd -ciphersuites $tls13_list_fwd $BUGS -connect $NODEIP:$PORT $PROXY $addcmd2") </dev/null 2>$ERRFILE >$TMPFILE $OPENSSL s_client $(s_client_options "$STARTTLS $STARTTLS_OPTIMAL_PROTO -cipher $list_fwd -ciphersuites $tls13_list_fwd $BUGS -connect $NODEIP:$PORT $PROXY $addcmd2") </dev/null 2>$ERRFILE >$TMPFILE
if ! sclient_connect_successful $? $TMPFILE; then if ! sclient_connect_successful $? $TMPFILE; then
list_fwd="$(actually_supported_ciphers $list_fwd $tls13_list_fwd '-tls1')"
pr_warning "no matching cipher in this list found (pls report this): " pr_warning "no matching cipher in this list found (pls report this): "
outln "$list_fwd:$tls13_list_fwd . " outln "$list_fwd . "
fileout "$jsonID" "WARN" "Could not determine cipher order, no matching cipher in list found (pls report this): $list_fwd:$tls13_list_fwd" fileout "$jsonID" "WARN" "Could not determine cipher order, no matching cipher in list found (pls report this): $list_fwd"
tmpfile_handle ${FUNCNAME[0]}.txt tmpfile_handle ${FUNCNAME[0]}.txt
return 1 return 1
fi fi