Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-11-04 07:45:27 +01:00
Code Issues Packages Projects Releases Wiki Activity

parse_tls_serverhello(), dh_bits, debug level 2

Browse Source 
Currently, when `$DEBUG` is 2 and the connection is successful, `parse_tls_serverhello()` prints out information about the server's ephermal (EC)DH key, but nothing else. For example:
```
sending client hello... reading server hello...
dh_bits:                ECDH, P-256, 256 bits
sending close_notify...
  (183 lines returned)
```

This commit changes `parse_tls_serverhello()` so that information about dh_bits is only displayed if `$DEBUG` is at least 3, making it the same as for other information about the server's response.

In addition, it indents the printing of the information about dh_bits in order to better align with other information displayed at  this debug level.
This commit is contained in:
David Cooper
2017-08-01 14:49:06 -04:00
committed by GitHub
parent 4536678b82
commit 185a25ac3e
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
testssl.sh
View File

@@ -8388,10 +8388,10 @@ parse_tls_serverhello() {
esac esac
fi fi
if [[ $dh_bits -ne 0 ]] && [[ $named_curve -ne 29 ]] && [[ $named_curve -ne 30 ]]; then if [[ $dh_bits -ne 0 ]] && [[ $named_curve -ne 29 ]] && [[ $named_curve -ne 30 ]]; then
debugme echo "dh_bits: ECDH, $named_curve_str, $dh_bits bits" [[ $DEBUG -ge 3 ]] && echo -e " dh_bits: ECDH, $named_curve_str, $dh_bits bits\n"
echo "Server Temp Key: ECDH, $named_curve_str, $dh_bits bits" >> $TMPFILE echo "Server Temp Key: ECDH, $named_curve_str, $dh_bits bits" >> $TMPFILE
elif [[ $dh_bits -ne 0 ]]; then elif [[ $dh_bits -ne 0 ]]; then
debugme echo "dh_bits: $named_curve_str, $dh_bits bits" [[ $DEBUG -ge 3 ]] && echo -e " dh_bits: $named_curve_str, $dh_bits bits\n"
echo "Server Temp Key: $named_curve_str, $dh_bits bits" >> $TMPFILE echo "Server Temp Key: $named_curve_str, $dh_bits bits" >> $TMPFILE
fi fi
elif [[ $rfc_cipher_suite =~ TLS_DHE_ ]] || [[ $rfc_cipher_suite =~ TLS_DH_anon ]] || \ elif [[ $rfc_cipher_suite =~ TLS_DHE_ ]] || [[ $rfc_cipher_suite =~ TLS_DH_anon ]] || \
@@ -8450,7 +8450,7 @@ parse_tls_serverhello() {
[[ "$ephemeral_param" != "$rfc7919_param" ]] && named_curve_str="" [[ "$ephemeral_param" != "$rfc7919_param" ]] && named_curve_str=""
fi fi
[[ $DEBUG -ge 2 ]] && [[ $dh_bits -ne 0 ]] && echo "dh_bits: DH,$named_curve_str $dh_bits bits" [[ $DEBUG -ge 3 ]] && [[ $dh_bits -ne 0 ]] && echo -e " dh_bits: DH,$named_curve_str $dh_bits bits\n"
[[ $dh_bits -ne 0 ]] && echo "Server Temp Key: DH,$named_curve_str $dh_bits bits" >> $TMPFILE [[ $dh_bits -ne 0 ]] && echo "Server Temp Key: DH,$named_curve_str $dh_bits bits" >> $TMPFILE
fi fi
fi fi