Show that we need socat for this check

but still do a soft fail here, also no warning, as we do not expect
to have everybody have socat installed
This commit is contained in:
Dirk Wetter 2020-08-31 18:29:59 +02:00
parent 7f4cf42ff4
commit 1912230173

View File

@ -17809,16 +17809,6 @@ run_starttls_injection() {
[[ -z "$STARTTLS" ]] && return 0 [[ -z "$STARTTLS" ]] && return 0
if [[ -z "$SOCAT" ]]; then
fileout "$jsonID" "WARN" "Need socat for this" "$cve" "$cwe" "$hint"
debugme1 echo "Need socat for this check"
return 1
fi
if [[ -z "$HAS_UDS2" ]] && [[ -z "$HAS_UDS" ]]; then
fileout "$jsonID" "WARN" "Need OpenSSL with Unix-domain socket s_client support for this check" "$cve" "$cwe" "$hint"
debugme1 echo "Need an OpenSSL with Unix-domain socket s_client support for this check"
return 1
fi
if [[ $VULN_COUNT -le $VULN_THRESHLD ]]; then if [[ $VULN_COUNT -le $VULN_THRESHLD ]]; then
outln outln
pr_headlineln " Checking for STARTTLS injection " pr_headlineln " Checking for STARTTLS injection "
@ -17826,6 +17816,18 @@ run_starttls_injection() {
fi fi
pr_bold " STARTTLS injection" ; out " (experimental) " pr_bold " STARTTLS injection" ; out " (experimental) "
# We'll do a soft fail here, also no warning, as I do not expect to have everybody have socat installed
if [[ -z "$SOCAT" ]]; then
fileout "$jsonID" "WARN" "Need socat for this" "$cve" "$cwe" "$hint"
outln "Need socat for this check"
return 1
fi
if [[ -z "$HAS_UDS2" ]] && [[ -z "$HAS_UDS" ]]; then
fileout "$jsonID" "WARN" "Need OpenSSL with Unix-domain socket s_client support for this check" "$cve" "$cwe" "$hint"
outln "Need an OpenSSL with Unix-domain socket s_client support for this check"
return 1
fi
case $SERVICE in case $SERVICE in
smtp) fd_socket 5 "EHLO google.com" smtp) fd_socket 5 "EHLO google.com"
;; ;;