mirror of
https://github.com/drwetter/testssl.sh.git
synced 2025-01-07 09:10:57 +01:00
Multiple IP fix and simple not vulnerable printing case recover
- Recover the "not vulnerable" case (no mitigation) printing, cosmetic fix. - With the removing of all s_client invocation other than the main loop one, fix the init of the ERRFILE and TMPFILE: no need to append, no need to remove, inconditionally zap the content before the loop.
This commit is contained in:
parent
7625422976
commit
1aaab67e81
14
testssl.sh
14
testssl.sh
@ -17172,8 +17172,6 @@ run_renego() {
|
|||||||
# We will need $ERRFILE for mitigation detection
|
# We will need $ERRFILE for mitigation detection
|
||||||
if [[ $ERRFILE =~ dev.null ]]; then
|
if [[ $ERRFILE =~ dev.null ]]; then
|
||||||
ERRFILE=$TEMPDIR/errorfile.txt || exit $ERR_FCREATE
|
ERRFILE=$TEMPDIR/errorfile.txt || exit $ERR_FCREATE
|
||||||
# cleanup previous run if any (multiple IP)
|
|
||||||
rm -f $ERRFILE
|
|
||||||
restore_errfile=1
|
restore_errfile=1
|
||||||
else
|
else
|
||||||
restore_errfile=0
|
restore_errfile=0
|
||||||
@ -17190,7 +17188,9 @@ run_renego() {
|
|||||||
# Amount of times tested before breaking is set in SSL_RENEG_ATTEMPTS.
|
# Amount of times tested before breaking is set in SSL_RENEG_ATTEMPTS.
|
||||||
|
|
||||||
# Clear the log to not get the content of previous run before the execution of the new one.
|
# Clear the log to not get the content of previous run before the execution of the new one.
|
||||||
|
# (Used in the loop tests before s_client invocation)
|
||||||
echo -n > $TMPFILE
|
echo -n > $TMPFILE
|
||||||
|
echo -n > $ERRFILE
|
||||||
# RENEGOTIATING wait loop watchdog file
|
# RENEGOTIATING wait loop watchdog file
|
||||||
touch $TEMPDIR/allowed_to_loop
|
touch $TEMPDIR/allowed_to_loop
|
||||||
# If we dont wait for the session to be established on slow server, we will try to re-negotiate
|
# If we dont wait for the session to be established on slow server, we will try to re-negotiate
|
||||||
@ -17211,7 +17211,7 @@ run_renego() {
|
|||||||
&& [[ $k -lt 120 ]]; \
|
&& [[ $k -lt 120 ]]; \
|
||||||
do sleep $ssl_reneg_wait; ((k++)); if (tail -5 $TMPFILE| grep -qa '^closed'); then break; fi; done; \
|
do sleep $ssl_reneg_wait; ((k++)); if (tail -5 $TMPFILE| grep -qa '^closed'); then break; fi; done; \
|
||||||
done) | \
|
done) | \
|
||||||
$OPENSSL_NOTIMEOUT s_client $(s_client_options "$proto $legacycmd $STARTTLS $BUGS -connect $NODEIP:$PORT $PROXY $SNI") >$TMPFILE 2>>$ERRFILE &
|
$OPENSSL_NOTIMEOUT s_client $(s_client_options "$proto $legacycmd $STARTTLS $BUGS -connect $NODEIP:$PORT $PROXY $SNI") >$TMPFILE 2>$ERRFILE &
|
||||||
pid=$!
|
pid=$!
|
||||||
( sleep $((ssl_reneg_attempts*3+3)) && kill $pid && touch $TEMPDIR/was_killed ) >&2 2>/dev/null &
|
( sleep $((ssl_reneg_attempts*3+3)) && kill $pid && touch $TEMPDIR/was_killed ) >&2 2>/dev/null &
|
||||||
watcher=$!
|
watcher=$!
|
||||||
@ -17235,6 +17235,9 @@ run_renego() {
|
|||||||
tmp_result=2
|
tmp_result=2
|
||||||
rm -f $TEMPDIR/was_killed
|
rm -f $TEMPDIR/was_killed
|
||||||
fi
|
fi
|
||||||
|
if [[ $tmp_result -eq 1 ]] && [[ loop_reneg -eq 1 ]]; then
|
||||||
|
tmp_result=3
|
||||||
|
fi
|
||||||
if [[ $SERVICE != HTTP ]]; then
|
if [[ $SERVICE != HTTP ]]; then
|
||||||
# theoric possible case
|
# theoric possible case
|
||||||
if [[ $loop_reneg -eq 2 ]]; then
|
if [[ $loop_reneg -eq 2 ]]; then
|
||||||
@ -17244,7 +17247,7 @@ run_renego() {
|
|||||||
0) pr_svrty_medium "VULNERABLE (NOT ok)"; outln ", potential DoS threat"
|
0) pr_svrty_medium "VULNERABLE (NOT ok)"; outln ", potential DoS threat"
|
||||||
fileout "$jsonID" "MEDIUM" "VULNERABLE, potential DoS threat" "$cve" "$cwe" "$hint"
|
fileout "$jsonID" "MEDIUM" "VULNERABLE, potential DoS threat" "$cve" "$cwe" "$hint"
|
||||||
;;
|
;;
|
||||||
1) prln_svrty_good "not vulnerable (OK)"
|
1|3) prln_svrty_good "not vulnerable (OK)"
|
||||||
fileout "$jsonID" "OK" "not vulnerable" "$cve" "$cwe"
|
fileout "$jsonID" "OK" "not vulnerable" "$cve" "$cwe"
|
||||||
;;
|
;;
|
||||||
2) pr_svrty_good "likely not vulnerable (OK)"; outln ", timed out ($((${ssl_reneg_attempts}*3+3))s)" # it hung
|
2) pr_svrty_good "likely not vulnerable (OK)"; outln ", timed out ($((${ssl_reneg_attempts}*3+3))s)" # it hung
|
||||||
@ -17263,6 +17266,9 @@ run_renego() {
|
|||||||
1) pr_svrty_good "not vulnerable (OK)"; outln " -- mitigated (disconnect after $loop_reneg/$ssl_reneg_attempts attempts)"
|
1) pr_svrty_good "not vulnerable (OK)"; outln " -- mitigated (disconnect after $loop_reneg/$ssl_reneg_attempts attempts)"
|
||||||
fileout "$jsonID" "OK" "not vulnerable, mitigated" "$cve" "$cwe"
|
fileout "$jsonID" "OK" "not vulnerable, mitigated" "$cve" "$cwe"
|
||||||
;;
|
;;
|
||||||
|
3) prln_svrty_good "not vulnerable (OK)"
|
||||||
|
fileout "$jsonID" "OK" "not vulnerable" "$cve" "$cwe"
|
||||||
|
;;
|
||||||
2) pr_svrty_good "not vulnerable (OK)"; \
|
2) pr_svrty_good "not vulnerable (OK)"; \
|
||||||
outln " -- mitigated ($loop_reneg successful reneg within ${ssl_reneg_attempts} in $((${ssl_reneg_attempts}*3+3))s(timeout))"
|
outln " -- mitigated ($loop_reneg successful reneg within ${ssl_reneg_attempts} in $((${ssl_reneg_attempts}*3+3))s(timeout))"
|
||||||
fileout "$jsonID" "OK" "not vulnerable, mitigated" "$cve" "$cwe"
|
fileout "$jsonID" "OK" "not vulnerable, mitigated" "$cve" "$cwe"
|
||||||
|
Loading…
Reference in New Issue
Block a user