run_hpkp() bug fix

In `run_hpkp()` there is a call to `$OPENSSL s_client` that uses `${sni[i]}` as one of the command line options, but `sni` is not defined. My guess is that this was a copy/paste error from `run_client_simulation()`, which is the only function where an `sni` array is defined. I am guessing that the intention was to use `$SNI` in `run_hpkp()`.
2025-01-19 15:09:30 +01:00 · 2017-07-03 14:28:21 -04:00 · 2017-07-03 14:28:21 -04:00 · 26ec80e764
commit 26ec80e764
parent 7aaadf731c
1 changed files with 1 additions and 1 deletions
--- a/testssl.sh
+++ b/testssl.sh
@ -1725,7 +1725,7 @@ run_hpkp() {
          hpkp_ca="$($OPENSSL x509 -in $HOSTCERT -issuer -noout|sed 's/^.*CN=//' | sed 's/\/.*$//')"

          # Get keys/hashes from intermediate certificates
-          $OPENSSL s_client $STARTTLS $BUGS $PROXY -showcerts -connect $NODEIP:$PORT ${sni[i]}  </dev/null >$TMPFILE 2>$ERRFILE
+          $OPENSSL s_client $STARTTLS $BUGS $PROXY -showcerts -connect $NODEIP:$PORT $SNI  </dev/null >$TMPFILE 2>$ERRFILE
          # Place the server's certificate in $HOSTCERT and any intermediate
          # certificates that were provided in $TEMPDIR/intermediatecerts.pem
          # http://backreference.org/2010/05/09/ocsp-verification-with-openssl/