Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-10-31 05:45:26 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1798 from drwetter/client_always_wide

Browse Source 
Client simulation per default as wide
This commit is contained in:
Dirk Wetter
2020-12-08 23:23:55 +01:00
committed by GitHub
parent f6e2a5c381 d76829cd28
commit 2cb96d4e9e
2 changed files with 22 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGELOG.md
View File

@@ -26,7 +26,8 @@
* Added environment variable for amount of attempts for ssl renegotiation check * Added environment variable for amount of attempts for ssl renegotiation check
* Added --user-agent argument to support using a custom User Agent * Added --user-agent argument to support using a custom User Agent
* Added --overwrite argument to support overwriting output files without warning * Added --overwrite argument to support overwriting output files without warning
* Headerflag X-XSS-Protection is labeled as INFO * Headerflag X-XSS-Protection is now labeled as INFO
* Client simulation runs in wide mode which is even better readable
### Features implemented / improvements in 3.0 ### Features implemented / improvements in 3.0

47
testssl.sh
View File

@@ -4814,21 +4814,19 @@ run_client_simulation() {
outln outln
debugme echo debugme echo
if "$WIDE"; then if [[ "$DISPLAY_CIPHERNAMES" =~ openssl ]]; then
if [[ "$DISPLAY_CIPHERNAMES" =~ openssl ]]; then out " Browser Protocol Cipher Suite Name (OpenSSL) "
out " Browser Protocol Cipher Suite Name (OpenSSL) " ( "$using_sockets" || "$HAS_DH_BITS") && out "Forward Secrecy"
( "$using_sockets" || "$HAS_DH_BITS") && out "Forward Secrecy"
outln
out "--------------------------------------------------------------------------"
else
out " Browser Protocol Cipher Suite Name (IANA/RFC) "
( "$using_sockets" || "$HAS_DH_BITS") && out "Forward Secrecy"
outln
out "------------------------------------------------------------------------------------------"
fi
( "$using_sockets" || "$HAS_DH_BITS") && out "----------------------"
outln outln
out "--------------------------------------------------------------------------"
else
out " Browser Protocol Cipher Suite Name (IANA/RFC) "
( "$using_sockets" || "$HAS_DH_BITS") && out "Forward Secrecy"
outln
out "------------------------------------------------------------------------------------------"
fi fi
( "$using_sockets" || "$HAS_DH_BITS") && out "----------------------"
outln
if ! "$using_sockets"; then if ! "$using_sockets"; then
# We can't use the connectivity checker here as of now the openssl reply is always empty (reason??) # We can't use the connectivity checker here as of now the openssl reply is always empty (reason??)
save_max_ossl_fail=$MAX_OSSL_FAIL save_max_ossl_fail=$MAX_OSSL_FAIL
@@ -4938,27 +4936,23 @@ run_client_simulation() {
cipher="$(openssl2rfc "$cipher")" cipher="$(openssl2rfc "$cipher")"
[[ -z "$cipher" ]] && cipher=$(get_cipher $TMPFILE) [[ -z "$cipher" ]] && cipher=$(get_cipher $TMPFILE)
fi fi
out "$proto " out "$proto "
"$WIDE" && out " "
if [[ "$COLOR" -le 2 ]]; then if [[ "$COLOR" -le 2 ]]; then
out "$cipher" out "$cipher"
else else
pr_cipher_quality "$cipher" pr_cipher_quality "$cipher"
fi fi
if "$WIDE"; then if [[ "$DISPLAY_CIPHERNAMES" =~ openssl ]]; then
if [[ "$DISPLAY_CIPHERNAMES" =~ openssl ]]; then for (( j=${#cipher}; j < 34; j++ )); do
for (( j=${#cipher}; j < 34; j++ )); do out " "
out " " done
done else
else for (( j=${#cipher}; j < 50; j++ )); do
for (( j=${#cipher}; j < 50; j++ )); do out " "
out " " done
done
fi
fi fi
if [[ -n "$what_dh" ]]; then if [[ -n "$what_dh" ]]; then
[[ -n "$curve" ]] && curve="($curve)" [[ -n "$curve" ]] && curve="($curve)"
"$WIDE" || out ", "
if [[ "$what_dh" == ECDH ]]; then if [[ "$what_dh" == ECDH ]]; then
pr_ecdh_quality "$bits" "$(printf -- "%-12s" "$bits bit $what_dh") $curve" pr_ecdh_quality "$bits" "$(printf -- "%-12s" "$bits bit $what_dh") $curve"
else else
@@ -4966,7 +4960,6 @@ run_client_simulation() {
fi fi
else else
if "$HAS_DH_BITS" || ( "$using_sockets" && [[ -n "${handshakebytes[i]}" ]] ); then if "$HAS_DH_BITS" || ( "$using_sockets" && [[ -n "${handshakebytes[i]}" ]] ); then
"$WIDE" || out ", "
out "No FS" out "No FS"
fi fi
fi fi