mirror of
https://github.com/drwetter/testssl.sh.git
synced 2024-12-31 22:09:44 +01:00
* misleading warning for DH bits for Negotiated cipher omitted if no DH or EC and OPENSSL <= 1.0.1
This commit is contained in:
parent
32325d0643
commit
2e40c2bde6
16
testssl.sh
16
testssl.sh
@ -1383,12 +1383,6 @@ read_dhbits_from_file() {
|
||||
local add=""
|
||||
local old_fart=" (openssl is too old to show DH bits)"
|
||||
|
||||
if ! $HAS_DH_BITS; then
|
||||
if [[ -z "$2" ]]; then
|
||||
pr_litemagenta "$old_fart"
|
||||
fi
|
||||
return 0
|
||||
fi
|
||||
bits=$(awk -F': ' '/^Server Temp Key/ { print $2 }' "$1") # extract line
|
||||
bits=$(echo $bits | sed -e 's/, P-...//' -e 's/,//g' -e 's/bits//' -e 's/ //g') # now: ??DH [number] K??
|
||||
what_dh=$(echo $bits | tr -d '[0-9]')
|
||||
@ -1396,6 +1390,14 @@ read_dhbits_from_file() {
|
||||
|
||||
debugme echo ">$what_dh|$bits<"
|
||||
|
||||
if ! $HAS_DH_BITS && [[ -z "what_dh" ]]; then
|
||||
if [[ -z "$2" ]]; then
|
||||
pr_litemagenta "$old_fart"
|
||||
fi
|
||||
return 0
|
||||
fi
|
||||
|
||||
|
||||
[[ -n "$bits" ]] && [[ -z "$2" ]] && out ", "
|
||||
if [[ $what_dh == "DH" ]] || [[ $what_dh == "EDH" ]] ; then
|
||||
[[ -z "$2" ]] && add="bit DH"
|
||||
@ -4439,4 +4441,4 @@ fi
|
||||
exit $ret
|
||||
|
||||
|
||||
# $Id: testssl.sh,v 1.312 2015/07/14 15:13:57 dirkw Exp $
|
||||
# $Id: testssl.sh,v 1.313 2015/07/14 17:58:03 dirkw Exp $
|
||||
|
Loading…
Reference in New Issue
Block a user