Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-01-03 23:39:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

* misleading warning for DH bits for Negotiated cipher omitted if no DH or EC and OPENSSL <= 1.0.1

Browse Source
This commit is contained in:
Dirk 2015-07-14 19:58:04 +02:00
parent 32325d0643
commit 2e40c2bde6
1 changed files with 9 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
testssl.sh
View File

@ -1383,12 +1383,6 @@ read_dhbits_from_file() {
local add="" local add=""
local old_fart=" (openssl is too old to show DH bits)" local old_fart=" (openssl is too old to show DH bits)"
if ! $HAS_DH_BITS; then
if [[ -z "$2" ]]; then
pr_litemagenta "$old_fart"
fi
return 0
fi
bits=$(awk -F': ' '/^Server Temp Key/ { print $2 }' "$1") # extract line bits=$(awk -F': ' '/^Server Temp Key/ { print $2 }' "$1") # extract line
bits=$(echo $bits | sed -e 's/, P-...//' -e 's/,//g' -e 's/bits//' -e 's/ //g') # now: ??DH [number] K?? bits=$(echo $bits | sed -e 's/, P-...//' -e 's/,//g' -e 's/bits//' -e 's/ //g') # now: ??DH [number] K??
what_dh=$(echo $bits | tr -d '[0-9]') what_dh=$(echo $bits | tr -d '[0-9]')
@ -1396,6 +1390,14 @@ read_dhbits_from_file() {
debugme echo ">$what_dh|$bits<" debugme echo ">$what_dh|$bits<"
if ! $HAS_DH_BITS && [[ -z "what_dh" ]]; then
if [[ -z "$2" ]]; then
pr_litemagenta "$old_fart"
fi
return 0
fi
[[ -n "$bits" ]] && [[ -z "$2" ]] && out ", " [[ -n "$bits" ]] && [[ -z "$2" ]] && out ", "
if [[ $what_dh == "DH" ]] || [[ $what_dh == "EDH" ]] ; then if [[ $what_dh == "DH" ]] || [[ $what_dh == "EDH" ]] ; then
[[ -z "$2" ]] && add="bit DH" [[ -z "$2" ]] && add="bit DH"
@ -4439,4 +4441,4 @@ fi
exit $ret exit $ret
# $Id: testssl.sh,v 1.312 2015/07/14 15:13:57 dirkw Exp $ # $Id: testssl.sh,v 1.313 2015/07/14 17:58:03 dirkw Exp $