Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2026-04-15 07:23:32 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #3019 from dcooper16/ossl4_ocsp_32

Browse Source 
OpenSSL 4 compatibility for stapled OCSP responses
This commit is contained in:
Dirk Wetter
2026-04-13 09:37:46 +02:00
committed by GitHub
parent afcdab9f9a 81afe6cac3
commit 2f69d24ca0
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
testssl.sh
View File

@@ -10002,7 +10002,7 @@ certificate_info() {
out "$indent"; pr_bold " OCSP stapling " out "$indent"; pr_bold " OCSP stapling "
jsonID="OCSP_stapling" jsonID="OCSP_stapling"
if grep -a "OCSP response" <<< "$ocsp_response" | grep -q "no response sent" ; then if grep -a "OCSP response" <<< "$ocsp_response" | grep -Eq "no response[s]? sent" ; then
if [[ -n "$ocsp_uri" ]]; then if [[ -n "$ocsp_uri" ]]; then
pr_svrty_low "not offered" pr_svrty_low "not offered"
fileout "${jsonID}${json_postfix}" "LOW" "not offered" fileout "${jsonID}${json_postfix}" "LOW" "not offered"
@@ -10418,10 +10418,10 @@ run_server_defaults() {
# response so that certificate_info() can determine # response so that certificate_info() can determine
# whether it includes a certificate transparency extension. # whether it includes a certificate transparency extension.
ocsp_response_binary[certs_found]="$STAPLED_OCSP_RESPONSE" ocsp_response_binary[certs_found]="$STAPLED_OCSP_RESPONSE"
if grep -a "OCSP response:" $TMPFILE | grep -q "no response sent"; then if grep -aE "OCSP response[s]?:" $TMPFILE | grep -Eq "no response[s]? sent"; then
ocsp_response[certs_found]="$(grep -a "OCSP response" $TMPFILE)" ocsp_response[certs_found]="$(grep -a "OCSP response" $TMPFILE)"
else else
ocsp_response[certs_found]="$(awk -v n=2 '/OCSP response:/ {start=1; inc=2} /======================================/ { if (start) {inc--} } inc' $TMPFILE)" ocsp_response[certs_found]="$(awk -v n=2 '/OCSP response[s]?:/ {start=1; inc=2} /======================================/ { if (start) {inc--} } inc' $TMPFILE)"
fi fi
ocsp_response_status[certs_found]=$(grep -a "OCSP Response Status" $TMPFILE) ocsp_response_status[certs_found]=$(grep -a "OCSP Response Status" $TMPFILE)
previous_hostcert[certs_found]=$newhostcert previous_hostcert[certs_found]=$newhostcert