mirror of
https://github.com/drwetter/testssl.sh.git
synced 2024-12-31 22:09:44 +01:00
commit
3514c9d98d
@ -569,7 +569,7 @@ html_reserved(){
|
||||
}
|
||||
|
||||
html_out() {
|
||||
"$do_html" || return
|
||||
"$do_html" || return 0
|
||||
[[ -n "$HTMLFILE" ]] && [[ ! -d "$HTMLFILE" ]] && printf -- "%b" "${1//%/%%}" >> "$HTMLFILE"
|
||||
# here and other printf's: a little bit of sanitzing with bash internal search&replace -- otherwise printf will hiccup at '%'. '--' and %b do the rest.
|
||||
}
|
||||
@ -1777,7 +1777,7 @@ run_hpkp() {
|
||||
hpkp_ca="$($OPENSSL x509 -in $HOSTCERT -issuer -noout|sed 's/^.*CN=//' | sed 's/\/.*$//')"
|
||||
|
||||
# Get keys/hashes from intermediate certificates
|
||||
$OPENSSL s_client -showcerts $STARTTLS $BUGS $PROXY -showcerts -connect $NODEIP:$PORT ${sni[i]} </dev/null >$TMPFILE 2>$ERRFILE
|
||||
$OPENSSL s_client $STARTTLS $BUGS $PROXY -showcerts -connect $NODEIP:$PORT ${sni[i]} </dev/null >$TMPFILE 2>$ERRFILE
|
||||
# Place the server's certificate in $HOSTCERT and any intermediate
|
||||
# certificates that were provided in $TEMPDIR/intermediatecerts.pem
|
||||
# http://backreference.org/2010/05/09/ocsp-verification-with-openssl/
|
||||
@ -5228,7 +5228,7 @@ get_server_certificate() {
|
||||
# this all needs to be moved into determine_tls_extensions()
|
||||
>$TEMPDIR/tlsext.txt
|
||||
# first shot w/o any protocol, then in turn we collect all extensions
|
||||
$OPENSSL s_client $STARTTLS $BUGS $1 -showcerts -connect $NODEIP:$PORT $PROXY $addcmd -tlsextdebug -status </dev/null 2>$ERRFILE >$TMPFILE
|
||||
$OPENSSL s_client $STARTTLS $BUGS $1 -showcerts -connect $NODEIP:$PORT $PROXY $SNI -tlsextdebug -status </dev/null 2>$ERRFILE >$TMPFILE
|
||||
sclient_connect_successful $? $TMPFILE && grep -a 'TLS server extension' $TMPFILE >$TEMPDIR/tlsext.txt
|
||||
for proto in $protocols_to_try; do
|
||||
# we could know here which protcols are supported
|
||||
|
Loading…
Reference in New Issue
Block a user