Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-01-31 04:41:15 +01:00
Code Issues Packages Projects Releases Wiki Activity

Address complaint by Travis

Browse Source 
Despite the fact google doesn't support RC4 ciphers, testssl.sh called
sslv2_sockets(). Google answered with a >= TLS alert. Building a sum then
failed then in sslv2_sockets().

This fixes sslv2_sockets() and introduces count_chars() as a helper function
(tested also under old FreeBSD to make sure it works under MacOSX).
This commit is contained in:
Dirk Wetter 2020-10-28 09:52:10 +01:00
parent 888f4f9c5a
commit 3cd1273439
1 changed files with 8 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
testssl.sh
View File

@ -803,6 +803,10 @@ count_ciphers() {
echo $(wc -w <<< "${1//:/ }") echo $(wc -w <<< "${1//:/ }")
} }
count_chars() {
echo $(wc -c <<< "$1")
}
newline_to_spaces() { newline_to_spaces() {
tr '\n' ' ' <<< "$1" | sed 's/ $//' tr '\n' ' ' <<< "$1" | sed 's/ $//'
} }
@ -14331,8 +14335,8 @@ sslv2_sockets() {
if "$parse_complete"; then if "$parse_complete"; then
if [[ -s "$SOCK_REPLY_FILE" ]]; then if [[ -s "$SOCK_REPLY_FILE" ]]; then
server_hello=$(hexdump -v -e '16/1 "%02X"' "$SOCK_REPLY_FILE") server_hello=$(hexdump -v -e '16/1 "%02X"' "$SOCK_REPLY_FILE")
server_hello_len=2 + $(hex2dec "${server_hello:1:3}") server_hello_len=$((2 + $(hex2dec "${server_hello:1:3}") ))
response_len=$(wc -c "$SOCK_REPLY_FILE" | awk '{ print $1 }') response_len=$(count_chars "$SOCK_REPLY_FILE")
for (( 1; response_len < server_hello_len; 1 )); do for (( 1; response_len < server_hello_len; 1 )); do
sock_reply_file2=${SOCK_REPLY_FILE}.2 sock_reply_file2=${SOCK_REPLY_FILE}.2
mv "$SOCK_REPLY_FILE" "$sock_reply_file2" mv "$SOCK_REPLY_FILE" "$sock_reply_file2"
@ -14344,7 +14348,7 @@ sslv2_sockets() {
[[ ! -s "$SOCK_REPLY_FILE" ]] && break [[ ! -s "$SOCK_REPLY_FILE" ]] && break
cat "$SOCK_REPLY_FILE" >> "$sock_reply_file2" cat "$SOCK_REPLY_FILE" >> "$sock_reply_file2"
mv "$sock_reply_file2" "$SOCK_REPLY_FILE" mv "$sock_reply_file2" "$SOCK_REPLY_FILE"
response_len=$(wc -c "$SOCK_REPLY_FILE" | awk '{ print $1 }') response_len=$(count_chars "$SOCK_REPLY_FILE")
done done
fi fi
fi fi
@ -14362,6 +14366,7 @@ sslv2_sockets() {
return $ret return $ret
} }
# arg1: supported groups extension # arg1: supported groups extension
# arg2: "all" - process full response (including Certificate and certificate_status handshake messages) # arg2: "all" - process full response (including Certificate and certificate_status handshake messages)
# "ephemeralkey" - extract the server's ephemeral key (if any) # "ephemeralkey" - extract the server's ephemeral key (if any)