Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-01-07 09:10:57 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1197 from dcooper16/run_server_preference_ssl2_only

Browse Source 
Fix run_server_preference() for SSLv2 only server
This commit is contained in:
Dirk Wetter 2019-02-13 14:47:46 +01:00 committed by GitHub
commit 3d55d0ebd1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
testssl.sh
View File

@ -5955,7 +5955,7 @@ run_server_preference() {
cp "$TEMPDIR/$NODEIP.parse_tls_serverhello.txt" $TMPFILE cp "$TEMPDIR/$NODEIP.parse_tls_serverhello.txt" $TMPFILE
tls13_cipher2=$(get_cipher $TMPFILE) tls13_cipher2=$(get_cipher $TMPFILE)
debugme tm_out "TLS 1.3: --> $tls13_cipher2\n" debugme tm_out "TLS 1.3: --> $tls13_cipher2\n"
else elif [[ "$OPTIMAL_PROTO" != -ssl2 ]]; then
[[ $DEBUG -ge 4 ]] && echo -e "\n Forward: ${list_fwd}\n ${tls13_list_fwd}" [[ $DEBUG -ge 4 ]] && echo -e "\n Forward: ${list_fwd}\n ${tls13_list_fwd}"
$OPENSSL s_client $(s_client_options "$STARTTLS -cipher $list_fwd -ciphersuites $tls13_list_fwd $BUGS -connect $NODEIP:$PORT $PROXY $addcmd") </dev/null 2>$ERRFILE >$TMPFILE $OPENSSL s_client $(s_client_options "$STARTTLS -cipher $list_fwd -ciphersuites $tls13_list_fwd $BUGS -connect $NODEIP:$PORT $PROXY $addcmd") </dev/null 2>$ERRFILE >$TMPFILE
if ! sclient_connect_successful $? $TMPFILE && [[ -z "$STARTTLS_PROTOCOL" ]]; then if ! sclient_connect_successful $? $TMPFILE && [[ -z "$STARTTLS_PROTOCOL" ]]; then
@ -6009,7 +6009,7 @@ run_server_preference() {
fileout "$jsonID" "OK" "server -- TLS 1.3 client determined" fileout "$jsonID" "OK" "server -- TLS 1.3 client determined"
cipher1="$tls13_cipher1" cipher1="$tls13_cipher1"
cipher2="$tls13_cipher2" cipher2="$tls13_cipher2"
elif [[ "$cipher1" != $cipher2 ]]; then elif [[ "$OPTIMAL_PROTO" == -ssl2 ]] || [[ "$cipher1" != $cipher2 ]]; then
# server used the different ends (ciphers) from the client hello # server used the different ends (ciphers) from the client hello
pr_svrty_high "nope (NOT ok)" pr_svrty_high "nope (NOT ok)"
limitedsense=" (limited sense as client will pick)" limitedsense=" (limited sense as client will pick)"