Merge pull request #1871 from dcooper16/quit_on_cmd_line_errors

Quit testssl.sh on all command line errors
This commit is contained in:
Dirk Wetter 2023-12-24 15:34:00 +01:00 committed by GitHub
commit 3f9cc7b6a5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 62 additions and 40 deletions

View File

@ -1420,7 +1420,7 @@ json_header() {
local filename_provided=false local filename_provided=false
if [[ -n "$PARENT_JSONFILE" ]]; then if [[ -n "$PARENT_JSONFILE" ]]; then
[[ -n "$JSONFILE" ]] && fatal "Can't write to both $PARENT_JSONFILE and $JSONFILE" $ERR_CMDLINE [[ -n "$JSONFILE" ]] && fatal_cmd_line "Can't write to both $PARENT_JSONFILE and $JSONFILE" $ERR_CMDLINE
JSONFILE="$PARENT_JSONFILE" JSONFILE="$PARENT_JSONFILE"
fi fi
[[ -n "$JSONFILE" ]] && [[ ! -d "$JSONFILE" ]] && filename_provided=true [[ -n "$JSONFILE" ]] && [[ ! -d "$JSONFILE" ]] && filename_provided=true
@ -1456,7 +1456,7 @@ json_header() {
JSONHEADER=false JSONHEADER=false
else else
if [[ -s "$JSONFILE" ]]; then if [[ -s "$JSONFILE" ]]; then
"$OVERWRITE" || fatal "non-empty \"$JSONFILE\" exists. Either use \"--append\" or (re)move it" $ERR_FCREATE "$OVERWRITE" || fatal_cmd_line "non-empty \"$JSONFILE\" exists. Either use \"--append\" or (re)move it" $ERR_FCREATE
cp /dev/null "$JSONFILE" cp /dev/null "$JSONFILE"
fi fi
"$do_json" && echo "[" > "$JSONFILE" "$do_json" && echo "[" > "$JSONFILE"
@ -1471,7 +1471,7 @@ csv_header() {
local filename_provided=false local filename_provided=false
if [[ -n "$PARENT_CSVFILE" ]]; then if [[ -n "$PARENT_CSVFILE" ]]; then
[[ -n "$CSVFILE" ]] && fatal "Can't write to both $PARENT_CSVFILE and $CSVFILE" $ERR_CMDLINE [[ -n "$CSVFILE" ]] && fatal_cmd_line "Can't write to both $PARENT_CSVFILE and $CSVFILE" $ERR_CMDLINE
CSVFILE="$PARENT_CSVFILE" CSVFILE="$PARENT_CSVFILE"
fi fi
[[ -n "$CSVFILE" ]] && [[ ! -d "$CSVFILE" ]] && filename_provided=true [[ -n "$CSVFILE" ]] && [[ ! -d "$CSVFILE" ]] && filename_provided=true
@ -1504,7 +1504,7 @@ csv_header() {
CSVHEADER=false CSVHEADER=false
else else
if [[ -s "$CSVFILE" ]]; then if [[ -s "$CSVFILE" ]]; then
"$OVERWRITE" || fatal "non-empty \"$CSVFILE\" exists. Either use \"--append\" or (re)move it" $ERR_FCREATE "$OVERWRITE" || fatal_cmd_line "non-empty \"$CSVFILE\" exists. Either use \"--append\" or (re)move it" $ERR_FCREATE
cp /dev/null "$CSVFILE" cp /dev/null "$CSVFILE"
fi fi
touch "$CSVFILE" touch "$CSVFILE"
@ -1525,7 +1525,7 @@ html_header() {
local filename_provided=false local filename_provided=false
if [[ -n "$PARENT_HTMLFILE" ]]; then if [[ -n "$PARENT_HTMLFILE" ]]; then
[[ -n "$HTMLFILE" ]] && fatal "Can't write to both $PARENT_HTMLFILE and $HTMLFILE" $ERR_CMDLINE [[ -n "$HTMLFILE" ]] && fatal_cmd_line "Can't write to both $PARENT_HTMLFILE and $HTMLFILE" $ERR_CMDLINE
HTMLFILE="$PARENT_HTMLFILE" HTMLFILE="$PARENT_HTMLFILE"
fi fi
[[ -n "$HTMLFILE" ]] && [[ ! -d "$HTMLFILE" ]] && filename_provided=true [[ -n "$HTMLFILE" ]] && [[ ! -d "$HTMLFILE" ]] && filename_provided=true
@ -1561,7 +1561,7 @@ html_header() {
HTMLHEADER=false HTMLHEADER=false
else else
if [[ -s "$HTMLFILE" ]]; then if [[ -s "$HTMLFILE" ]]; then
"$OVERWRITE" || fatal "non-empty \"$HTMLFILE\" exists. Either use \"--append\" or (re)move it" $ERR_FCREATE "$OVERWRITE" || fatal_cmd_line "non-empty \"$HTMLFILE\" exists. Either use \"--append\" or (re)move it" $ERR_FCREATE
cp /dev/null "$HTMLFILE" cp /dev/null "$HTMLFILE"
fi fi
html_out "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>\n" html_out "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>\n"
@ -1604,7 +1604,7 @@ prepare_logging() {
local filename_provided=false local filename_provided=false
if [[ -n "$PARENT_LOGFILE" ]]; then if [[ -n "$PARENT_LOGFILE" ]]; then
[[ -n "$LOGFILE" ]] && fatal "Can't write to both $PARENT_LOGFILE and $LOGFILE" $ERR_CMDLINE [[ -n "$LOGFILE" ]] && fatal_cmd_line "Can't write to both $PARENT_LOGFILE and $LOGFILE" $ERR_CMDLINE
LOGFILE="$PARENT_LOGFILE" LOGFILE="$PARENT_LOGFILE"
fi fi
[[ -n "$LOGFILE" ]] && [[ ! -d "$LOGFILE" ]] && filename_provided=true [[ -n "$LOGFILE" ]] && [[ ! -d "$LOGFILE" ]] && filename_provided=true
@ -1627,7 +1627,7 @@ prepare_logging() {
if ! "$APPEND"; then if ! "$APPEND"; then
if [[ -s "$LOGFILE" ]]; then if [[ -s "$LOGFILE" ]]; then
"$OVERWRITE" || fatal "non-empty \"$LOGFILE\" exists. Either use \"--append\" or (re)move it" $ERR_FCREATE "$OVERWRITE" || fatal_cmd_line "non-empty \"$LOGFILE\" exists. Either use \"--append\" or (re)move it" $ERR_FCREATE
cp /dev/null "$LOGFILE" cp /dev/null "$LOGFILE"
fi fi
fi fi
@ -3443,7 +3443,7 @@ prettyprint_local() {
local re='^[0-9A-Fa-f]+$' local re='^[0-9A-Fa-f]+$'
if [[ "$1" == 0x* ]] || [[ "$1" == 0X* ]]; then if [[ "$1" == 0x* ]] || [[ "$1" == 0X* ]]; then
fatal "pls supply x<number> instead" $ERR_CMDLINE fatal_cmd_line "pls supply x<number> instead" $ERR_CMDLINE
fi fi
if [[ -z "$1" ]]; then if [[ -z "$1" ]]; then
@ -20812,6 +20812,28 @@ fatal() {
exit $2 exit $2
} }
# Program terminates as a result of an error in the command line.
# arg1: string to print / to write to file
# arg2: global error code, see ERR_* above
# arg3: an optional hint (string)
#
fatal_cmd_line() {
outln
prln_magenta "Fatal error: $1" >&2
[[ -n "$LOGFILE" ]] && prln_magenta "Fatal error: $1" >>$LOGFILE
if [[ -n "$3" ]]; then
outln "$3" >&2
[[ -n "$LOGFILE" ]] && outln "$3" >>$LOGFILE
fi
# Make sure we don't try to write into files when not created yet.
# No shorthand expression to avoid errors when $CMDLINE_PARSED haven't been filled yet.
HTMLHEADER=false
JSONHEADER=false
[[ $CMDLINE_PARSED == true ]] && fileout "scanProblem" "FATAL" "$1"
"$CHILD_MASS_TESTING" && kill -s USR1 $PPID
exit $2
}
# This OTOH doesn't exit but puts a fatal error to the screen but continues with the next # This OTOH doesn't exit but puts a fatal error to the screen but continues with the next
# IP/hostname. It should only be used if a single IP/Hostname in a scan is not reachable. # IP/hostname. It should only be used if a single IP/Hostname in a scan is not reachable.
# arg1: string to print / to write to file # arg1: string to print / to write to file
@ -23240,7 +23262,7 @@ parse_cmd_line() {
while [[ $# -gt 0 ]]; do while [[ $# -gt 0 ]]; do
case $1 in case $1 in
--help|-b|--banner|-v|--version) --help|-b|--banner|-v|--version)
fatal "$1 is a standalone command line option" $ERR_CMDLINE fatal_cmd_line "$1 is a standalone command line option" $ERR_CMDLINE
;; ;;
--mx) --mx)
do_mx_all_ips=true do_mx_all_ips=true
@ -23269,7 +23291,7 @@ parse_cmd_line() {
NODNS="$(parse_opt_equal_sign "$1" "$2")" NODNS="$(parse_opt_equal_sign "$1" "$2")"
[[ $? -eq 0 ]] && shift [[ $? -eq 0 ]] && shift
if [[ "$NODNS" != none ]] && [[ "$NODNS" != min ]]; then if [[ "$NODNS" != none ]] && [[ "$NODNS" != min ]]; then
fatal "Value for nodns switch can be either \"min\" or \"none\"" $ERR_CMDLINE fatal_cmd_line "Value for nodns switch can be either \"min\" or \"none\"" $ERR_CMDLINE
fi fi
;; ;;
-V|-V=*|--local|--local=*) # attention, this could have a value or not! -V|-V=*|--local|--local=*) # attention, this could have a value or not!
@ -23555,12 +23577,12 @@ parse_cmd_line() {
COLORBLIND=true COLORBLIND=true
;; ;;
--log|--logging) --log|--logging)
"$do_logging" && fatal "two --log* arguments" $ERR_CMDLINE "$do_logging" && fatal_cmd_line "two --log* arguments" $ERR_CMDLINE
do_logging=true do_logging=true
;; # DEFINITION of LOGFILE if no arg specified: automagically in parse_hn_port() ;; # DEFINITION of LOGFILE if no arg specified: automagically in parse_hn_port()
# following does the same but additionally we can specify a log location # following does the same but additionally we can specify a log location
--logfile|--logfile=*|-oL|-oL=*) --logfile|--logfile=*|-oL|-oL=*)
"$do_logging" && fatal "two --log* arguments" $ERR_CMDLINE "$do_logging" && fatal_cmd_line "two --log* arguments" $ERR_CMDLINE
LOGFILE="$(parse_opt_equal_sign "$1" "$2")" LOGFILE="$(parse_opt_equal_sign "$1" "$2")"
[[ $? -eq 0 ]] && shift [[ $? -eq 0 ]] && shift
do_logging=true do_logging=true
@ -23575,17 +23597,17 @@ parse_cmd_line() {
do_logging=true do_logging=true
;; ;;
--json) --json)
"$do_pretty_json" && fatal "flat and pretty JSON output are mutually exclusive" $ERR_CMDLINE "$do_pretty_json" && fatal_cmd_line "flat and pretty JSON output are mutually exclusive" $ERR_CMDLINE
"$do_json" && fatal "--json and --jsonfile are mutually exclusive" $ERR_CMDLINE "$do_json" && fatal_cmd_line "--json and --jsonfile are mutually exclusive" $ERR_CMDLINE
if [[ "$2" =~ \.(json|JSON)$ ]]; then if [[ "$2" =~ \.(json|JSON)$ ]]; then
fatal "No file name allowed after \"--json\" (use \"--jsonfile\" instead)" $ERR_CMDLINE fatal_cmd_line "No file name allowed after \"--json\" (use \"--jsonfile\" instead)" $ERR_CMDLINE
fi fi
do_json=true do_json=true
;; # DEFINITION of JSONFILE is not arg specified: automagically in parse_hn_port() ;; # DEFINITION of JSONFILE is not arg specified: automagically in parse_hn_port()
# following does the same but additionally we can specify a log location # following does the same but additionally we can specify a log location
--jsonfile|--jsonfile=*|-oj|-oj=*) --jsonfile|--jsonfile=*|-oj|-oj=*)
"$do_pretty_json" && fatal "flat and pretty JSON output are mutually exclusive" $ERR_CMDLINE "$do_pretty_json" && fatal_cmd_line "flat and pretty JSON output are mutually exclusive" $ERR_CMDLINE
"$do_json" && fatal "--json and --jsonfile are mutually exclusive" $ERR_CMDLINE "$do_json" && fatal_cmd_line "--json and --jsonfile are mutually exclusive" $ERR_CMDLINE
JSONFILE="$(parse_opt_equal_sign "$1" "$2")" JSONFILE="$(parse_opt_equal_sign "$1" "$2")"
[[ $? -eq 0 ]] && shift [[ $? -eq 0 ]] && shift
do_json=true do_json=true
@ -23600,16 +23622,16 @@ parse_cmd_line() {
do_json=true do_json=true
;; ;;
--json-pretty) --json-pretty)
"$do_json" && fatal "flat and pretty JSON output are mutually exclusive" $ERR_CMDLINE "$do_json" && fatal_cmd_line "flat and pretty JSON output are mutually exclusive" $ERR_CMDLINE
"$do_pretty_json" && fatal "--json-pretty and --jsonfile-pretty are mutually exclusive" $ERR_CMDLINE "$do_pretty_json" && fatal_cmd_line "--json-pretty and --jsonfile-pretty are mutually exclusive" $ERR_CMDLINE
if [[ "$2" =~ \.(json|JSON)$ ]]; then if [[ "$2" =~ \.(json|JSON)$ ]]; then
fatal "No file name allowed after \"--json\" (use \"--jsonfile-pretty\" instead)" $ERR_CMDLINE fatal_cmd_line "No file name allowed after \"--json\" (use \"--jsonfile-pretty\" instead)" $ERR_CMDLINE
fi fi
do_pretty_json=true do_pretty_json=true
;; ;;
--jsonfile-pretty|--jsonfile-pretty=*|-oJ|-oJ=*) --jsonfile-pretty|--jsonfile-pretty=*|-oJ|-oJ=*)
"$do_json" && fatal "flat and pretty JSON output are mutually exclusive" $ERR_CMDLINE "$do_json" && fatal_cmd_line "flat and pretty JSON output are mutually exclusive" $ERR_CMDLINE
"$do_pretty_json" && fatal "--json-pretty and --jsonfile-pretty are mutually exclusive" $ERR_CMDLINE "$do_pretty_json" && fatal_cmd_line "--json-pretty and --jsonfile-pretty are mutually exclusive" $ERR_CMDLINE
JSONFILE="$(parse_opt_equal_sign "$1" "$2")" JSONFILE="$(parse_opt_equal_sign "$1" "$2")"
[[ $? -eq 0 ]] && shift [[ $? -eq 0 ]] && shift
do_pretty_json=true do_pretty_json=true
@ -23631,15 +23653,15 @@ parse_cmd_line() {
GIVE_HINTS=true GIVE_HINTS=true
;; ;;
--csv) --csv)
"$do_csv" && fatal "two --csv* arguments" $ERR_CMDLINE "$do_csv" && fatal_cmd_line "two --csv* arguments" $ERR_CMDLINE
if [[ "$2" =~ \.(csv|CSV)$ ]]; then if [[ "$2" =~ \.(csv|CSV)$ ]]; then
fatal "No file name allowed after \"--csv\" (use \"--csvfile\" instead)" $ERR_CMDLINE fatal_cmd_line "No file name allowed after \"--csv\" (use \"--csvfile\" instead)" $ERR_CMDLINE
fi fi
do_csv=true do_csv=true
;; # DEFINITION of CSVFILE is not arg specified: automagically in parse_hn_port() ;; # DEFINITION of CSVFILE is not arg specified: automagically in parse_hn_port()
# following does the same but additionally we can specify a log location # following does the same but additionally we can specify a log location
--csvfile|--csvfile=*|-oC|-oC=*) --csvfile|--csvfile=*|-oC|-oC=*)
"$do_csv" && fatal "two --csv* arguments" $ERR_CMDLINE "$do_csv" && fatal_cmd_line "two --csv* arguments" $ERR_CMDLINE
CSVFILE="$(parse_opt_equal_sign "$1" "$2")" CSVFILE="$(parse_opt_equal_sign "$1" "$2")"
[[ $? -eq 0 ]] && shift [[ $? -eq 0 ]] && shift
do_csv=true do_csv=true
@ -23654,15 +23676,15 @@ parse_cmd_line() {
do_csv=true do_csv=true
;; ;;
--html) --html)
"$do_html" && fatal "two --html* arguments" $ERR_CMDLINE "$do_html" && fatal_cmd_line "two --html* arguments" $ERR_CMDLINE
if [[ "$2" =~ \.(htm|html|HTM|HTML)$ ]]; then if [[ "$2" =~ \.(htm|html|HTM|HTML)$ ]]; then
fatal "No file name allowed after \"--html\" (use \"--htmlfile\" instead)" $ERR_CMDLINE fatal_cmd_line "No file name allowed after \"--html\" (use \"--htmlfile\" instead)" $ERR_CMDLINE
fi fi
do_html=true do_html=true
;; # DEFINITION of HTMLFILE is not arg specified: automagically in parse_hn_port() ;; # DEFINITION of HTMLFILE is not arg specified: automagically in parse_hn_port()
# following does the same but additionally we can specify a file location # following does the same but additionally we can specify a file location
--htmlfile|--htmlfile=*|-oH|-oH=*) --htmlfile|--htmlfile=*|-oH|-oH=*)
"$do_html" && fatal "two --html* arguments" $ERR_CMDLINE "$do_html" && fatal_cmd_line "two --html* arguments" $ERR_CMDLINE
HTMLFILE="$(parse_opt_equal_sign "$1" "$2")" HTMLFILE="$(parse_opt_equal_sign "$1" "$2")"
[[ $? -eq 0 ]] && shift [[ $? -eq 0 ]] && shift
do_html=true do_html=true
@ -23677,7 +23699,7 @@ parse_cmd_line() {
do_html=true do_html=true
;; ;;
--outfile|--outfile=*|-oa|-oa=*) --outfile|--outfile=*|-oa|-oa=*)
{ "$do_html" || "$do_json" || "$do_pretty_json" || "$do_csv" || "$do_logging"; } && fatal "check your arguments four multiple file output options" $ERR_CMDLINE { "$do_html" || "$do_json" || "$do_pretty_json" || "$do_csv" || "$do_logging"; } && fatal_cmd_line "check your arguments four multiple file output options" $ERR_CMDLINE
outfile_arg="$(parse_opt_equal_sign "$1" "$2")" outfile_arg="$(parse_opt_equal_sign "$1" "$2")"
if [[ "$outfile_arg" != "auto" ]]; then if [[ "$outfile_arg" != "auto" ]]; then
if [[ -d "$outfile_arg" ]]; then if [[ -d "$outfile_arg" ]]; then
@ -23699,7 +23721,7 @@ parse_cmd_line() {
do_logging=true do_logging=true
;; ;;
--outFile|--outFile=*|-oA|-oA=*) --outFile|--outFile=*|-oA|-oA=*)
{ "$do_html" || "$do_json" || "$do_pretty_json" || "$do_csv" || "$do_logging"; } && fatal "check your arguments four multiple file output options" $ERR_CMDLINE { "$do_html" || "$do_json" || "$do_pretty_json" || "$do_csv" || "$do_logging"; } && fatal_cmd_line "check your arguments four multiple file output options" $ERR_CMDLINE
outfile_arg="$(parse_opt_equal_sign "$1" "$2")" outfile_arg="$(parse_opt_equal_sign "$1" "$2")"
if [[ "$outfile_arg" != "auto" ]]; then if [[ "$outfile_arg" != "auto" ]]; then
if [[ -d "$outfile_arg" ]]; then if [[ -d "$outfile_arg" ]]; then
@ -23721,11 +23743,11 @@ parse_cmd_line() {
do_logging=true do_logging=true
;; ;;
--overwrite) --overwrite)
"$APPEND" && fatal "using --overwrite and --append is contradicting" $ERR_CMDLINE "$APPEND" && fatal_cmd_line "using --overwrite and --append is contradicting" $ERR_CMDLINE
OVERWRITE=true OVERWRITE=true
;; ;;
--append) --append)
"$OVERWRITE" && fatal "using --append and --overwrite is contradicting" $ERR_CMDLINE "$OVERWRITE" && fatal_cmd_line "using --append and --overwrite is contradicting" $ERR_CMDLINE
APPEND=true APPEND=true
;; ;;
--outprefix) --outprefix)
@ -23804,17 +23826,17 @@ parse_cmd_line() {
# Show usage if no further options were specified # Show usage if no further options were specified
if [[ -z "$1" ]] && [[ -z "$FNAME" ]] && ! "$do_display_only"; then if [[ -z "$1" ]] && [[ -z "$FNAME" ]] && ! "$do_display_only"; then
fatal "URI missing" $ERR_CMDLINE fatal_cmd_line "URI missing" $ERR_CMDLINE
else else
# What is left here should be the URI. # What is left here should be the URI.
URI="$1" URI="$1"
[[ -n "$2" ]] && fatal "URI comes last" $ERR_CMDLINE [[ -n "$2" ]] && fatal_cmd_line "URI comes last" $ERR_CMDLINE
fi fi
# Now spot some incompatibilities in cmdlines # Now spot some incompatibilities in cmdlines
[[ $CMDLINE_IP == one ]] && [[ "$NODNS" == none ]] && fatal "\"--ip=one\" and \"--nodns=none\" don't work together" $ERR_CMDLINE [[ $CMDLINE_IP == one ]] && [[ "$NODNS" == none ]] && fatal_cmd_line "\"--ip=one\" and \"--nodns=none\" don't work together" $ERR_CMDLINE
[[ $CMDLINE_IP == one ]] && ( is_ipv4addr "$URI" || is_ipv6addr "$URI" ) && fatal "\"--ip=one\" plus supplying an IP address doesn't work" $ERR_CMDLINE [[ $CMDLINE_IP == one ]] && ( is_ipv4addr "$URI" || is_ipv6addr "$URI" ) && fatal_cmd_line "\"--ip=one\" plus supplying an IP address doesn't work" $ERR_CMDLINE
"$do_mx_all_ips" && [[ "$NODNS" == none ]] && fatal "\"--mx\" and \"--nodns=none\" don't work together" $ERR_CMDLINE "$do_mx_all_ips" && [[ "$NODNS" == none ]] && fatal_cmd_line "\"--mx\" and \"--nodns=none\" don't work together" $ERR_CMDLINE
if [[ -d $ADDTL_CA_FILES ]]; then if [[ -d $ADDTL_CA_FILES ]]; then
ADDTL_CA_FILES="$ADDTL_CA_FILES/*.pem" ADDTL_CA_FILES="$ADDTL_CA_FILES/*.pem"
@ -23822,8 +23844,8 @@ parse_cmd_line() {
ADDTL_CA_FILES="${ADDTL_CA_FILES//,/ }" ADDTL_CA_FILES="${ADDTL_CA_FILES//,/ }"
fi fi
for fname in $ADDTL_CA_FILES; do for fname in $ADDTL_CA_FILES; do
[[ -s "$fname" ]] || fatal "CA file \"$fname\" does not exist" $ERR_RESOURCE [[ -s "$fname" ]] || fatal_cmd_line "CA file \"$fname\" does not exist" $ERR_RESOURCE
grep -q 'BEGIN CERTIFICATE' "$fname" || fatal "\"$fname\" is not CA file in PEM format" $ERR_RESOURCE grep -q 'BEGIN CERTIFICATE' "$fname" || fatal_cmd_line "\"$fname\" is not CA file in PEM format" $ERR_RESOURCE
done done
"$FAST" && pr_warning "\n'--fast' can have some undesired side effects thus it is not recommended to use anymore\n" "$FAST" && pr_warning "\n'--fast' can have some undesired side effects thus it is not recommended to use anymore\n"