From 496373a60fb78a2e69a9b47af4a152a6e8aac904 Mon Sep 17 00:00:00 2001 From: Dirk Date: Thu, 22 Jan 2026 19:57:32 +0100 Subject: [PATCH] Finalize renaming MAX_WAITSOCK --> ROBOT_TIMEOUT The commit 51a35b0344128640237ec6b8f744f2aeabaec442 changed variable names but there were leftovers. Also before the tiemout values were reduced, so that the check may run faster. What was left were that some timeout values were still too long. Thus MAX_WAITSOCK is now completely changed to ROBOT_TIMEOUT . Also when the ROBOT check identified something as potentially vulnerable, the timeout value ist increased to 8 seconds which is less than in 3.2 . Tests however showed so far that there were no false positives or negatives. Moreover it changes the local variable robottimeout to robot_timeout. This PR fixes #2983 for 3.3dev . --- testssl.sh | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/testssl.sh b/testssl.sh index 57997f9..ad8a53c 100755 --- a/testssl.sh +++ b/testssl.sh @@ -20690,7 +20690,7 @@ run_robot() { local -i i subret len iteration testnum pubkeybytes local pubkeybits local vulnerable=false send_ccs_finished=true - local -i start_time end_time robottimeout=$ROBOT_TIMEOUT + local -i start_time end_time robot_timeout=$ROBOT_TIMEOUT local cve="CVE-2017-17382 CVE-2017-17427 CVE-2017-17428 CVE-2017-13098 CVE-2017-1000385 CVE-2017-13099 CVE-2016-6883 CVE-2012-5081 CVE-2017-6168" local cwe="CWE-203" local jsonID="ROBOT" @@ -20854,7 +20854,7 @@ run_robot() { fi debugme echo "reading server error response..." start_time=$(LC_ALL=C date "+%s") - sockread 32768 $robottimeout + sockread 32768 $robot_timeout subret=$? if [[ $subret -eq 0 ]]; then end_time=$(LC_ALL=C date "+%s") @@ -20869,9 +20869,9 @@ run_robot() { # exchange message, measure the amount of time it took to # receive a response and set the timeout value for future # tests to 2 seconds longer than it took to receive a response. - [[ $iteration -ne 2 ]] && [[ $robottimeout -eq $MAX_WAITSOCK ]] && \ - [[ $((end_time-start_time)) -lt $((MAX_WAITSOCK-2)) ]] && \ - robottimeout=$((end_time-start_time+2)) + [[ $iteration -ne 2 ]] && [[ $robot_timeout -eq $ROBOT_TIMEOUT ]] && \ + [[ $((end_time-start_time)) -lt $((ROBOT_TIMEOUT-2)) ]] && \ + robot_timeout=$((end_time-start_time+2)) else response[testnum]="Timeout waiting for alert" fi @@ -20910,14 +20910,15 @@ run_robot() { # If the test was run with a short timeout and was found to be # potentially vulnerable due to some tests timing out, then # verify the results by rerunning with a longer timeout. - if [[ $robottimeout -eq $MAX_WAITSOCK ]]; then + if [[ $robot_timeout -eq $ROBOT_TIMEOUT ]]; then break elif [[ "${response[0]}" == "Timeout waiting for alert" ]] || \ [[ "${response[1]}" == "Timeout waiting for alert" ]] || \ [[ "${response[2]}" == "Timeout waiting for alert" ]] || \ [[ "${response[3]}" == "Timeout waiting for alert" ]] || \ [[ "${response[4]}" == "Timeout waiting for alert" ]]; then - robottimeout=10 + [[ "$DEBUG" -ge 3 ]] && echo "5x Timeout waiting for alert, $robot_timeout increasing to 8" + robot_timeout=8 else break fi @@ -21795,6 +21796,7 @@ IPv6_OK: $IPv6_OK MAX_WAITSOCK: $MAX_WAITSOCK HEARTBLEED_MAX_WAITSOCK: $HEARTBLEED_MAX_WAITSOCK CCS_MAX_WAITSOCK: $CCS_MAX_WAITSOCK +ROBOT_TIMEOUT: $ROBOT_TIMEOUT USLEEP_SND $USLEEP_SND USLEEP_REC $USLEEP_REC HEADER_MAXSLEEP: $HEADER_MAXSLEEP