From e82d4e07cadd0c35bfdf3bd2719bfff6a53654da Mon Sep 17 00:00:00 2001
From: j <>
Date: Mon, 19 Oct 2020 22:12:59 +0200
Subject: [PATCH 1/3] Modified ssl renegotiation attempts to be variable, and
 default 6.

---
 CREDITS.md |  3 ++-
 testssl.sh | 17 +++++++++++------
 2 files changed, 13 insertions(+), 7 deletions(-)

diff --git a/CREDITS.md b/CREDITS.md
index a46bbe7..beee57a 100644
--- a/CREDITS.md
+++ b/CREDITS.md
@@ -40,7 +40,8 @@ Full contribution, see git log.
   - NetBSD fixes
 
 * Jim Blankendaal
-  - maximum certificate lifespan of 398 days 
+  - maximum certificate lifespan of 398 days
+  - ssl renegotiation amount variable
 
 * Frank Breedijk
   - Detection of insecure redirects
diff --git a/testssl.sh b/testssl.sh
index 962f335..9ee5120 100755
--- a/testssl.sh
+++ b/testssl.sh
@@ -231,6 +231,7 @@ fi
 DISPLAY_CIPHERNAMES="openssl"           # display OpenSSL ciphername (but both OpenSSL and RFC ciphernames in wide mode)
 declare UA_STD="TLS tester from $SWURL"
 declare -r UA_SNEAKY="Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
+SSL_RENEG_ATTEMPTS=${SSL_RENEG_ATTEMPTS:-6}       # number of times to check SSL Renegotiation
 
 ########### Initialization part, further global vars just being declared here
 #
@@ -15969,6 +15970,7 @@ run_renego() {
      local cwe="CWE-310"
      local hint=""
      local jsonID=""
+     local ssl_reneg_attempts=$SSL_RENEG_ATTEMPTS
      # No SNI needed here as there won't be two different SSL stacks for one IP
 
      "$HAS_TLS13" && [[ -z "$proto" ]] && proto="-no_tls1_3"
@@ -16074,24 +16076,27 @@ run_renego() {
                fi
                case "$sec_client_renego" in
                     0)   # We try again if server is HTTP. This could be either a node.js server or something else.
-                         # node.js has a mitigation which allows 3x R and then blocks. So we test 4x
+			 # Mitigations (default values) for:
+                         # 	- node.js allows 3x R and then blocks. So then 4x should be tested. 
+			 #	- F5 BIG-IP ADS allows 5x R and then blocks. So then 6x should be tested.
                          # This way we save a couple seconds as we weeded out the ones which are more robust
+			 # Amount of times tested before breaking is set in SSL_RENEG_ATTEMPTS.
                          if [[ $SERVICE != HTTP ]]; then
                               pr_svrty_medium "VULNERABLE (NOT ok)"; outln ", potential DoS threat"
                               fileout "$jsonID" "MEDIUM" "VULNERABLE, potential DoS threat" "$cve" "$cwe" "$hint"
                          else
-                              (for i in {1..4}; do echo R; sleep 1; done) | \
+			      (for ((i=0; i < ssl_reneg_attempts; i++ )); do echo R; sleep 1; done) | \
                                    $OPENSSL s_client $(s_client_options "$proto $legacycmd $STARTTLS $BUGS -connect $NODEIP:$PORT $PROXY") >$TMPFILE 2>>$ERRFILE
                               case $? in
-                                   0) pr_svrty_high "VULNERABLE (NOT ok)"; outln ", DoS threat"
+				   0) pr_svrty_high "VULNERABLE (NOT ok)"; outln ", DoS threat ($ssl_reneg_attempts attempts)"
                                       fileout "$jsonID" "HIGH" "VULNERABLE, DoS threat" "$cve" "$cwe" "$hint"
                                       ;;
                                    1) pr_svrty_good "not vulnerable (OK)"
-                                      outln " -- mitigated"
+				      outln " -- mitigated (disconnect within $ssl_reneg_attempts)"
                                       fileout "$jsonID" "OK" "not vulnerable, mitigated" "$cve" "$cwe"
                                       ;;
-                                   *) prln_warning "FIXME (bug): $sec_client_renego (4 tries)"
-                                      fileout "$jsonID" "DEBUG" "FIXME (bug 4 tries) $sec_client_renego" "$cve" "$cwe"
+                                   *) prln_warning "FIXME (bug): $sec_client_renego ($ssl_reneg_attempts tries)"
+                                      fileout "$jsonID" "DEBUG" "FIXME (bug $ssl_reneg_attempts tries) $sec_client_renego" "$cve" "$cwe"
                                       ret=1
                                       ;;
                               esac

From a252eeb11dc4f22410130a0196eb99c46031850a Mon Sep 17 00:00:00 2001
From: j <>
Date: Mon, 19 Oct 2020 22:37:10 +0200
Subject: [PATCH 2/3] Updated changelog

---
 CHANGELOG.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 6f7a613..04489db 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -23,6 +23,7 @@
 * Added support for certificates with EdDSA signatures and pubilc keys
 * --add-ca can also now be a directory with \*.pem files
 * Warning of 398 day limit for certificates issued after 2020/9/1
+* Added environment variable for amount of attempts for ssl renegotiation check
 
 ### Features implemented / improvements in 3.0
 

From 3e2d1b943d56cfe1017a98994df33c24d64d8671 Mon Sep 17 00:00:00 2001
From: tosticated <>
Date: Tue, 20 Oct 2020 13:03:30 +0200
Subject: [PATCH 3/3] Fixed whitespaces/tabs

---
 testssl.sh | 15 +++++++--------
 1 file changed, 7 insertions(+), 8 deletions(-)

diff --git a/testssl.sh b/testssl.sh
index 9ee5120..7742f53 100755
--- a/testssl.sh
+++ b/testssl.sh
@@ -16076,23 +16076,22 @@ run_renego() {
                fi
                case "$sec_client_renego" in
                     0)   # We try again if server is HTTP. This could be either a node.js server or something else.
-			 # Mitigations (default values) for:
-                         # 	- node.js allows 3x R and then blocks. So then 4x should be tested. 
-			 #	- F5 BIG-IP ADS allows 5x R and then blocks. So then 6x should be tested.
+                         # Mitigations (default values) for:
+                         # - node.js allows 3x R and then blocks. So then 4x should be tested.
+                         # - F5 BIG-IP ADS allows 5x R and then blocks. So then 6x should be tested.
                          # This way we save a couple seconds as we weeded out the ones which are more robust
-			 # Amount of times tested before breaking is set in SSL_RENEG_ATTEMPTS.
+                         # Amount of times tested before breaking is set in SSL_RENEG_ATTEMPTS.
                          if [[ $SERVICE != HTTP ]]; then
                               pr_svrty_medium "VULNERABLE (NOT ok)"; outln ", potential DoS threat"
                               fileout "$jsonID" "MEDIUM" "VULNERABLE, potential DoS threat" "$cve" "$cwe" "$hint"
                          else
-			      (for ((i=0; i < ssl_reneg_attempts; i++ )); do echo R; sleep 1; done) | \
+                              (for ((i=0; i < ssl_reneg_attempts; i++ )); do echo R; sleep 1; done) | \
                                    $OPENSSL s_client $(s_client_options "$proto $legacycmd $STARTTLS $BUGS -connect $NODEIP:$PORT $PROXY") >$TMPFILE 2>>$ERRFILE
                               case $? in
-				   0) pr_svrty_high "VULNERABLE (NOT ok)"; outln ", DoS threat ($ssl_reneg_attempts attempts)"
+                                   0) pr_svrty_high "VULNERABLE (NOT ok)"; outln ", DoS threat ($ssl_reneg_attempts attempts)"
                                       fileout "$jsonID" "HIGH" "VULNERABLE, DoS threat" "$cve" "$cwe" "$hint"
                                       ;;
-                                   1) pr_svrty_good "not vulnerable (OK)"
-				      outln " -- mitigated (disconnect within $ssl_reneg_attempts)"
+                                   1) pr_svrty_good "not vulnerable (OK)"; outln " -- mitigated (disconnect within $ssl_reneg_attempts)"
                                       fileout "$jsonID" "OK" "not vulnerable, mitigated" "$cve" "$cwe"
                                       ;;
                                    *) prln_warning "FIXME (bug): $sec_client_renego ($ssl_reneg_attempts tries)"