Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-11-04 07:45:27 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1657 from magnuslarsen/3.1dev

Browse Source 
[Rating] STARTTLS output styling
This commit is contained in:
Dirk Wetter
2020-06-24 09:51:21 +02:00
committed by GitHub
parent 3c30887f39 f647ae8264
commit 55f7f7d69a
2 changed files with 4 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
doc/testssl.1.md
View File

@@ -419,14 +419,14 @@ set_grade_warning "Documentation is always right"
#### Implementing a new check which contains grade caps
When implementing a new check (be it vulnerability or not) that sets grade caps, the `set_rating_state()` has to be updated (i.e. the `$do_mycheck` variable-name has to be added to the loop, and `$nr_enabled` if-statement has to be incremented)
The `set_rating_state()` automatically disables ratinng, if all the required checks are *not* enabled.
The `set_rating_state()` automatically disables rating, if all the required checks are *not* enabled.
This is to prevent giving out a misleading or wrong grade.
#### Implementing a new revision
When a new revision of the rating specification comes around, the following has to be done:
* New grade caps has to be either:
1. Added to the script wherever relevant, or
2. Added to the above list of missing checks (if *i.* is not possible)
2. Added to the above list of missing checks (if above is not possible)
* New grade warnings has to be added wherever relevant
* The revision output in `run_rating()` function has to updated

11
testssl.sh
View File

@@ -20802,14 +20802,7 @@ run_rating() {
pr_headlineln " Rating (experimental) "
outln
if [[ -n "$STARTTLS_PROTOCOL" ]]; then
pr_bold " Grade "; pr_svrty_critical "T"
outln " - STARTTLS encryption is opportunistic"
outln " (Further details would lead to a false sense of security)"
fileout "grade" "CRITICAL" "T"
fileout "grade_cap_reasons" "INFO" "No more details shown as it would lead to a false sense of security"
return 0
fi
[[ -n "$STARTTLS_PROTOCOL" ]] && set_grade_cap "T" "Encryption via STARTTLS is not mandatory (opportunistic). This leads to a false sense of security"
# Sort the reasons. This is just nicer to read in genereal
IFS=$'\n' sorted_reasons=($(sort -ru <<<"${GRADE_CAP_REASONS[*]}"))
@@ -20912,7 +20905,7 @@ run_rating() {
pr_bold " Final Score "; outln $final_score
# get score, and somehow do something about the GRADE_CAP
# Calculate the pre-cap grade
if [[ $final_score -ge 80 ]]; then
pre_cap_grade="A"
elif [[ $final_score -ge 65 ]]; then