Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-09-17 09:22:54 +02:00
Code Issues Packages Projects Releases Wiki Activity

Mask IP addresses, change host, compression

Browse Source 
... for t/32_isHTML_valid.t .

Github.com seems to be most reliable from the ones tested so far.

bahn.de has one IP to the outside however Session resumption seems
to come from different hosts behind that IP. Bad choice for this
test.
This commit is contained in:
Dirk Wetter
2025-07-28 15:03:51 +02:00
parent faa190354e
commit 56c1e58567
1 changed files with 18 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
t/32_isHTML_valid.t
View File

@ -10,16 +10,16 @@ use Text::Diff;
my $tests = 0; my $tests = 0;
my $prg="./testssl.sh"; my $prg="./testssl.sh";
my $uri="bahn.de"; my $uri="github.com";
my $out=""; my $out="";
my $html=""; my $html="";
my $debughtml=""; my $debughtml="";
my $edited_html=""; my $edited_html="";
my $htmlfile="tmp.html"; my $htmlfile="tmp.html";
# need to avoid the debug message around L15190++ Your ./bin/openssl.Linux.x86_64 doesn't support X25519 : # Pick /usr/bin/openssl as we want to avoid the debug messages like "Your ./bin/openssl.Linux.x86_64 doesn't support X25519"
my $check2run="--ip=one --openssl /usr/bin/openssl --sneaky --ids-friendly --color 0 --htmlfile $htmlfile"; my $check2run="--ip=one -4 --openssl /usr/bin/openssl --sneaky --ids-friendly --color 0 --htmlfile $htmlfile";
my $diff=""; my $diff="";
my $ip="";
die "Unable to open $prg" unless -f $prg; die "Unable to open $prg" unless -f $prg;
printf "\n%s\n", "Doing HTML output checks"; printf "\n%s\n", "Doing HTML output checks";
@ -57,7 +57,7 @@ $tests++;
if ( $^O eq "darwin" ){ if ( $^O eq "darwin" ){
printf "\nskip debug checkon MacOS\n\n"; printf "\nskip debug check on MacOS\n\n";
done_testing($tests); done_testing($tests);
exit 0; exit 0;
} }
@ -87,8 +87,21 @@ $debughtml =~ s/.*DEBUG:.*\n//g;
$debughtml =~ s/No engine or GOST support via engine with your.*\n//g; $debughtml =~ s/No engine or GOST support via engine with your.*\n//g;
$debughtml =~ s/.*built: .*\n//g; $debughtml =~ s/.*built: .*\n//g;
$debughtml =~ s/.*Using bash .*\n//g; $debughtml =~ s/.*Using bash .*\n//g;
$debughtml =~ s/.*has_compression.*\n//g;
# is whole line: s/.*<pattern> .*\n//g; # is whole line: s/.*<pattern> .*\n//g;
# Extract and mask IP address as it can change
if ( $html =~ /(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})/ ) {
$ip = $1;
}
$html =~ s/$ip/AAA.BBB.CCC.DDD/g;
if ( $debughtml =~ /(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})/ ) {
$ip = $1;
}
$debughtml =~ s/$ip/AAA.BBB.CCC.DDD/g;
$diff = diff \$debughtml, \$html; $diff = diff \$debughtml, \$html;
ok($debughtml eq $html, "Checking if HTML file created with --debug 4 matches HTML file created without --debug") or ok($debughtml eq $html, "Checking if HTML file created with --debug 4 matches HTML file created without --debug") or