Make run_crime use $jsonID instead of repeating

This also seems more consistent across the code.
This commit is contained in:
Tomasz Kramkowski 2022-05-23 13:57:31 +01:00
parent 130b5b2aac
commit 5793bc26ae

View File

@ -14661,19 +14661,20 @@ run_crime() {
[[ $VULN_COUNT -le $VULN_THRESHLD ]] && outln && pr_headlineln " Testing for CRIME vulnerability " && outln [[ $VULN_COUNT -le $VULN_THRESHLD ]] && outln && pr_headlineln " Testing for CRIME vulnerability " && outln
pr_bold " CRIME, TLS " ; out "($cve) " pr_bold " CRIME, TLS " ; out "($cve) "
jsonID="CRIME_TLS"
if "$TLS13_ONLY"; then if "$TLS13_ONLY"; then
pr_svrty_best "not vulnerable (OK)" pr_svrty_best "not vulnerable (OK)"
[[ $DEBUG -ge 1 ]] && out ", no compression in TLS 1.3 only servers" [[ $DEBUG -ge 1 ]] && out ", no compression in TLS 1.3 only servers"
outln outln
fileout "CRIME_TLS" "OK" "TLS 1.3 only server" "$cve" "$cwe" fileout "$jsonID" "OK" "TLS 1.3 only server" "$cve" "$cwe"
return 0 return 0
fi fi
if ! "$HAS_ZLIB"; then if ! "$HAS_ZLIB"; then
if "$SSL_NATIVE"; then if "$SSL_NATIVE"; then
prln_local_problem "$OPENSSL lacks zlib support" prln_local_problem "$OPENSSL lacks zlib support"
fileout "CRIME_TLS" "WARN" "CRIME, TLS: Not tested. $OPENSSL lacks zlib support" "$cve" "$cwe" fileout "$jsonID" "WARN" "CRIME, TLS: Not tested. $OPENSSL lacks zlib support" "$cve" "$cwe"
return 1 return 1
else else
tls_sockets "03" "$TLS12_CIPHER" "" "" "true" tls_sockets "03" "$TLS12_CIPHER" "" "" "true"
@ -14691,23 +14692,23 @@ run_crime() {
if [[ $sclient_success -ne 0 ]]; then if [[ $sclient_success -ne 0 ]]; then
pr_warning "test failed (couldn't connect)" pr_warning "test failed (couldn't connect)"
fileout "CRIME_TLS" "WARN" "Check failed, couldn't connect" "$cve" "$cwe" fileout "$jsonID" "WARN" "Check failed, couldn't connect" "$cve" "$cwe"
ret=1 ret=1
elif grep -a Compression $TMPFILE | grep -aq NONE >/dev/null; then elif grep -a Compression $TMPFILE | grep -aq NONE >/dev/null; then
pr_svrty_good "not vulnerable (OK)" pr_svrty_good "not vulnerable (OK)"
if [[ $SERVICE != HTTP ]] && ! "$CLIENT_AUTH"; then if [[ $SERVICE != HTTP ]] && ! "$CLIENT_AUTH"; then
out " (not using HTTP anyway)" out " (not using HTTP anyway)"
fileout "CRIME_TLS" "OK" "not vulnerable (not using HTTP anyway)" "$cve" "$cwe" fileout "$jsonID" "OK" "not vulnerable (not using HTTP anyway)" "$cve" "$cwe"
else else
fileout "CRIME_TLS" "OK" "not vulnerable" "$cve" "$cwe" fileout "$jsonID" "OK" "not vulnerable" "$cve" "$cwe"
fi fi
else else
if [[ $SERVICE == HTTP ]] || "$CLIENT_AUTH"; then if [[ $SERVICE == HTTP ]] || "$CLIENT_AUTH"; then
pr_svrty_high "VULNERABLE (NOT ok)" pr_svrty_high "VULNERABLE (NOT ok)"
fileout "CRIME_TLS" "HIGH" "VULNERABLE" "$cve" "$cwe" "$hint" fileout "$jsonID" "HIGH" "VULNERABLE" "$cve" "$cwe" "$hint"
else else
pr_svrty_medium "VULNERABLE but not using HTTP: probably no exploit known" pr_svrty_medium "VULNERABLE but not using HTTP: probably no exploit known"
fileout "CRIME_TLS" "MEDIUM" "VULNERABLE, but not using HTTP. Probably no exploit known" "$cve" "$cwe" "$hint" fileout "$jsonID" "MEDIUM" "VULNERABLE, but not using HTTP. Probably no exploit known" "$cve" "$cwe" "$hint"
# not clear whether a protocol != HTTP offers the ability to repeatedly modify the input # not clear whether a protocol != HTTP offers the ability to repeatedly modify the input
# which is done e.g. via javascript in the context of HTTP # which is done e.g. via javascript in the context of HTTP
fi fi