From 581b7cf579de73e4c22897319f8a1bfa89448240 Mon Sep 17 00:00:00 2001
From: David Cooper <dcooper16@gmail.com>
Date: Thu, 21 Dec 2017 11:22:08 -0500
Subject: [PATCH] run_crime() and OpenSSL 1.1.1

This PR is similar to #944. If using OpenSSL 1.1.1 to connect to a server that supports TLSv1.3, `run_crime()` will connect to the server using TLSv1.3, which does not support TLS-level compression. So, the server will be reported as "not vulnerable" even if would use compression for connections at TLSv1.2 and below.

I have not encountered any "live" servers that support both TLSv1.3 and TLS-level compression. I verified this problem by using OpenSSL 1.1.1 to create a server that supports both TLSv1.3 and TLS-level compression:
```
openssl111 s_server -cert cert.pem -key key.pem -accept 8443 -WWW -comp
```
I then tested the server using `testssl.sh --crime` with both openssl111 and OpenSSL 1.0.2-chacha.
---
 testssl.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/testssl.sh b/testssl.sh
index 2a6df4f..4b5c563 100755
--- a/testssl.sh
+++ b/testssl.sh
@@ -11950,6 +11950,7 @@ run_crime() {
           if [[ $OSSL_VER_MAJOR.$OSSL_VER_MINOR == "1.1.0"* ]] || [[ $OSSL_VER_MAJOR.$OSSL_VER_MINOR == "1.1.1"* ]]; then
                addcmd="-comp"
           fi
+          "$HAS_TLS13" && [[ -z "$OPTIMAL_PROTO" ]] && addcmd+=" -no_tls1_3"
           $OPENSSL s_client $(s_client_options "$OPTIMAL_PROTO $BUGS $addcmd $STARTTLS -connect $NODEIP:$PORT $PROXY $SNI") </dev/null &>$TMPFILE
           sclient_connect_successful $? $TMPFILE
           sclient_success=$?