From b4f59e91be5dcaf7fe6c3d80abcdc8752172975a Mon Sep 17 00:00:00 2001 From: Dirk Date: Thu, 23 Feb 2017 17:19:52 +0100 Subject: [PATCH] FIX #621 --- testssl.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/testssl.sh b/testssl.sh index 0faaa3b..e2ea254 100755 --- a/testssl.sh +++ b/testssl.sh @@ -9114,6 +9114,8 @@ socksend_tls_clienthello() { # "ephemeralkey" - extract the server's ephemeral key (if any) # arg4: (optional) additional request extensions # arg5: (optional) "true" if ClientHello should advertise compression methods other than "NULL" +# return: 0: successful connect | 1: protocol or cipher not available | 2: as (0) but downgraded +# 6: couldn't open socket | 7: couldn't open temp file tls_sockets() { local -i ret=0 local -i save=0 @@ -9850,6 +9852,7 @@ run_sweet32() { if "$using_sockets"; then tls_sockets "03" "${sweet32_ciphers_hex}" sclient_success=$? + [[ "$sclient_success" -eq 2 ]] && sclient_success=0 else nr_sweet32_ciphers=$(count_ciphers $sweet32_ciphers) nr_supported_ciphers=$(count_ciphers $(actually_supported_ciphers $sweet32_ciphers)) @@ -10687,6 +10690,7 @@ run_lucky13() { if "$using_sockets"; then tls_sockets "03" "${cbc_ciphers_hex}" sclient_success=$? + [[ "$sclient_success" -eq 2 ]] && sclient_success=0 else nr_cbc_ciphers=$(count_ciphers $cbc_ciphers) nr_supported_ciphers=$(count_ciphers $(actually_supported_ciphers $cbc_ciphers))