Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-10-31 13:55:25 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix check for OpenSSL supported curves

Browse Source 
OpenSSL 3.X outputs a different error message than previous versions when $OPENSSL s_client -curves X ... is called with an unsupported curve. This was resulting in the check within find_openssl_binary() adding every curve to $OPENSSL_SUPPORTED_CURVES, even ones that were not supported. This commit changes to check in order to detect the new error message.
This commit is contained in:
David Cooper
2025-02-19 12:47:35 -08:00
committed by GitHub
parent 74209e05de
commit 5c7e7bcbc7
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
testssl.sh
View File

@@ -20505,7 +20505,7 @@ find_openssl_binary() {
HAS_CURVES=true HAS_CURVES=true
for curve in "${curves_ossl[@]}"; do for curve in "${curves_ossl[@]}"; do
# Same as above, we just don't need a port for invalid. # Same as above, we just don't need a port for invalid.
$OPENSSL s_client -curves $curve -connect $NXCONNECT </dev/null 2>&1 | grep -Eiaq "Error with command|unknown option" $OPENSSL s_client -curves $curve -connect $NXCONNECT </dev/null 2>&1 | grep -Eiaq "Error with command|unknown option|Call to SSL_CONF_cmd(.*) failed"
[[ $? -ne 0 ]] && OSSL_SUPPORTED_CURVES+=" $curve " [[ $? -ne 0 ]] && OSSL_SUPPORTED_CURVES+=" $curve "
done done
fi fi