Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-10-30 21:35:26 +01:00
Code Issues Packages Projects Releases Wiki Activity

HTTP URLs with multiple components in path

Browse Source 
In some cases the OCSP URI contains multiple components in the path (e.g., http://www.example.com/OCSP/myOCSPresponder).

This PR changes check_revocation_ocsp() to remove all components in the path, rather than just the final component, when extracting the host name from the URI for the host header.
This commit is contained in:
David Cooper
2018-05-18 15:35:10 -04:00
committed by GitHub
parent 7d36734a96
commit 6152592973
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
testssl.sh
View File

@@ -1504,7 +1504,7 @@ check_revocation_ocsp() {
"$PHONE_OUT" || return 0 "$PHONE_OUT" || return 0
tmpfile=$TEMPDIR/${NODE}-${NODEIP}.${uri##*\/} || exit $ERR_FCREATE tmpfile=$TEMPDIR/${NODE}-${NODEIP}.${uri##*\/} || exit $ERR_FCREATE
host_header=${uri##http://} host_header=${uri##http://}
host_header=${host_header%/*} host_header=${host_header%%/*}
$OPENSSL ocsp -no_nonce -header Host ${host_header} -url "$uri" \ $OPENSSL ocsp -no_nonce -header Host ${host_header} -url "$uri" \
-issuer $TEMPDIR/hostcert_issuer.pem -verify_other $TEMPDIR/intermediatecerts.pem \ -issuer $TEMPDIR/hostcert_issuer.pem -verify_other $TEMPDIR/intermediatecerts.pem \
-CAfile $TEMPDIR/intermediatecerts.pem -cert $HOSTCERT -text &> "$tmpfile" -CAfile $TEMPDIR/intermediatecerts.pem -cert $HOSTCERT -text &> "$tmpfile"