Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-01-10 18:50:58 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix mass testing problem

Browse Source 
... see #1208. Also some redundant quotes were removed
This commit is contained in:
Dirk 2019-02-28 19:30:33 +01:00
parent 727a2888d6
commit 636843d6ff
1 changed files with 33 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

63
testssl.sh
View File

@ -1367,7 +1367,7 @@ service_detection() {
local -i was_killed local -i was_killed
if ! "$CLIENT_AUTH"; then if ! "$CLIENT_AUTH"; then
# SNI is not standardardized for !HTTPS but fortunately for other protocols s_client doesn't seem to care # SNI is not standardized for !HTTPS but fortunately for other protocols s_client doesn't seem to care
printf "$GET_REQ11" | $OPENSSL s_client $(s_client_options "$1 -quiet $BUGS -connect $NODEIP:$PORT $PROXY $SNI") >$TMPFILE 2>$ERRFILE & printf "$GET_REQ11" | $OPENSSL s_client $(s_client_options "$1 -quiet $BUGS -connect $NODEIP:$PORT $PROXY $SNI") >$TMPFILE 2>$ERRFILE &
wait_kill $! $HEADER_MAXSLEEP wait_kill $! $HEADER_MAXSLEEP
was_killed=$? was_killed=$?
@ -11391,14 +11391,14 @@ find_openssl_binary() {
prln_warning "\ncannot find specified (\$OPENSSL=$OPENSSL) binary." prln_warning "\ncannot find specified (\$OPENSSL=$OPENSSL) binary."
tmln_out " Looking some place else ..." tmln_out " Looking some place else ..."
elif [[ -x "$OPENSSL" ]]; then elif [[ -x "$OPENSSL" ]]; then
: # 1. all ok supplied $OPENSSL was found and has excutable bit set -- testrun comes below : # 1. all ok supplied $OPENSSL was found and has executable bit set -- testrun comes below
elif [[ -e "/mnt/c/Windows/System32/bash.exe" ]] && test_openssl_suffix "$(dirname "$(type -p openssl)")"; then elif [[ -e "/mnt/c/Windows/System32/bash.exe" ]] && test_openssl_suffix "$(dirname "$(type -p openssl)")"; then
# 2. otherwise, only if on Bash on Windows, use system binaries only. # 2. otherwise, only if on Bash on Windows, use system binaries only.
SYSTEM2="WSL" SYSTEM2="WSL"
elif test_openssl_suffix "$TESTSSL_INSTALL_DIR"; then elif test_openssl_suffix "$TESTSSL_INSTALL_DIR"; then
: # 3. otherwise try openssl in path of testssl.sh : # 3. otherwise try openssl in path of testssl.sh
elif test_openssl_suffix "$TESTSSL_INSTALL_DIR/bin"; then elif test_openssl_suffix "$TESTSSL_INSTALL_DIR/bin"; then
: # 4. otherwise here, this is supposed to be the standard --platform independed path in the future!!! : # 4. otherwise here, this is supposed to be the standard --platform independent path in the future!!!
elif test_openssl_suffix "$(dirname "$(type -p openssl)")"; then elif test_openssl_suffix "$(dirname "$(type -p openssl)")"; then
: # 5. we tried hard and failed, so now we use the system binaries : # 5. we tried hard and failed, so now we use the system binaries
fi fi
@ -11415,7 +11415,7 @@ find_openssl_binary() {
OSSL_VER_MINOR=$(sed -e 's/^.\.//' <<< "$OSSL_VER" | tr -d '[a-zA-Z]-') OSSL_VER_MINOR=$(sed -e 's/^.\.//' <<< "$OSSL_VER" | tr -d '[a-zA-Z]-')
OSSL_VER_APPENDIX=$(tr -d '0-9.' <<< "$OSSL_VER") OSSL_VER_APPENDIX=$(tr -d '0-9.' <<< "$OSSL_VER")
OSSL_VER_PLATFORM=$($OPENSSL version -p 2>/dev/null | sed 's/^platform: //') OSSL_VER_PLATFORM=$($OPENSSL version -p 2>/dev/null | sed 's/^platform: //')
OSSL_BUILD_DATE=$($OPENSSL version -a 2>/dev/null | grep '^built' | sed -e 's/built on//' -e 's/: ... //' -e 's/: //' -e 's/ UTC//' -e 's/ +0000//' -e 's/.000000000//') OSSL_BUILD_DATE=$($OPENSSL version -a 2>/dev/null | grep '^built' | sed -e 's/built on//' -e 's/: ... //' -e 's/: //' -e 's/ UTC//' -e 's/ +0000//' -e 's/.000000000//')
grep -q "not available" <<< "$OSSL_BUILD_DATE" && OSSL_BUILD_DATE="" grep -q "not available" <<< "$OSSL_BUILD_DATE" && OSSL_BUILD_DATE=""
# see #190, reverting logic: unless otherwise proved openssl has no dh bits # see #190, reverting logic: unless otherwise proved openssl has no dh bits
@ -11483,12 +11483,14 @@ find_openssl_binary() {
HAS_MYSQL=true HAS_MYSQL=true
if [[ "$OPENSSL_TIMEOUT" != "" ]]; then if [[ "$OPENSSL_TIMEOUT" != "" ]]; then
if type -p timeout 2>&1 >/dev/null ; then if type -p timeout >/dev/null 2>&1; then
# there are different "timeout". Check whether --preserve-status is supported if ! "$do_mass_testing"; then
if timeout --help 2>/dev/null | grep -q 'preserve-status'; then # there are different "timeout". Check whether --preserve-status is supported
OPENSSL="timeout --preserve-status $OPENSSL_TIMEOUT $OPENSSL" if timeout --help 2>/dev/null | grep -q 'preserve-status'; then
else OPENSSL="timeout --preserve-status $OPENSSL_TIMEOUT $OPENSSL"
OPENSSL="timeout $OPENSSL_TIMEOUT $OPENSSL" else
OPENSSL="timeout $OPENSSL_TIMEOUT $OPENSSL"
fi
fi fi
else else
outln outln
@ -11775,7 +11777,7 @@ prepare_arrays() {
ossl_ciph="$(awk '/'"$hexc"'/ { print $3 }' <<< "$ossl_supported_tls")" ossl_ciph="$(awk '/'"$hexc"'/ { print $3 }' <<< "$ossl_supported_tls")"
if [[ -n "$ossl_ciph" ]]; then if [[ -n "$ossl_ciph" ]]; then
TLS_CIPHER_OSSL_SUPPORTED[i]=true TLS_CIPHER_OSSL_SUPPORTED[i]=true
[[ "$ossl_ciph" != "${TLS_CIPHER_OSSL_NAME[i]}" ]] && TLS_CIPHER_OSSL_NAME[i]="$ossl_ciph" [[ "$ossl_ciph" != ${TLS_CIPHER_OSSL_NAME[i]} ]] && TLS_CIPHER_OSSL_NAME[i]="$ossl_ciph"
fi fi
fi fi
elif [[ $OSSL_VER_MAJOR -lt 1 ]]; then elif [[ $OSSL_VER_MAJOR -lt 1 ]]; then
@ -11840,7 +11842,7 @@ EOF
} }
cleanup () { cleanup() {
# If parallel mass testing is being performed, then the child tests need # If parallel mass testing is being performed, then the child tests need
# to be killed before $TEMPDIR is deleted. Otherwise, error messages # to be killed before $TEMPDIR is deleted. Otherwise, error messages
# will be created if testssl.sh is stopped before all testing is complete. # will be created if testssl.sh is stopped before all testing is complete.
@ -12707,7 +12709,7 @@ create_mass_testing_cmdline() {
local skip_next=false local skip_next=false
MASS_TESTING_CMDLINE=() MASS_TESTING_CMDLINE=()
[[ "$testing_type" =~ parallel ]] && read testing_type test_number <<< "$testing_type" [[ "$testing_type" =~ parallel ]] && read -r testing_type test_number <<< "$testing_type"
# Start by adding the elements from the global command line to the command line for the # Start by adding the elements from the global command line to the command line for the
# test. If run_mass_testing_parallel(), then modify the command line so that, when # test. If run_mass_testing_parallel(), then modify the command line so that, when
@ -12716,20 +12718,20 @@ create_mass_testing_cmdline() {
debugme echo "${CMDLINE_ARRAY[@]}" debugme echo "${CMDLINE_ARRAY[@]}"
for cmd in "${CMDLINE_ARRAY[@]}"; do for cmd in "${CMDLINE_ARRAY[@]}"; do
"$skip_next" && skip_next=false && continue "$skip_next" && skip_next=false && continue
if [[ "$cmd" == "--file"* ]]; then if [[ "$cmd" =~ --file ]]; then
# Don't include the "--file[=...] argument in the child's command # Don't include the "--file[=...] argument in the child's command
# line, but do include "--warnings=batch". # line, but do include "--warnings=batch".
MASS_TESTING_CMDLINE[nr_cmds]="--warnings=batch" MASS_TESTING_CMDLINE[nr_cmds]="--warnings=batch"
nr_cmds+=1 nr_cmds+=1
# next is the file itself, as no '=' was supplied # next is the file itself, as no '=' was supplied
[[ "$cmd" == '--file' ]] && skip_next=true [[ "$cmd" == --file ]] && skip_next=true
elif [[ "$testing_type" == "serial" ]]; then elif [[ "$testing_type" == serial ]]; then
if "$JSONHEADER" && [[ "$cmd" == "--jsonfile-pretty"* ]]; then if "$JSONHEADER" && [[ "$cmd" =~ --jsonfile-pretty ]]; then
>"$TEMPDIR/jsonfile_child.json" >"$TEMPDIR/jsonfile_child.json"
MASS_TESTING_CMDLINE[nr_cmds]="--jsonfile-pretty=$TEMPDIR/jsonfile_child.json" MASS_TESTING_CMDLINE[nr_cmds]="--jsonfile-pretty=$TEMPDIR/jsonfile_child.json"
# next is the jsonfile itself, as no '=' was supplied # next is the jsonfile itself, as no '=' was supplied
[[ "$cmd" == --jsonfile-pretty ]] && skip_next=true [[ "$cmd" == --jsonfile-pretty ]] && skip_next=true
elif "$JSONHEADER" && [[ "$cmd" == "--jsonfile"* ]]; then elif "$JSONHEADER" && [[ "$cmd" =~ --jsonfile ]]; then
>"$TEMPDIR/jsonfile_child.json" >"$TEMPDIR/jsonfile_child.json"
MASS_TESTING_CMDLINE[nr_cmds]="--jsonfile=$TEMPDIR/jsonfile_child.json" MASS_TESTING_CMDLINE[nr_cmds]="--jsonfile=$TEMPDIR/jsonfile_child.json"
# next is the jsonfile itself, as no '=' was supplied # next is the jsonfile itself, as no '=' was supplied
@ -12801,7 +12803,7 @@ ports2starttls() {
local tcp_port=$1 local tcp_port=$1
local ret=0 local ret=0
# https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers # https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
case $tcp_port in case $tcp_port in
21) echo "-t ftp " ;; 21) echo "-t ftp " ;;
23) echo "-t telnet " ;; 23) echo "-t telnet " ;;
@ -12906,10 +12908,10 @@ run_mass_testing() {
fi fi
pr_reverse "====== Running in file batch mode with ${gmapadd}file=\"$saved_fname\" ======"; outln "\n" pr_reverse "====== Running in file batch mode with ${gmapadd}file=\"$saved_fname\" ======"; outln "\n"
while read cmdline; do while read -r cmdline; do
cmdline="$(filter_input "$cmdline")" cmdline="$(filter_input "$cmdline")"
[[ -z "$cmdline" ]] && continue [[ -z "$cmdline" ]] && continue
[[ "$cmdline" == "EOF" ]] && break [[ "$cmdline" == EOF ]] && break
# Create the command line for the child in the form of an array (see #702) # Create the command line for the child in the form of an array (see #702)
create_mass_testing_cmdline "serial" $cmdline create_mass_testing_cmdline "serial" $cmdline
draw_line "=" $((TERM_WIDTH / 2)); outln; draw_line "=" $((TERM_WIDTH / 2)); outln;
@ -12940,18 +12942,19 @@ run_mass_testing() {
get_next_message_testing_parallel_result() { get_next_message_testing_parallel_result() {
draw_line "=" $((TERM_WIDTH / 2)); outln; draw_line "=" $((TERM_WIDTH / 2)); outln;
outln "${PARALLEL_TESTING_CMDLINE[NEXT_PARALLEL_TEST_TO_FINISH]}" outln "${PARALLEL_TESTING_CMDLINE[NEXT_PARALLEL_TEST_TO_FINISH]}"
if [[ "$1" == "completed" ]]; then if [[ "$1" == completed ]]; then
cat "$TEMPDIR/term_output_$(printf "%08d" $NEXT_PARALLEL_TEST_TO_FINISH).log" cat "$TEMPDIR/term_output_$(printf "%08d" $NEXT_PARALLEL_TEST_TO_FINISH).log"
if "$JSONHEADER" && [[ -s "$TEMPDIR/jsonfile_$(printf "%08d" $NEXT_PARALLEL_TEST_TO_FINISH).json" ]]; then if "$JSONHEADER" && [[ -s "$TEMPDIR/jsonfile_$(printf "%08d" $NEXT_PARALLEL_TEST_TO_FINISH).json" ]]; then
# Need to ensure that a separator is only added if the test # Need to ensure that a separator is only added if the test
# produced some JSON output. # produced some JSON output.
"$FIRST_JSON_OUTPUT" || fileout_separator # this is needed for appended output, see #687 "$FIRST_JSON_OUTPUT" || fileout_separator # this is needed for appended output, see #687
FIRST_JSON_OUTPUT=false FIRST_JSON_OUTPUT=false
FIRST_FINDING=false
cat "$TEMPDIR/jsonfile_$(printf "%08d" $NEXT_PARALLEL_TEST_TO_FINISH).json" >> "$JSONFILE" cat "$TEMPDIR/jsonfile_$(printf "%08d" $NEXT_PARALLEL_TEST_TO_FINISH).json" >> "$JSONFILE"
fi fi
"$CSVHEADER" && cat "$TEMPDIR/csvfile_$(printf "%08d" $NEXT_PARALLEL_TEST_TO_FINISH).csv" >> "$CSVFILE" "$CSVHEADER" && cat "$TEMPDIR/csvfile_$(printf "%08d" $NEXT_PARALLEL_TEST_TO_FINISH).csv" >> "$CSVFILE"
"$HTMLHEADER" && cat "$TEMPDIR/htmlfile_$(printf "%08d" $NEXT_PARALLEL_TEST_TO_FINISH).html" >> "$HTMLFILE" "$HTMLHEADER" && cat "$TEMPDIR/htmlfile_$(printf "%08d" $NEXT_PARALLEL_TEST_TO_FINISH).html" >> "$HTMLFILE"
elif [[ "$1" == "stopped" ]]; then elif [[ "$1" == stopped ]]; then
outln "\nTest was stopped before it completed.\n" outln "\nTest was stopped before it completed.\n"
else else
outln "\nTest timed out before it completed.\n" outln "\nTest timed out before it completed.\n"
@ -12977,10 +12980,10 @@ run_mass_testing_parallel() {
fi fi
pr_reverse "====== Running in file batch mode with ${gmapadd}file=\"$saved_fname\" ======"; outln "\n" pr_reverse "====== Running in file batch mode with ${gmapadd}file=\"$saved_fname\" ======"; outln "\n"
while read cmdline; do while read -r cmdline; do
cmdline="$(filter_input "$cmdline")" cmdline="$(filter_input "$cmdline")"
[[ -z "$cmdline" ]] && continue [[ -z "$cmdline" ]] && continue
[[ "$cmdline" == "EOF" ]] && break [[ "$cmdline" == EOF ]] && break
# Create the command line for the child in the form of an array (see #702) # Create the command line for the child in the form of an array (see #702)
create_mass_testing_cmdline "parallel $(printf "%08d" $NR_PARALLEL_TESTS)" $cmdline create_mass_testing_cmdline "parallel $(printf "%08d" $NR_PARALLEL_TESTS)" $cmdline
@ -13636,7 +13639,7 @@ nodeip_to_proper_ip6() {
${UNBRACKTD_IPV6} || NODEIP="[$NODEIP]" ${UNBRACKTD_IPV6} || NODEIP="[$NODEIP]"
len_nodeip=${#NODEIP} len_nodeip=${#NODEIP}
CORRECT_SPACES="$(printf -- " "'%.s' $(eval "echo {1.."$((len_nodeip - 17))"}"))" CORRECT_SPACES="$(printf -- " "'%.s' $(eval "echo {1.."$((len_nodeip - 17))"}"))"
# IPv6 addresses are longer, this varaible takes care that "further IP" and "Service" is properly aligned # IPv6 addresses are longer, this variable takes care that "further IP" and "Service" is properly aligned
fi fi
} }
@ -13709,7 +13712,7 @@ lets_roll() {
if $do_header; then if $do_header; then
#TODO: refactor this into functions #TODO: refactor this into functions
fileout_section_header $section_number true && ((section_number++)) fileout_section_header $section_number true && ((section_number++))
if [[ $SERVICE == "HTTP" ]]; then if [[ $SERVICE == HTTP ]]; then
run_http_header "$URL_PATH" run_http_header "$URL_PATH"
run_http_date "$URL_PATH" run_http_date "$URL_PATH"
run_hsts "$URL_PATH" run_hsts "$URL_PATH"
@ -13809,7 +13812,7 @@ lets_roll() {
if "$do_mass_testing"; then if "$do_mass_testing"; then
prepare_logging prepare_logging
if [[ "$MASS_TESTING_MODE" == "parallel" ]]; then if [[ "$MASS_TESTING_MODE" == parallel ]]; then
run_mass_testing_parallel run_mass_testing_parallel
else else
run_mass_testing run_mass_testing
@ -13818,11 +13821,11 @@ lets_roll() {
fi fi
html_banner html_banner
#TODO: there shouldn't be the need for a special case for --mx, only the ip adresses we would need upfront and the do-parser #TODO: there shouldn't be the need for a special case for --mx, only the ip addresses we would need upfront and the do-parser
if "$do_mx_all_ips"; then if "$do_mx_all_ips"; then
query_globals # if we have just 1x "do_*" --> we do a standard run -- otherwise just the one specified query_globals # if we have just 1x "do_*" --> we do a standard run -- otherwise just the one specified
[[ $? -eq 1 ]] && set_scanning_defaults [[ $? -eq 1 ]] && set_scanning_defaults
run_mx_all_ips "${URI}" $PORT # we should reduce run_mx_all_ips to the stuff neccessary as ~15 lines later we have similar code run_mx_all_ips "${URI}" $PORT # we should reduce run_mx_all_ips to the stuff necessary as ~15 lines later we have similar code
exit $? exit $?
fi fi