Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-01-03 23:39:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

lowering severity and taking other clients as browsers into account #735

Browse Source
This commit is contained in:
Dirk 2017-05-04 12:34:20 +02:00
parent 19052da1a5
commit 699b48c8b8
1 changed files with 9 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
testssl.sh
View File

@ -5758,11 +5758,17 @@ certificate_info() {
while read san; do
[[ -n "$san" ]] && all_san+="$san "
done <<< "$sans"
pr_italic "$(out_row_aligned_max_width "$all_san" "$indent " $TERM_WIDTH)"
prln_italic "$(out_row_aligned_max_width "$all_san" "$indent " $TERM_WIDTH)"
fileout "${json_prefix}san" "INFO" "subjectAltName (SAN) : $all_san"
else
prln_svrty_high "missing (NOT ok)"
fileout "${json_prefix}san" "HIGH" "subjectAltName (SAN) : --"
if [[ $SERVICE == "HTTP" ]]; then
# https://bugzilla.mozilla.org/show_bug.cgi?id=1245280, https://bugzilla.mozilla.org/show_bug.cgi?id=1245280
pr_svrty_medium "missing (NOT ok)"; outln " -- Browser will complain soon"
fileout "${json_prefix}san" "MEDIUM" "subjectAltName (SAN) : -- Browser will complain soon"
else
pr_svrty_low "missing"; outln " -- no SAN is deprecated"
fileout "${json_prefix}san" "LOW" "subjectAltName (SAN) : -- no SAN is deprecated"
fi
fi
out "$indent"; pr_bold " Issuer "
#FIXME: oid would be better maybe (see above)