mirror of
https://github.com/drwetter/testssl.sh.git
synced 2025-01-22 08:29:31 +01:00
Merge pull request #1308 from drwetter/binchar_fix
Binary string washer (0x00 bytes) (probably) after completed ClientHello
This commit is contained in:
commit
71e561ceba
13
testssl.sh
13
testssl.sh
@ -1262,7 +1262,14 @@ strip_trailing_space() {
|
|||||||
# retrieve cipher from ServerHello (via openssl)
|
# retrieve cipher from ServerHello (via openssl)
|
||||||
get_cipher() {
|
get_cipher() {
|
||||||
local cipher=""
|
local cipher=""
|
||||||
local server_hello="$(< "$1")"
|
local server_hello="$(cat -v "$1")"
|
||||||
|
# This and two other following instances are not best practice and normally a useless use of "cat", see
|
||||||
|
# https://web.archive.org/web/20160711205930/http://porkmail.org/era/unix/award.html#uucaletter
|
||||||
|
# However there seem to be cases where the preferred $(< "$1") logic has a problem.
|
||||||
|
# Esepcially with bash 3.2 (Mac OS X) and when on the server side binary chars
|
||||||
|
# are returned, see https://stackoverflow.com/questions/7427262/how-to-read-a-file-into-a-variable-in-shell#22607352
|
||||||
|
# and https://github.com/drwetter/testssl.sh/issues/1292
|
||||||
|
# Performance measurements showed no to barely measureable penalty (1s displayed in 9 tries).
|
||||||
|
|
||||||
if [[ "$server_hello" =~ Cipher\ *:\ ([A-Z0-9]+-[A-Za-z0-9\-]+|TLS_[A-Za-z0-9_]+) ]]; then
|
if [[ "$server_hello" =~ Cipher\ *:\ ([A-Z0-9]+-[A-Za-z0-9\-]+|TLS_[A-Za-z0-9_]+) ]]; then
|
||||||
cipher="${BASH_REMATCH##* }"
|
cipher="${BASH_REMATCH##* }"
|
||||||
@ -1275,7 +1282,7 @@ get_cipher() {
|
|||||||
# retrieve protocol from ServerHello (via openssl)
|
# retrieve protocol from ServerHello (via openssl)
|
||||||
get_protocol() {
|
get_protocol() {
|
||||||
local protocol=""
|
local protocol=""
|
||||||
local server_hello="$(< "$1")"
|
local server_hello="$(cat -v "$1")"
|
||||||
|
|
||||||
if [[ "$server_hello" =~ Protocol\ *:\ (SSLv[23]|TLSv1(\.[0-3])?) ]]; then
|
if [[ "$server_hello" =~ Protocol\ *:\ (SSLv[23]|TLSv1(\.[0-3])?) ]]; then
|
||||||
protocol="${BASH_REMATCH##* }"
|
protocol="${BASH_REMATCH##* }"
|
||||||
@ -6938,7 +6945,7 @@ tls_time() {
|
|||||||
# returns 0 if connect was successful, 1 if not
|
# returns 0 if connect was successful, 1 if not
|
||||||
#
|
#
|
||||||
sclient_connect_successful() {
|
sclient_connect_successful() {
|
||||||
local server_hello="$(<"$2")"
|
local server_hello="$(cat -v "$2")"
|
||||||
local re='Master-Key: ([^\
|
local re='Master-Key: ([^\
|
||||||
]*)'
|
]*)'
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user