From ab9c70119f937f46a1033f202edb60b28b5dc761 Mon Sep 17 00:00:00 2001
From: David Cooper <dcooper16@gmail.com>
Date: Tue, 17 Oct 2017 13:28:15 -0400
Subject: [PATCH] run_server_preference() bug fix

If run_server_preference() is performed
* against a server that supports SSLv3 and that does not have a cipher order; and
* using a version of OpenSSL that does not support SSLv3; and
* with the --mapping option set to "rfc" or "no-openssl"
then the "Negotiated cipher per proto" will not show the SSLv3 cipher since cipher[i] will be empty.
---
 testssl.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/testssl.sh b/testssl.sh
index 09a825c..6078374 100755
--- a/testssl.sh
+++ b/testssl.sh
@@ -4957,8 +4957,8 @@ run_server_preference() {
                          tls_sockets "00" "$TLS_CIPHER"
                          if [[ $? -eq 0 ]]; then
                               proto[i]="SSLv3"
-                              cipher[i]=""
                               cipher1=$(awk '/Cipher *:/ { print $3 }' "$TEMPDIR/$NODEIP.parse_tls_serverhello.txt")
+                              cipher[i]="$cipher1"
                               if [[ "$DISPLAY_CIPHERNAMES" =~ openssl ]] && [[ $TLS_NR_CIPHERS -ne 0 ]]; then
                                    cipher[i]="$(rfc2openssl "$cipher1")"
                                    [[ -z "${cipher[i]}" ]] && cipher[i]="$cipher1"