Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2024-12-28 20:39:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1963 from drwetter/fix_1956_3.1dev

Browse Source 
Redirect debugme() outputs to stderr (3.1dev)
This commit is contained in:
Dirk Wetter 2021-08-07 16:18:43 +02:00 committed by GitHub
commit 77e47cadff
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
testssl.sh
View File

@ -780,11 +780,11 @@ get_last_char() {
}
# Checking for last char. If already a separator supplied, we don't need an additional one
debugme() {
[[ "$DEBUG" -ge 2 ]] && "$@"
[[ "$DEBUG" -ge 2 ]] && "$@" >&2
return 0
}
debugme1() { [[ "$DEBUG" -ge 2 ]] && "$@"; }
debugme1() { [[ "$DEBUG" -ge 1 ]] && "$@" >&2; }
hex2dec() {
echo $((16#$1))
@ -7505,7 +7505,7 @@ determine_tls_extensions() {
fi
# Keep it "on file" for debugging purposes
debugme1 safe_echo "$TLS_EXTENSIONS" >"$TEMPDIR/$NODE.$NODEIP.tls_extensions.txt"
debugme1 safe_echo "$TLS_EXTENSIONS" 2>&1 >"$TEMPDIR/$NODE.$NODEIP.tls_extensions.txt"
return $success
}
@ -9124,7 +9124,7 @@ certificate_info() {
out "no "
fileout "${jsonID}${json_postfix}" "INFO" "no"
fi
debugme1 echo -n "($(newline_to_spaces "$policy_oid"))"
debugme echo -n "($(newline_to_spaces "$policy_oid"))"
outln
#TODO: check browser OIDs:
# https://dxr.mozilla.org/mozilla-central/source/security/certverifier/ExtendedValidation.cpp
@ -9224,7 +9224,7 @@ certificate_info() {
else
# All is fine with validity period
# We ignore for now certificates < 2018/03/01. On the screen we only show debug info
debugme1 echo "${spaces}DEBUG: all is fine with total certificate life time"
debugme echo "${spaces}DEBUG: all is fine with total certificate life time"
fileout "cert_extlifeSpan${json_postfix}" "OK" "certificate has no extended life time according to browser forum"
fi
@ -10382,7 +10382,7 @@ run_fs() {
CURVES_OFFERED="$curves_offered"
CURVES_OFFERED=$(strip_trailing_space "$CURVES_OFFERED")
# Keep it "on file" for debugging purposes
debugme1 safe_echo "$CURVES_OFFERED" >"$TEMPDIR/$NODE.$NODEIP.curves_offered.txt"
debugme1 safe_echo "$CURVES_OFFERED" 2>&1 >"$TEMPDIR/$NODE.$NODEIP.curves_offered.txt"
# find out what groups are supported.
if "$using_sockets" && ( "$fs_tls13_offered" || "$ffdhe_offered" ); then
@ -17800,7 +17800,7 @@ run_winshock() {
if [[ "$(has_server_protocol "tls1_3")" -eq 0 ]] ; then
# There's no MS server supporting TLS 1.3. Winshock was way back in time
pr_svrty_best "not vulnerable (OK)"
debugme1 echo " - TLS 1.3 found"
debugme echo " - TLS 1.3 found"
fileout "$jsonID" "OK" "not vulnerable " "$cve" "$cwe"
outln
return 0