Merge pull request #1164 from dcooper16/fix1159

Fix #1159
This commit is contained in:
Dirk Wetter 2018-11-29 10:02:26 +01:00 committed by GitHub
commit 7a6ec6b8a2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -8397,7 +8397,17 @@ run_server_defaults() {
"all+"
success[0]=$?
if [[ ${success[0]} -eq 0 ]] || [[ ${success[0]} -eq 2 ]]; then
mv $HOSTCERT $HOSTCERT.nosni
if [[ -s $HOSTCERT ]]; then
mv $HOSTCERT $HOSTCERT.nosni
else
# The connection was successful, but the certificate could
# not be obtained (probably because the connection was TLS 1.3
# and $OPENSSL does not support the key exchange group that was
# selected). So, try again using OpenSSL (which will not use a TLS 1.3
# ClientHello).
$OPENSSL s_client $(s_client_options "$STARTTLS $BUGS -connect $NODEIP:$PORT $PROXY $OPTIMAL_PROTO") 2>>$ERRFILE </dev/null | \
awk '/-----BEGIN/,/-----END/ { print $0 }' >$HOSTCERT.nosni
fi
else
>$HOSTCERT.nosni
fi