From 02a3c2cc1492dc799d065b5794e8e3dfe8207b8c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Emmanuel=20Fust=C3=A9?= <efuste@almond.consulting>
Date: Fri, 19 Jan 2024 16:22:50 +0100
Subject: [PATCH 1/2] Fixed regression in printing results

And improve it with the effective number of renego before disconnection
as it is now tracked.
---
 testssl.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/testssl.sh b/testssl.sh
index fb689df..ec502a7 100755
--- a/testssl.sh
+++ b/testssl.sh
@@ -17095,7 +17095,7 @@ run_renego() {
                                    rm -f $TEMPDIR/was_killed
                               else
                                    # If we got less than 2/3 successful attempts during the loop with 1s pause, we are in presence of exponential backoff.
-                                   if [[ $loop_reneg -le $(($ssl_reneg_attempts*2/3)) ]]; then
+                                   if [[ $tmp_result -eq 0 ]] && [[ $loop_reneg -le $(($ssl_reneg_attempts*2/3)) ]]; then
                                         tmp_result=2
                                    fi
                               fi
@@ -17103,7 +17103,7 @@ run_renego() {
                                    0) pr_svrty_high "VULNERABLE (NOT ok)"; outln ", DoS threat ($ssl_reneg_attempts attempts)"
                                       fileout "$jsonID" "HIGH" "VULNERABLE, DoS threat" "$cve" "$cwe" "$hint"
                                       ;;
-                                   1) pr_svrty_good "not vulnerable (OK)"; outln " -- mitigated (disconnect within $ssl_reneg_attempts)"
+                                   1) pr_svrty_good "not vulnerable (OK)"; outln " -- mitigated (disconnect after $loop_reneg/$ssl_reneg_attempts attemps)"
                                       fileout "$jsonID" "OK" "not vulnerable, mitigated" "$cve" "$cwe"
                                       ;;
                                    2) pr_svrty_good "not vulnerable (OK)"; \

From 4cc02a63eff0fffa1249c9b0013f8c8648715151 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Emmanuel=20Fust=C3=A9?= <efuste@almond.consulting>
Date: Fri, 19 Jan 2024 17:09:44 +0100
Subject: [PATCH 2/2] One more spell fix...

---
 testssl.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/testssl.sh b/testssl.sh
index ec502a7..99cc71b 100755
--- a/testssl.sh
+++ b/testssl.sh
@@ -17103,7 +17103,7 @@ run_renego() {
                                    0) pr_svrty_high "VULNERABLE (NOT ok)"; outln ", DoS threat ($ssl_reneg_attempts attempts)"
                                       fileout "$jsonID" "HIGH" "VULNERABLE, DoS threat" "$cve" "$cwe" "$hint"
                                       ;;
-                                   1) pr_svrty_good "not vulnerable (OK)"; outln " -- mitigated (disconnect after $loop_reneg/$ssl_reneg_attempts attemps)"
+                                   1) pr_svrty_good "not vulnerable (OK)"; outln " -- mitigated (disconnect after $loop_reneg/$ssl_reneg_attempts attempts)"
                                       fileout "$jsonID" "OK" "not vulnerable, mitigated" "$cve" "$cwe"
                                       ;;
                                    2) pr_svrty_good "not vulnerable (OK)"; \