From 8b9bc3ca2c02dbecba9ed4bea255cdcf1baeab63 Mon Sep 17 00:00:00 2001
From: David Cooper <dcooper16@gmail.com>
Date: Tue, 6 Dec 2016 11:23:01 -0500
Subject: [PATCH 1/2] Don't parse SSLv2 ServerHello unless successful response

This PR is a proposed alternative to #537. It only attempts to extract the certificate and list of ciphers from the SSLv2 ServerHello is `ret=3`.
---
 testssl.sh | 27 ++++++++++++++-------------
 1 file changed, 14 insertions(+), 13 deletions(-)

diff --git a/testssl.sh b/testssl.sh
index 883c267..d34a1fe 100755
--- a/testssl.sh
+++ b/testssl.sh
@@ -6514,20 +6514,21 @@ parse_sslv2_serverhello() {
           fi
      fi
 
-     certificate_len=2*$(hex2dec "$v2_hello_cert_length")
-     [[ -e $HOSTCERT ]] && rm $HOSTCERT
-     [[ -e $TEMPDIR/intermediatecerts.pem ]] && rm $TEMPDIR/intermediatecerts.pem
-     if [[ "$2" == "true" ]] && [[ "$v2_cert_type" == "01" ]] && [[ "$v2_hello_cert_length" != "00" ]]; then
-          tmp_der_certfile=$(mktemp $TEMPDIR/der_cert.XXXXXX) || return $ret
-          asciihex_to_binary_file "${v2_hello_ascii:26:certificate_len}" "$tmp_der_certfile"
-          $OPENSSL x509 -inform DER -in $tmp_der_certfile -outform PEM -out $HOSTCERT
-          rm $tmp_der_certfile
-          get_pub_key_size
-          echo "======================================" >> $TMPFILE
-     fi
+     [[ "$2" == "true" ]] && [[ -e $HOSTCERT ]] && rm $HOSTCERT
+     [[ "$2" == "true" ]] && [[ -e $TEMPDIR/intermediatecerts.pem ]] && rm $TEMPDIR/intermediatecerts.pem
+     if [[ "$2" == "true" ]] && [[ $ret -eq 3 ]]; then
+          certificate_len=2*$(hex2dec "$v2_hello_cert_length")
+     
+          if [[ "$v2_cert_type" == "01" ]] && [[ "$v2_hello_cert_length" != "00" ]]; then
+               tmp_der_certfile=$(mktemp $TEMPDIR/der_cert.XXXXXX) || return $ret
+               asciihex_to_binary_file "${v2_hello_ascii:26:certificate_len}" "$tmp_der_certfile"
+               $OPENSSL x509 -inform DER -in $tmp_der_certfile -outform PEM -out $HOSTCERT
+               rm $tmp_der_certfile
+               get_pub_key_size
+               echo "======================================" >> $TMPFILE
+          fi
 
-     # Output list of supported ciphers
-     if [[ "$2" == "true" ]]; then
+          # Output list of supported ciphers
           let offset=26+$certificate_len
           nr_ciphers_detected=$((V2_HELLO_CIPHERSPEC_LENGTH / 3))
           for (( i=0 ; i<nr_ciphers_detected; i++ )); do

From 2a9668c000a0ab632b04ded42927b0ad8ac14015 Mon Sep 17 00:00:00 2001
From: David Cooper <dcooper16@gmail.com>
Date: Mon, 12 Dec 2016 09:38:20 -0500
Subject: [PATCH 2/2] Updated based on @typingArtist's suggesting

---
 testssl.sh | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/testssl.sh b/testssl.sh
index e45fb88..f6f385c 100755
--- a/testssl.sh
+++ b/testssl.sh
@@ -6514,9 +6514,9 @@ parse_sslv2_serverhello() {
           fi
      fi
 
-     [[ "$2" == "true" ]] && [[ -e $HOSTCERT ]] && rm $HOSTCERT
-     [[ "$2" == "true" ]] && [[ -e $TEMPDIR/intermediatecerts.pem ]] && rm $TEMPDIR/intermediatecerts.pem
-     if [[ "$2" == "true" ]] && [[ $ret -eq 3 ]]; then
+     [[ "$2" == "true" ]] || return $ret
+     rm -f $HOSTCERT $TEMPDIR/intermediatecerts.pem
+     if [[ $ret -eq 3 ]]; then
           certificate_len=2*$(hex2dec "$v2_hello_cert_length")
      
           if [[ "$v2_cert_type" == "01" ]] && [[ "$v2_hello_cert_length" != "00" ]]; then