From 6e2b9ae1c674d13c483cca64e316545749da39b3 Mon Sep 17 00:00:00 2001 From: Dirk Date: Fri, 2 Jun 2023 16:43:27 +0200 Subject: [PATCH 1/2] Make clear where the parsing error comes from: SSL or TLS --- testssl.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/testssl.sh b/testssl.sh index c6b3f71..849006c 100755 --- a/testssl.sh +++ b/testssl.sh @@ -12126,7 +12126,7 @@ parse_sslv2_serverhello() { [[ "$DEBUG" -ge 5 ]] && echo "$v2_hello_ascii" if [[ -z "$v2_hello_ascii" ]]; then ret=0 # 1 line without any blanks: no server hello received - debugme echo "server hello empty" + debugme echo "(SSLv2) ServerHello empty" else # now scrape two bytes out of the reply per byte v2_hello_initbyte="${v2_hello_ascii:0:1}" # normally this belongs to the next, should be 8! @@ -14179,7 +14179,7 @@ parse_tls_serverhello() { done if [[ $tls_serverhello_ascii_len -eq 0 ]]; then - debugme echo "server hello empty, TCP connection closed" + debugme echo "(TLS) ServerHello empty, TCP connection closed" DETECTED_TLS_VERSION="closed TCP connection " [[ $DEBUG -ge 1 ]] && tmpfile_handle ${FUNCNAME[0]}.txt return 1 # no server hello received From 858f00304c308de1f2557c139539ddb166119a64 Mon Sep 17 00:00:00 2001 From: Dirk Date: Fri, 2 Jun 2023 16:57:47 +0200 Subject: [PATCH 2/2] tiny clarification in debug mode --- testssl.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/testssl.sh b/testssl.sh index 849006c..67f6efb 100755 --- a/testssl.sh +++ b/testssl.sh @@ -12156,7 +12156,7 @@ parse_sslv2_serverhello() { elif [[ $v2_hello_initbyte != "8" ]] || [[ $v2_hello_handshake != "04" ]]; then ret=1 if [[ $DEBUG -ge 2 ]]; then - echo "no correct server hello" + echo "no correct (SSLv2) ServerHello" echo "SSLv2 server init byte: 0x0$v2_hello_initbyte" echo "SSLv2 hello handshake : 0x$v2_hello_handshake" fi