From 84a82dbddc1bfac50d86e82afd476924b35f888a Mon Sep 17 00:00:00 2001 From: David Cooper Date: Wed, 6 May 2020 08:31:09 -0400 Subject: [PATCH] tls_sockets() return value There is one place in parse_tls_serverhello() that returns 8 if the server's response is not well-formed TLS. However, there is no code in testssl.sh that is prepared to handle this return value. Every function except run_protocols() only distinguishes between 0, 2, and everything else. run_protocols(), however, gets confused if tls_sockets() returns a value that it is not expecting. So, this commit changes parse_tls_serverhello() to return 1 whenever the server's response can not be parsed. --- testssl.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/testssl.sh b/testssl.sh index a30973b..b83eb41 100755 --- a/testssl.sh +++ b/testssl.sh @@ -12809,7 +12809,7 @@ parse_tls_serverhello() { [[ $tls_content_type != 16 ]] && [[ $tls_content_type != 17 ]]; then debugme tmln_warning "Content type other than alert, handshake, change cipher spec, or application data detected." [[ $DEBUG -ge 1 ]] && tmpfile_handle ${FUNCNAME[0]}.txt - return 8 + return 1 elif [[ "${tls_protocol:0:2}" != 03 ]]; then debugme tmln_warning "Protocol record_version.major is not 03." [[ $DEBUG -ge 1 ]] && tmpfile_handle ${FUNCNAME[0]}.txt