tls_sockets() return value

There is one place in parse_tls_serverhello() that returns 8 if the server's response is not well-formed TLS. However, there is no code in testssl.sh that is prepared to handle this return value. Every function except run_protocols() only distinguishes between 0, 2, and everything else. run_protocols(), however, gets confused if tls_sockets() returns a value that it is not expecting. So, this commit changes parse_tls_serverhello() to return 1 whenever the server's response can not be parsed.
This commit is contained in:
David Cooper 2020-05-06 08:31:09 -04:00
parent 693cb216f7
commit 84a82dbddc

View File

@ -12809,7 +12809,7 @@ parse_tls_serverhello() {
[[ $tls_content_type != 16 ]] && [[ $tls_content_type != 17 ]]; then [[ $tls_content_type != 16 ]] && [[ $tls_content_type != 17 ]]; then
debugme tmln_warning "Content type other than alert, handshake, change cipher spec, or application data detected." debugme tmln_warning "Content type other than alert, handshake, change cipher spec, or application data detected."
[[ $DEBUG -ge 1 ]] && tmpfile_handle ${FUNCNAME[0]}.txt [[ $DEBUG -ge 1 ]] && tmpfile_handle ${FUNCNAME[0]}.txt
return 8 return 1
elif [[ "${tls_protocol:0:2}" != 03 ]]; then elif [[ "${tls_protocol:0:2}" != 03 ]]; then
debugme tmln_warning "Protocol record_version.major is not 03." debugme tmln_warning "Protocol record_version.major is not 03."
[[ $DEBUG -ge 1 ]] && tmpfile_handle ${FUNCNAME[0]}.txt [[ $DEBUG -ge 1 ]] && tmpfile_handle ${FUNCNAME[0]}.txt