Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-01-07 09:10:57 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix run_logjam() in --ssl-native mode (3.0 branch)

Browse Source 
This commit fixes the same issue as #1584, but in the 3.0 branch.
This commit is contained in:
David Cooper 2020-04-23 15:01:50 -04:00
parent 2fcbcbe9d1
commit 8723fc78b1
1 changed files with 2 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
testssl.sh
View File

@ -15265,15 +15265,13 @@ run_logjam() {
tls_sockets "03" "$exportdh_cipher_list_hex, 00,ff"
sclient_success=$?
[[ $sclient_success -eq 2 ]] && sclient_success=0
[[ $sclient_success -eq 0 ]] && vuln_exportdh_ciphers=true
elif [[ $nr_supported_ciphers -ne 0 ]]; then
$OPENSSL s_client $(s_client_options "$STARTTLS $BUGS -cipher $exportdh_cipher_list -connect $NODEIP:$PORT $PROXY $SNI") >$TMPFILE 2>$ERRFILE </dev/null
sclient_connect_successful $? $TMPFILE
sclient_success=$?
[[ $? -eq 0 ]] && vuln_exportdh_ciphers=true
debugme grep -Ea "error|failure" $ERRFILE | grep -Eav "unable to get local|verify error"
fi
[[ $sclient_success -eq 0 ]] && \
vuln_exportdh_ciphers=true || \
vuln_exportdh_ciphers=false
if [[ $DEBUG -ge 2 ]]; then
if "$using_sockets"; then