Merge branch 'master' of github.com:drwetter/testssl.sh

Readme.md

@@ -5,8 +5,8 @@ testssl.sh is a free Unix command line tool which checks a server's service on
 any port for the support of TLS/SSL ciphers, protocols as well as some cryptographic flaws.
 It's designed to provide clear output for a "is this good or bad" decision.
 
-It is working on every Linux distribution and MacOS X  which has OpenSSL, /bin/bash and
+It is working on every Linux distribution, MacOS X and Windows (using MSYS2) which has OpenSSL,
-standard tools like GNU sed and awk installed.
+/bin/bash and standard tools like GNU sed and awk installed.
 
 On github (here) you will find development versions of the software -- with new features and maybe some bugs. For the stable version and a more thorough description of the software please see http://testssl.sh/ .
 

testssl.sh

@@ -83,7 +83,8 @@ OSSL_VER_APPENDIX="none"
 NODEIP=""
 IPS=""
 
-
+# make sure that temporary files are cleaned up after use
+trap cleanup QUIT EXIT
 
 out() {
 	$ECHO "$1"
@@ -1573,7 +1574,7 @@ cleanup () {
 		[ -e $HEADERFILE_BREACH ] && cat $HEADERFILE_BREACH
 		#[ -e $LOGFILE ] && cat $LOGFILE 
 	else
-		rm $TMPFILE $HEADERFILE $LOGFILE $GOST_CONF 2>/dev/null
+		rm ${TMPFILE} ${HEADERFILE} ${HEADERFILE_BREACH} ${LOGFILE} ${GOST_CONF} 2>/dev/null
 	fi
 	outln
 	outln
@@ -1803,56 +1804,48 @@ case "$1" in
 		maketempf
 		test_just_one $2
 		ret=$?
-		cleanup
 		exit $ret ;;
 	-t|--starttls)			
 		parse_hn_port "$2" "$3" # here comes hostname:port and protocol to signal starttls
 		maketempf
 		starttls "$3"		# protocol
 		ret=$?
-		cleanup
 		exit $ret ;;
 	-e|--each-cipher)
 		parse_hn_port "$2"
 		maketempf
 		allciphers 
 		ret=$?
-		cleanup 
 		exit $ret ;;
 	-E|-ee|--cipher-per-proto)  
 		parse_hn_port "$2"
 		maketempf
 		cipher_per_proto
 		ret=$?
-		cleanup 
 		exit $ret ;;
 	-p|--protocols)
 		parse_hn_port "$2"
 		maketempf
 		runprotocols 	; ret=$?
 		spdy			; ret=`expr $? + $ret`
-		cleanup
 		exit $ret ;;
 	-f|--ciphers)
 		parse_hn_port "$2"
 		maketempf
 		run_std_cipherlists
 		ret=$?
-		cleanup
 		exit $ret ;;
      -P|--preference)   
 		parse_hn_port "$2"
 		maketempf
 		simple_preference
 		ret=$?
-		cleanup
 		exit $ret ;;
 	-y|--spdy|--google)
 		parse_hn_port "$2"
 		maketempf
 		spdy
 		ret=$?
-		cleanup
 		exit $?  ;;
 	-B|--heartbleet)
 		parse_hn_port "$2"
@@ -1860,7 +1853,6 @@ case "$1" in
 		outln; blue "--> Testing for heartbleed vulnerability"; outln "\n"
 		heartbleed
 		ret=$?
-		cleanup
 		exit $?  ;;
 	-I|--ccs|--ccs_injection)
 		parse_hn_port "$2"
@@ -1868,7 +1860,6 @@ case "$1" in
 		outln; blue "--> Testing for CCS injection vulnerability"; outln "\n"
 		ccs_injection
 		ret=$?
-		cleanup
 		exit $?  ;;
 	-R|--renegotiation)
 		parse_hn_port "$2"
@@ -1876,7 +1867,6 @@ case "$1" in
 		outln; blue "--> Testing for Renegotiation vulnerability"; outln "\n"
 		renego
 		ret=$?
-		cleanup
 		exit $?  ;;
 	-C|--compression|--crime)
 		parse_hn_port "$2"
@@ -1884,7 +1874,6 @@ case "$1" in
 		outln; blue "--> Testing for CRIME vulnerability"; outln "\n"
 		crime
 		ret=$?
-		cleanup
 		exit $?  ;;
 	-T|--breach)
 		parse_hn_port "$2"
@@ -1893,7 +1882,6 @@ case "$1" in
 		breach
 		ret=$?
 		ret=`expr $? + $ret`
-		cleanup
 		exit $ret ;;
 	-0|--poodle)
 		parse_hn_port "$2"
@@ -1902,21 +1890,18 @@ case "$1" in
 		poodle
 		ret=$?
 		ret=`expr $? + $ret`
-		cleanup
 		exit $ret ;;
 	-4|--rc4|--appelbaum)
 		parse_hn_port "$2"
 		maketempf
 		rc4
 		ret=$?
-		cleanup
 		exit $?  ;;
 	-s|--pfs|--fs|--nsa)
 		parse_hn_port "$2"
 		maketempf
 		pfs
 		ret=$?
-		cleanup
 		exit $ret ;;
 	-H|--header|--headers)  
 		parse_hn_port "$2"
@@ -1927,7 +1912,6 @@ case "$1" in
 		ret=$?
 		serverbanner
 		ret=`expr $? + $ret`
-		cleanup
 		exit $ret ;;
 	*)
 		parse_hn_port "$1"
@@ -1954,8 +1938,6 @@ case "$1" in
 
 		rc4				; ret=`expr $? + $ret`
 		pfs				; ret=`expr $? + $ret`
-
-		cleanup 
 		exit $ret ;;
 esac