From 8e1bcd0bbea1e78b2704308cb255d70e789fabc0 Mon Sep 17 00:00:00 2001 From: Frank Breedijk Date: Thu, 17 Dec 2015 10:41:30 +0100 Subject: [PATCH] Server defaults --- testssl.sh | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/testssl.sh b/testssl.sh index 9aa8445..653ea7c 100755 --- a/testssl.sh +++ b/testssl.sh @@ -3120,21 +3120,31 @@ run_server_defaults() { pr_bold " OCSP URI " ocsp_uri=$($OPENSSL x509 -in $HOSTCERT -noout -ocsp_uri 2>>$ERRFILE) - [[ x"$ocsp_uri" == "x" ]] && pr_literedln "--" || echo "$ocsp_uri" + if [[ x"$ocsp_uri" == "x" ]]; then + pr_literedln "--" + output_finding "ocsp_uri" "$NODEIP" "$PORT" "NOT OK" "OCSP URI : -- (NOT ok)" + else + outln "$ocsp_uri" + output_finding "ocsp_uri" "$NODEIP" "$PORT" "INFO" "OCSP URI : $ocsp_uri" + fi pr_bold " OCSP stapling " if grep -a "OCSP response" $TMPFILE | grep -q "no response sent" ; then out " not offered" + output_finding "ocsp_stapling" "$NODEIP" "$PORT" "INFO" "OCSP stapeling : not offered" else if grep -a "OCSP Response Status" $TMPFILE | grep -q successful; then pr_litegreen " offered" + output_finding "ocsp_stapling" "$NODEIP" "$PORT" "OK" "OCSP stapeling : offered" else if $GOST_STATUS_PROBLEM; then out " (GOST servers make problems here, sorry)" + output_finding "ocsp_stapling" "$NODEIP" "$PORT" "OK" "OCSP stapeling : (GOST servers make problems here, sorry)" ret=0 else outln " not sure what's going on here, debug:" grep -aA 20 "OCSP response" $TMPFILE + output_finding "ocsp_stapling" "$NODEIP" "$PORT" "OK" "OCSP stapeling : not sure what's going on here, debug: `grep -aA 20 "OCSP response" $TMPFILE`" ret=2 fi fi