Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-01-10 02:30:58 +01:00
Code Issues Packages Projects Releases Wiki Activity

Server defaults

Browse Source
This commit is contained in:
Frank Breedijk 2015-12-17 10:41:30 +01:00
parent dee2e4c95d
commit 91a75f5a58
1 changed files with 11 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
testssl.sh
View File

@ -2693,21 +2693,31 @@ run_server_defaults() {
pr_bold " OCSP URI "
ocsp_uri=$($OPENSSL x509 -in $HOSTCERT -noout -ocsp_uri 2>>$ERRFILE)
[[ x"$ocsp_uri" == "x" ]] && pr_literedln "--" || echo "$ocsp_uri"
if [[ x"$ocsp_uri" == "x" ]]; then
pr_literedln "--"
output_finding "ocsp_uri" "$NODEIP" "$PORT" "NOT OK" "OCSP URI : -- (NOT ok)"
else
outln "$ocsp_uri"
output_finding "ocsp_uri" "$NODEIP" "$PORT" "INFO" "OCSP URI : $ocsp_uri"
fi
pr_bold " OCSP stapling "
if grep -a "OCSP response" $TMPFILE | grep -q "no response sent" ; then
out " not offered"
output_finding "ocsp_stapling" "$NODEIP" "$PORT" "INFO" "OCSP stapeling : not offered"
else
if grep -a "OCSP Response Status" $TMPFILE | grep -q successful; then
pr_litegreen " offered"
output_finding "ocsp_stapling" "$NODEIP" "$PORT" "OK" "OCSP stapeling : offered"
else
if $GOST_STATUS_PROBLEM; then
out " (GOST servers make problems here, sorry)"
output_finding "ocsp_stapling" "$NODEIP" "$PORT" "OK" "OCSP stapeling : (GOST servers make problems here, sorry)"
ret=0
else
outln " not sure what's going on here, debug:"
grep -aA 20 "OCSP response" $TMPFILE
output_finding "ocsp_stapling" "$NODEIP" "$PORT" "OK" "OCSP stapeling : not sure what's going on here, debug: `grep -aA 20 "OCSP response" $TMPFILE`"
ret=2
fi
fi