Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-10-31 05:45:26 +01:00
Code Issues Packages Projects Releases Wiki Activity

- FIX #354

Browse Source 
- polish #353
This commit is contained in:
Dirk Wetter
2016-05-18 19:06:26 +02:00
parent 3dc94d2b3b
commit 9a1425da14
1 changed files with 8 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
testssl.sh
View File

@@ -3546,7 +3546,7 @@ run_pfs() {
local pfs_ciphers local pfs_ciphers
outln outln
pr_headlineln " Testing (perfect) forward secrecy, (P)FS -- omitting 3DES, RC4 and Null Encryption here " pr_headlineln " Testing robust (perfect) forward secrecy, (P)FS -- omitting Null Authentication/Encryption as well as 3DES and RC4 here "
if ! "$HAS_DH_BITS" && "$WIDE"; then if ! "$HAS_DH_BITS" && "$WIDE"; then
pr_warningln " (Your $OPENSSL cannot show DH/ECDH bits)" pr_warningln " (Your $OPENSSL cannot show DH/ECDH bits)"
fi fi
@@ -4059,10 +4059,10 @@ parse_tls_serverhello() {
outln outln
fi fi
if [[ $tls_content_type != "15" ]] && [[ $tls_content_type != "16" ]]; then if [[ $tls_content_type != "15" ]] && [[ $tls_content_type != "16" ]]; then
debugme pr_svrty_criticalln "Content type other than alert or handshake detected." debugme pr_warningln "Content type other than alert or handshake detected."
return 1 return 1
elif [[ "${tls_protocol:0:2}" != "03" ]]; then elif [[ "${tls_protocol:0:2}" != "03" ]]; then
debugme pr_svrty_criticalln "Protocol record_version.major is not 03." debugme pr_warningln "Protocol record_version.major is not 03."
return 1 return 1
fi fi
DETECTED_TLS_VERSION=$tls_protocol DETECTED_TLS_VERSION=$tls_protocol
@@ -4139,7 +4139,7 @@ parse_tls_serverhello() {
outln outln
fi fi
if [[ "$tls_err_level" != "01" ]] && [[ "$tls_err_level" != "02" ]]; then if [[ "$tls_err_level" != "01" ]] && [[ "$tls_err_level" != "02" ]]; then
debugme pr_svrty_criticalln "Unexpected AlertLevel (0x$tls_err_level)." debugme pr_warningln "Unexpected AlertLevel (0x$tls_err_level)."
return 1 return 1
elif [[ "$tls_err_level" == "02" ]]; then elif [[ "$tls_err_level" == "02" ]]; then
# Fatal alert # Fatal alert
@@ -4196,7 +4196,7 @@ parse_tls_serverhello() {
if [[ "$tls_msg_type" == "02" ]]; then if [[ "$tls_msg_type" == "02" ]]; then
if [[ -n "$tls_serverhello_ascii" ]]; then if [[ -n "$tls_serverhello_ascii" ]]; then
debugme pr_svrty_criticalln "Response contained more than one ServerHello handshake message." debugme pr_warningln "Response contained more than one ServerHello handshake message."
return 1 return 1
fi fi
tls_serverhello_ascii="${tls_handshake_ascii:i:msg_len}" tls_serverhello_ascii="${tls_handshake_ascii:i:msg_len}"
@@ -4212,7 +4212,7 @@ parse_tls_serverhello() {
return 1 return 1
elif [[ "${tls_handshake_ascii:0:2}" != "02" ]]; then elif [[ "${tls_handshake_ascii:0:2}" != "02" ]]; then
# the ServerHello MUST be the first handshake message # the ServerHello MUST be the first handshake message
debugme pr_svrty_criticalln "The first handshake protocol message is not a ServerHello." debugme pr_warningln "The first handshake protocol message is not a ServerHello."
return 1 return 1
fi fi
@@ -4226,7 +4226,7 @@ parse_tls_serverhello() {
# byte 38+39+sid-len: extension length # byte 38+39+sid-len: extension length
tls_protocol2="${tls_serverhello_ascii:0:4}" tls_protocol2="${tls_serverhello_ascii:0:4}"
if [[ "${tls_protocol2:0:2}" != "03" ]]; then if [[ "${tls_protocol2:0:2}" != "03" ]]; then
debugme pr_svrty_criticalln "server_version.major in ServerHello is not 03." debugme pr_warningln "server_version.major in ServerHello is not 03."
return 1 return 1
fi fi
DETECTED_TLS_VERSION="$tls_protocol2" DETECTED_TLS_VERSION="$tls_protocol2"
@@ -7177,4 +7177,4 @@ fi
exit $? exit $?
# $Id: testssl.sh,v 1.481 2016/04/21 16:44:56 dirkw Exp $ # $Id: testssl.sh,v 1.483 2016/05/18 17:06:25 dirkw Exp $