Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-01-03 23:39:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Check for empty byte6

Browse Source
This commit is contained in:
David Cooper 2016-08-29 14:10:16 -04:00 committed by GitHub
parent 3dc8754a0e
commit 9bcf232f0f
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
testssl.sh
View File

@ -6066,7 +6066,7 @@ ok_ids(){
#FIXME: At a certain point heartbleed and ccs needs to be changed and make use of code2network using a file, then tls_sockets
run_ccs_injection(){
local tls_proto_offered tls_hexcode ccs_message client_hello byte6="0a"
local tls_proto_offered tls_hexcode ccs_message client_hello byte6=""
local -i retval ret lines
# see https://www.openssl.org/news/secadv_20140605.txt
@ -6169,7 +6169,7 @@ run_ccs_injection(){
debugme echo "lines: $lines, byte6: $byte6"
fi
rm "$SOCK_REPLY_FILE"
if [[ "$byte6" == "0a" ]] || [[ "$lines" -gt 1 ]]; then
if [[ "$byte6" == "" ]] || [[ "$lines" -gt 1 ]]; then
pr_done_best "not vulnerable (OK)"
if [[ $retval -eq 3 ]]; then
fileout "ccs" "OK" "CCS (CVE-2014-0224): not vulnerable (OK) (timed out)"