Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-10-31 05:45:26 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch '2.9dev' into cipher_order_sockets

Browse Source
This commit is contained in:
David Cooper
2016-12-21 09:01:47 -05:00
parent 8c33562ba7 7a4c6294ac
commit 9d44bb6abd
1 changed files with 6 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
testssl.sh
View File

@@ -3861,7 +3861,7 @@ run_client_simulation() {
# generic function whether $1 is supported by s_client ($2: string to display) # generic function whether $1 is supported by s_client ($2: string to display)
locally_supported() { locally_supported() {
[[ -n "$2" ]] && out "$2 " [[ -n "$2" ]] && out "$2 "
if $OPENSSL s_client "$1" 2>&1 | grep -aq "unknown option"; then if $OPENSSL s_client "$1" -connect x 2>&1 | grep -aq "unknown option"; then
local_problem_ln "$OPENSSL doesn't support \"s_client $1\"" local_problem_ln "$OPENSSL doesn't support \"s_client $1\""
return 7 return 7
fi fi
@@ -6165,7 +6165,7 @@ run_pfs() {
# find out what elliptic curves are supported. # find out what elliptic curves are supported.
curves_offered="" curves_offered=""
for curve in "${curves_ossl[@]}"; do for curve in "${curves_ossl[@]}"; do
$OPENSSL s_client -curves $curve 2>&1 | egrep -iaq "Error with command|unknown option" $OPENSSL s_client -curves $curve -connect x 2>&1 | egrep -iaq "Error with command|unknown option"
[[ $? -ne 0 ]] && nr_curves+=1 && supported_curves+=("$curve") [[ $? -ne 0 ]] && nr_curves+=1 && supported_curves+=("$curve")
done done
@@ -9504,6 +9504,7 @@ run_rc4() {
fi fi
if "$WIDE"; then if "$WIDE"; then
#FIXME: JSON+CSV in wide mode is missing #FIXME: JSON+CSV in wide mode is missing
export="${export2[i]}"
neat_list "${normalized_hexcode[i]}" "${ciph[i]}" "${kx[i]}" "${enc[i]}" neat_list "${normalized_hexcode[i]}" "${ciph[i]}" "${kx[i]}" "${enc[i]}"
if "$SHOW_EACH_C"; then if "$SHOW_EACH_C"; then
if "${ciphers_found[i]}"; then if "${ciphers_found[i]}"; then
@@ -9666,13 +9667,13 @@ find_openssl_binary() {
OPENSSL_NR_CIPHERS=$(count_ciphers "$($OPENSSL ciphers 'ALL:COMPLEMENTOFALL:@STRENGTH' 2>/dev/null)") OPENSSL_NR_CIPHERS=$(count_ciphers "$($OPENSSL ciphers 'ALL:COMPLEMENTOFALL:@STRENGTH' 2>/dev/null)")
$OPENSSL s_client -ssl2 2>&1 | grep -aq "unknown option" || \ $OPENSSL s_client -ssl2 -connect x 2>&1 | grep -aq "unknown option" || \
HAS_SSL2=true HAS_SSL2=true
$OPENSSL s_client -ssl3 2>&1 | grep -aq "unknown option" || \ $OPENSSL s_client -ssl3 -connect x 2>&1 | grep -aq "unknown option" || \
HAS_SSL3=true HAS_SSL3=true
$OPENSSL s_client -no_ssl2 2>&1 | grep -aq "unknown option" || \ $OPENSSL s_client -no_ssl2 -connect x 2>&1 | grep -aq "unknown option" || \
HAS_NO_SSL2=true HAS_NO_SSL2=true
$OPENSSL s_client -help 2>$s_client_has $OPENSSL s_client -help 2>$s_client_has