Make two attempts to connect with TLSv1.2

In `run_protocols()` for TLS 1.2, try one set of 127 ciphers and if the result isn't a connection at TLSv1.2 then try another set of 127 ciphers before giving up and assuming that TLS 1.2 isn't supported.
This commit is contained in:
David Cooper 2017-07-28 12:07:29 -04:00 committed by GitHub
parent eeda1ef684
commit a20d98bbfa
1 changed files with 8 additions and 1 deletions

View File

@ -3831,6 +3831,7 @@ run_protocols() {
local latest_supported="" # version.major and version.minor of highest version supported by the server.
local detected_version_string latest_supported_string
local lines nr_ciphers_detected
local -i ret
outln; pr_headline " Testing protocols "
@ -4029,10 +4030,16 @@ run_protocols() {
pr_bold " TLS 1.2 ";
if "$using_sockets"; then
tls_sockets "03" "$TLS12_CIPHER"
ret=$?
if [[ $ret -ne 0 ]]; then
tls_sockets "03" "$TLS12_CIPHER_2ND_TRY"
[[ $? -eq 0 ]] && ret=0
fi
else
run_prototest_openssl "-tls1_2"
ret=$?
fi
case $? in
case $ret in
0) prln_done_best "offered (OK)"
fileout "tls1_2" "OK" "TLSv1.2 is offered"
latest_supported="0303"