Added --openssl-timeout parameter
In some cases OpenSSL processes hanged indefinitely while scans. This new parameter allows to wrap the "timeout" tool around the openssl invocation.
This commit is contained in:
parent
bda62ec715
commit
a288954d36
10
testssl.sh
10
testssl.sh
|
@ -134,7 +134,7 @@ TERM_CURRPOS=0 # custom line wrapping ne
|
||||||
# following variables make use of $ENV, e.g. OPENSSL=<myprivate_path_to_openssl> ./testssl.sh <host>
|
# following variables make use of $ENV, e.g. OPENSSL=<myprivate_path_to_openssl> ./testssl.sh <host>
|
||||||
# 0 means (normally) true here. Some of the variables are also accessible with a command line switch, see --help
|
# 0 means (normally) true here. Some of the variables are also accessible with a command line switch, see --help
|
||||||
|
|
||||||
declare -x OPENSSL
|
declare -x OPENSSL OPENSSL_TIMEOUT
|
||||||
COLOR=${COLOR:-2} # 2: Full color, 1: b/w+positioning, 0: no ESC at all
|
COLOR=${COLOR:-2} # 2: Full color, 1: b/w+positioning, 0: no ESC at all
|
||||||
COLORBLIND=${COLORBLIND:-false} # if true, swap blue and green in the output
|
COLORBLIND=${COLORBLIND:-false} # if true, swap blue and green in the output
|
||||||
SHOW_EACH_C=${SHOW_EACH_C:-false} # where individual ciphers are tested show just the positively ones tested
|
SHOW_EACH_C=${SHOW_EACH_C:-false} # where individual ciphers are tested show just the positively ones tested
|
||||||
|
@ -6734,6 +6734,10 @@ find_openssl_binary() {
|
||||||
$OPENSSL s_client -help 2>&1 | grep -qw '\-nextprotoneg' && \
|
$OPENSSL s_client -help 2>&1 | grep -qw '\-nextprotoneg' && \
|
||||||
HAS_SPDY=true
|
HAS_SPDY=true
|
||||||
|
|
||||||
|
if [[ "$OPENSSL_TIMEOUT" != "" ]]; then
|
||||||
|
OPENSSL="timeout --preserve-status $OPENSSL_TIMEOUT $OPENSSL"
|
||||||
|
fi
|
||||||
|
|
||||||
return 0
|
return 0
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -8076,6 +8080,10 @@ parse_cmd_line() {
|
||||||
OPENSSL=$(parse_opt_equal_sign "$1" "$2")
|
OPENSSL=$(parse_opt_equal_sign "$1" "$2")
|
||||||
[[ $? -eq 0 ]] && shift
|
[[ $? -eq 0 ]] && shift
|
||||||
;;
|
;;
|
||||||
|
--openssl-timeout|--openssl-timeout=*)
|
||||||
|
OPENSSL_TIMEOUT=$(parse_opt_equal_sign "$1" "$2")
|
||||||
|
[[ $? -eq 0 ]] && shift
|
||||||
|
;;
|
||||||
--mapping|--mapping=*)
|
--mapping|--mapping=*)
|
||||||
local cipher_mapping
|
local cipher_mapping
|
||||||
cipher_mapping=$(parse_opt_equal_sign "$1" "$2")
|
cipher_mapping=$(parse_opt_equal_sign "$1" "$2")
|
||||||
|
|
Loading…
Reference in New Issue