Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-01-22 08:29:31 +01:00
Code Issues Packages Projects Releases Wiki Activity

make 0964cbc5d3 easier in execution (session resumption)

Browse Source
This commit is contained in:
Dirk 2017-12-31 21:10:41 +01:00
parent 0964cbc5d3
commit a3b4609d24
1 changed files with 29 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

57
testssl.sh
View File

@ -5037,38 +5037,39 @@ sub_session_resumption() {
$OPENSSL s_client $(s_client_options "$STARTTLS $BUGS -connect $NODEIP:$PORT $PROXY $SNI $addcmd -sess_out $sess_data") </dev/null &>/dev/null $OPENSSL s_client $(s_client_options "$STARTTLS $BUGS -connect $NODEIP:$PORT $PROXY $SNI $addcmd -sess_out $sess_data") </dev/null &>/dev/null
ret1=$? ret1=$?
$OPENSSL s_client $(s_client_options "$STARTTLS $BUGS -connect $NODEIP:$PORT $PROXY $SNI $addcmd -sess_in $sess_data") </dev/null >$tmpfile 2>$ERRFILE if "$byID" && [[ $OSSL_VER_MINOR == "1.1" ]] && [[ $OSSL_VER_MAJOR == "1" ]] && [[ ! -s "$sess_data" ]]; then
ret2=$?
debugme echo "$ret1, $ret2, [[ -s "$sess_data" ]]"
# now get the line and compare the numbers read" and "written" as a second criteria.
rw_line="$(awk '/^SSL handshake has read/ { print $5" "$(NF-1) }' "$tmpfile" )"
rw_line=($rw_line)
if [[ "${rw_line[0]}" -gt "${rw_line[1]}" ]]; then
new_sid2=true
else
new_sid2=false
fi
debugme echo "${rw_line[0]}, ${rw_line[1]}"
# grep -aq "^New" "$tmpfile" && new_sid=true || new_sid=false
grep -aq "^Reused" "$tmpfile" && new_sid=false || new_sid=true
if "$new_sid2" && "$new_sid"; then
debugme echo -n "No session resumption "
ret=1
elif ! "$new_sid2" && ! "$new_sid"; then
debugme echo -n "Session resumption "
ret=0
elif "$byID" && [[ $OSSL_VER_MINOR == "1.1" ]] && [[ $OSSL_VER_MAJOR == "1" ]] && [[ ! -s "$sess_data" ]]; then
# it seems OpenSSL indicates no Session ID resumption by just not generating ouput # it seems OpenSSL indicates no Session ID resumption by just not generating ouput
debugme echo -n "No session resumption (empty file) " debugme echo -n "No session resumption byID (empty file)"
ret=2 ret=2
else else
debugme echo -n "unclear status: $ret1, $ret2, $new_sid, $new_sid2 -- " $OPENSSL s_client $(s_client_options "$STARTTLS $BUGS -connect $NODEIP:$PORT $PROXY $SNI $addcmd -sess_in $sess_data") </dev/null >$tmpfile 2>$ERRFILE
ret=7 ret2=$?
debugme echo "$ret1, $ret2, [[ -s "$sess_data" ]]"
# now get the line and compare the numbers read" and "written" as a second criteria.
rw_line="$(awk '/^SSL handshake has read/ { print $5" "$(NF-1) }' "$tmpfile" )"
rw_line=($rw_line)
if [[ "${rw_line[0]}" -gt "${rw_line[1]}" ]]; then
new_sid2=true
else
new_sid2=false
fi
debugme echo "${rw_line[0]}, ${rw_line[1]}"
# grep -aq "^New" "$tmpfile" && new_sid=true || new_sid=false
grep -aq "^Reused" "$tmpfile" && new_sid=false || new_sid=true
if "$new_sid2" && "$new_sid"; then
debugme echo -n "No session resumption "
ret=1
elif ! "$new_sid2" && ! "$new_sid"; then
debugme echo -n "Session resumption "
ret=0
else
debugme echo -n "unclear status: $ret1, $ret2, $new_sid, $new_sid2 -- "
ret=7
fi
if [[ $DEBUG -ge 2 ]]; then
"$byID" && echo "byID" || echo "by ticket"
fi
fi fi
if [[ $DEBUG -ge 2 ]]; then
"$byID" && echo "byID" || echo "by ticket"
fi
"$byID" && \ "$byID" && \
tmpfile_handle $FUNCNAME.byID.log $tmpfile || \ tmpfile_handle $FUNCNAME.byID.log $tmpfile || \
tmpfile_handle $FUNCNAME.byticket.log $tmpfile tmpfile_handle $FUNCNAME.byticket.log $tmpfile