From a7fe48190461bbeae96e7d947eb8264983199832 Mon Sep 17 00:00:00 2001 From: David Cooper Date: Thu, 7 Nov 2019 13:12:41 -0500 Subject: [PATCH] Don't ignore first call to $OPENSSL s_client run_prototest_openssl() currently calls "$OPENSSL s_client" twice, once with $PROXY and once without. The problem is that the results of the first call are just ignored. This commit changes run_prototest_openssl() so that the attempt without $PROXY is only tried if the first attempt was unsuccessful. --- testssl.sh | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/testssl.sh b/testssl.sh index 3c20f50..ee1ce38 100755 --- a/testssl.sh +++ b/testssl.sh @@ -4802,12 +4802,18 @@ run_prototest_openssl() { sclient_connect_successful $? $TMPFILE ret=$? debugme grep -E "error|failure" $ERRFILE | grep -Eav "unable to get local|verify error" - # try again without $PROXY - $OPENSSL s_client $(s_client_options "-state $1 $STARTTLS $BUGS -connect $NODEIP:$PORT $SNI") >$TMPFILE 2>&1 $TMPFILE 2>&1