mirror of
https://github.com/drwetter/testssl.sh.git
synced 2025-01-25 18:09:30 +01:00
Fix line feeds in vulnerabilty output when running in wide mode (backport)
Backport of b6cc01a558
:
-----
This commit is a FIX for #1069, thus when running in
wide mode it corrects an additional line feed which
happened sometimes.
As @dcooper16 pointed out it also cleans up the needless
if-statements in run_rc4(), run_lucky13() and run_beast().
It also inserts for wide mode lines a blank so the alignment
is not at the left border anymore (check for leftovers
needed).
This commit is contained in:
parent
7daf5de674
commit
af8b0855b6
14
testssl.sh
14
testssl.sh
@ -10693,8 +10693,6 @@ run_beast(){
|
|||||||
if [[ $VULN_COUNT -le $VULN_THRESHLD ]]; then
|
if [[ $VULN_COUNT -le $VULN_THRESHLD ]]; then
|
||||||
outln
|
outln
|
||||||
pr_headlineln " Testing for BEAST vulnerability "
|
pr_headlineln " Testing for BEAST vulnerability "
|
||||||
fi
|
|
||||||
if [[ $VULN_COUNT -le $VULN_THRESHLD ]]; then
|
|
||||||
outln
|
outln
|
||||||
fi
|
fi
|
||||||
pr_bold " BEAST"; out " ($cve) "
|
pr_bold " BEAST"; out " ($cve) "
|
||||||
@ -10907,10 +10905,11 @@ run_beast(){
|
|||||||
if "$vuln_beast"; then
|
if "$vuln_beast"; then
|
||||||
if [[ -n "$higher_proto_supported" ]]; then
|
if [[ -n "$higher_proto_supported" ]]; then
|
||||||
if "$WIDE"; then
|
if "$WIDE"; then
|
||||||
outln
|
outln; out " "
|
||||||
# NOT ok seems too harsh for me if we have TLS >1.0
|
# NOT ok seems too harsh for me if we have TLS >1.0
|
||||||
pr_svrty_low "VULNERABLE"
|
pr_svrty_low "VULNERABLE"
|
||||||
outln " -- but also supports higher protocols (possible mitigation):$higher_proto_supported"
|
outln " -- but also supports higher protocols (possible mitigation):$higher_proto_supported"
|
||||||
|
outln
|
||||||
else
|
else
|
||||||
out "$spaces"
|
out "$spaces"
|
||||||
pr_svrty_low "VULNERABLE"
|
pr_svrty_low "VULNERABLE"
|
||||||
@ -10950,8 +10949,9 @@ run_lucky13() {
|
|||||||
local cwe="CWE-310"
|
local cwe="CWE-310"
|
||||||
local hint=""
|
local hint=""
|
||||||
|
|
||||||
[[ $VULN_COUNT -le $VULN_THRESHLD ]] && outln && pr_headlineln " Testing for LUCKY13 vulnerability " && outln
|
if [[ $VULN_COUNT -le $VULN_THRESHLD ]]; then
|
||||||
if [[ $VULN_COUNT -le $VULN_THRESHLD ]] || "$WIDE"; then
|
outln
|
||||||
|
pr_headlineln " Testing for LUCKY13 vulnerability "
|
||||||
outln
|
outln
|
||||||
fi
|
fi
|
||||||
pr_bold " LUCKY13"; out " ($cve), experimental "
|
pr_bold " LUCKY13"; out " ($cve), experimental "
|
||||||
@ -11023,8 +11023,6 @@ run_rc4() {
|
|||||||
if [[ $VULN_COUNT -le $VULN_THRESHLD ]]; then
|
if [[ $VULN_COUNT -le $VULN_THRESHLD ]]; then
|
||||||
outln
|
outln
|
||||||
pr_headlineln " Checking for vulnerable RC4 Ciphers "
|
pr_headlineln " Checking for vulnerable RC4 Ciphers "
|
||||||
fi
|
|
||||||
if [[ $VULN_COUNT -le $VULN_THRESHLD ]]; then
|
|
||||||
outln
|
outln
|
||||||
fi
|
fi
|
||||||
pr_bold " RC4"; out " ($cve) "
|
pr_bold " RC4"; out " ($cve) "
|
||||||
@ -11231,7 +11229,7 @@ run_rc4() {
|
|||||||
done
|
done
|
||||||
! "$WIDE" && pr_svrty_high "$(out_row_aligned_max_width "$rc4_detected" " " $TERM_WIDTH)"
|
! "$WIDE" && pr_svrty_high "$(out_row_aligned_max_width "$rc4_detected" " " $TERM_WIDTH)"
|
||||||
outln
|
outln
|
||||||
"$WIDE" && pr_svrty_high "VULNERABLE (NOT ok)"
|
"$WIDE" && out " " && prln_svrty_high "VULNERABLE (NOT ok)"
|
||||||
fileout "rc4" "HIGH" "RC4: VULNERABLE, Detected ciphers: $rc4_detected" "$cve" "$cwe" "$hint"
|
fileout "rc4" "HIGH" "RC4: VULNERABLE, Detected ciphers: $rc4_detected" "$cve" "$cwe" "$hint"
|
||||||
elif [[ $nr_ciphers -eq 0 ]]; then
|
elif [[ $nr_ciphers -eq 0 ]]; then
|
||||||
prln_local_problem "No RC4 Ciphers configured in $OPENSSL"
|
prln_local_problem "No RC4 Ciphers configured in $OPENSSL"
|
||||||
|
Loading…
Reference in New Issue
Block a user