mirror of
https://github.com/drwetter/testssl.sh.git
synced 2025-10-31 05:45:26 +01:00
Merge pull request #2826 from testssl/fix_2825
Fix not working --disable-rating switch
This commit is contained in:
Dirk Wetter
18
testssl.sh
18
testssl.sh
@@ -1125,6 +1125,7 @@ f5_port_decode() {
|
|||||||
# Sets the grade cap to ARG1
|
# Sets the grade cap to ARG1
|
||||||
# arg1: A grade to set ("A", "B", "C", "D", "E", "F", "M", or "T")
|
# arg1: A grade to set ("A", "B", "C", "D", "E", "F", "M", or "T")
|
||||||
# arg2: A reason why (e.g. "Vulnerable to CRIME")
|
# arg2: A reason why (e.g. "Vulnerable to CRIME")
|
||||||
|
#
|
||||||
set_grade_cap() {
|
set_grade_cap() {
|
||||||
"$do_rating" || return 0
|
"$do_rating" || return 0
|
||||||
GRADE_CAP_REASONS+=("Grade capped to $1. $2")
|
GRADE_CAP_REASONS+=("Grade capped to $1. $2")
|
||||||
@@ -1141,6 +1142,7 @@ set_grade_cap() {
|
|||||||
|
|
||||||
# Sets a grade warning, as specified by the grade specification
|
# Sets a grade warning, as specified by the grade specification
|
||||||
# arg1: A warning message
|
# arg1: A warning message
|
||||||
|
#
|
||||||
set_grade_warning() {
|
set_grade_warning() {
|
||||||
"$do_rating" || return 0
|
"$do_rating" || return 0
|
||||||
GRADE_WARNINGS+=("$1")
|
GRADE_WARNINGS+=("$1")
|
||||||
@@ -1150,6 +1152,7 @@ set_grade_warning() {
|
|||||||
# Sets the score for Category 2 (Key Exchange Strength)
|
# Sets the score for Category 2 (Key Exchange Strength)
|
||||||
# arg1: Short key algorithm ("EC", "DH", "RSA", ...), or "DHE" for ephemeral key size
|
# arg1: Short key algorithm ("EC", "DH", "RSA", ...), or "DHE" for ephemeral key size
|
||||||
# arg2: key size (number of bits)
|
# arg2: key size (number of bits)
|
||||||
|
#
|
||||||
set_key_str_score() {
|
set_key_str_score() {
|
||||||
local type=$1
|
local type=$1
|
||||||
local size=$2
|
local size=$2
|
||||||
@@ -1187,6 +1190,7 @@ set_key_str_score() {
|
|||||||
# Sets the best and worst bit size key, used to grade Category 3 (Cipher Strength)
|
# Sets the best and worst bit size key, used to grade Category 3 (Cipher Strength)
|
||||||
# This function itself doesn't actually set a score; its just in the name to keep it logical (score == rating function)
|
# This function itself doesn't actually set a score; its just in the name to keep it logical (score == rating function)
|
||||||
# arg1: a bit size
|
# arg1: a bit size
|
||||||
|
#
|
||||||
set_ciph_str_score() {
|
set_ciph_str_score() {
|
||||||
local size=$1
|
local size=$1
|
||||||
|
|
||||||
@@ -23880,6 +23884,7 @@ run_rating() {
|
|||||||
# Rating needs a mix of certificate and vulnerabilities checks, in order to give out proper grades.
|
# Rating needs a mix of certificate and vulnerabilities checks, in order to give out proper grades.
|
||||||
# This function disables rating, if not all required checks are enabled
|
# This function disables rating, if not all required checks are enabled
|
||||||
# Returns "0" if rating is enabled, and "1" if rating is disabled
|
# Returns "0" if rating is enabled, and "1" if rating is disabled
|
||||||
|
#
|
||||||
set_rating_state() {
|
set_rating_state() {
|
||||||
local gbl
|
local gbl
|
||||||
local -i nr_enabled=0
|
local -i nr_enabled=0
|
||||||
@@ -23905,9 +23910,9 @@ set_rating_state() {
|
|||||||
return 0
|
return 0
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
# This initializes boolean global do_* variables. They keep track of what to do
|
# This initializes boolean global do_* variables. They keep track of what to do
|
||||||
# -- as the name insinuates
|
# -- as the name insinuates
|
||||||
|
#
|
||||||
initialize_globals() {
|
initialize_globals() {
|
||||||
do_allciphers=false
|
do_allciphers=false
|
||||||
do_vulnerabilities=false
|
do_vulnerabilities=false
|
||||||
@@ -23954,6 +23959,7 @@ initialize_globals() {
|
|||||||
|
|
||||||
|
|
||||||
# Set default scanning options for the boolean global do_* variables.
|
# Set default scanning options for the boolean global do_* variables.
|
||||||
|
#
|
||||||
set_scanning_defaults() {
|
set_scanning_defaults() {
|
||||||
do_allciphers=false
|
do_allciphers=false
|
||||||
do_vulnerabilities=true
|
do_vulnerabilities=true
|
||||||
@@ -24321,9 +24327,9 @@ parse_cmd_line() {
|
|||||||
do_grease=true
|
do_grease=true
|
||||||
;;
|
;;
|
||||||
--disable-rating|--no-rating)
|
--disable-rating|--no-rating)
|
||||||
SKIP_TESTS+=("rating")
|
|
||||||
# TODO: a generic thing would be --disable-* / --no-* ,
|
# TODO: a generic thing would be --disable-* / --no-* ,
|
||||||
# catch $1 and add it to the array ( #1502 )
|
# catch $1 and add it to the array ( #1502 )
|
||||||
|
SKIP_TESTS+=("rating")
|
||||||
;;
|
;;
|
||||||
-9|--full)
|
-9|--full)
|
||||||
set_scanning_defaults
|
set_scanning_defaults
|
||||||
@@ -24736,9 +24742,11 @@ parse_cmd_line() {
|
|||||||
set_skip_tests
|
set_skip_tests
|
||||||
[[ "$DEBUG" -ge 5 ]] && debug_globals
|
[[ "$DEBUG" -ge 5 ]] && debug_globals
|
||||||
|
|
||||||
# Unless explicit disabled, check if rating can be enabled
|
# Unless explicit disabled, check if rating can or should be enabled.
|
||||||
# Should be called after set_scanning_defaults
|
# Should be called after set_scanning_defaults() and set_skip_tests()
|
||||||
! "$do_rating" && set_rating_state
|
if [[ ! ${SKIP_TESTS[@]} =~ rating ]] ; then
|
||||||
|
set_rating_state
|
||||||
|
fi
|
||||||
|
|
||||||
CMDLINE_PARSED=true
|
CMDLINE_PARSED=true
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user