Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-10-30 21:35:26 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch '2.9dev' into run_logjam_sockets

Browse Source
This commit is contained in:
David Cooper
2016-12-23 14:31:13 -05:00
parent 0d75bae195 725488449c
commit b88cc4af71
1 changed files with 17 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
testssl.sh
View File

@@ -6146,7 +6146,7 @@ http2_pre(){
fileout "https_alpn" "WARN" "HTTP2/ALPN : HTTP/2 was not tested as proxies do not support proxying it" fileout "https_alpn" "WARN" "HTTP2/ALPN : HTTP/2 was not tested as proxies do not support proxying it"
return 1 return 1
fi fi
if ! "$HAS_ALPN"; then if ! "$HAS_ALPN" && "$SSL_NATIVE"; then
local_problem_ln "$OPENSSL doesn't support HTTP2/ALPN"; local_problem_ln "$OPENSSL doesn't support HTTP2/ALPN";
fileout "https_alpn" "WARN" "HTTP2/ALPN : HTTP/2 was not tested as $OPENSSL does not support it" fileout "https_alpn" "WARN" "HTTP2/ALPN : HTTP/2 was not tested as $OPENSSL does not support it"
return 7 return 7
@@ -6191,7 +6191,7 @@ run_spdy() {
run_http2() { run_http2() {
local tmpstr local tmpstr alpn_extn len
local -i ret=0 local -i ret=0
local had_alpn_proto=false local had_alpn_proto=false
local alpn_finding="" local alpn_finding=""
@@ -6203,7 +6203,21 @@ run_http2() {
fi fi
for proto in $ALPN_PROTOs; do for proto in $ALPN_PROTOs; do
# for some reason OpenSSL doesn't list the advertised protocols, so instead try common protocols # for some reason OpenSSL doesn't list the advertised protocols, so instead try common protocols
if "$HAS_ALPN"; then
$OPENSSL s_client -connect $NODEIP:$PORT $BUGS $SNI -alpn $proto </dev/null 2>$ERRFILE >$TMPFILE $OPENSSL s_client -connect $NODEIP:$PORT $BUGS $SNI -alpn $proto </dev/null 2>$ERRFILE >$TMPFILE
else
alpn_extn="$(printf "%02x" ${#proto}),$(string_to_asciihex "$proto")"
len="$(printf "%04x" $((${#proto}+1)))"
alpn_extn="${len:0:2},${len:2:2},$alpn_extn"
len="$(printf "%04x" $((${#proto}+3)))"
alpn_extn="00,10,${len:0:2},${len:2:2},$alpn_extn"
tls_sockets "03" "$TLS12_CIPHER" "all" "$alpn_extn"
if [[ -r "$TEMPDIR/$NODEIP.parse_tls_serverhello.txt" ]]; then
cp "$TEMPDIR/$NODEIP.parse_tls_serverhello.txt" $TMPFILE
else
echo "" > $TMPFILE
fi
fi
#tmpstr=$(grep -a '^ALPN protocol' $TMPFILE | sed 's/ALPN protocol.*: //') #tmpstr=$(grep -a '^ALPN protocol' $TMPFILE | sed 's/ALPN protocol.*: //')
#tmpstr=$(awk '/^ALPN protocol*:/ { print $2 }' $TMPFILE) #tmpstr=$(awk '/^ALPN protocol*:/ { print $2 }' $TMPFILE)
tmpstr=$(awk -F':' '/^ALPN protocol*:/ { print $2 }' $TMPFILE) tmpstr=$(awk -F':' '/^ALPN protocol*:/ { print $2 }' $TMPFILE)