slightly better output for OCSP stapling

This commit is contained in:
Dirk 2016-02-06 22:31:32 +01:00
parent c60a39282c
commit b93fc82489
1 changed files with 8 additions and 8 deletions

View File

@ -3220,26 +3220,26 @@ certificate_info() {
out "$indent"; pr_bold " OCSP stapling " out "$indent"; pr_bold " OCSP stapling "
if grep -a "OCSP response" <<<"$ocsp_response" | grep -q "no response sent" ; then if grep -a "OCSP response" <<<"$ocsp_response" | grep -q "no response sent" ; then
outln " not offered" pr_yellow "--"
fileout "$heading ocsp_stapling" "INFO" "OCSP stapling : not offered" fileout "$heading ocsp_stapling" "INFO" "OCSP stapling : not offered"
else else
if grep -a "OCSP Response Status" <<<"$ocsp_response_status" | grep -q successful; then if grep -a "OCSP Response Status" <<<"$ocsp_response_status" | grep -q successful; then
pr_litegreenln " offered" pr_litegreen "offered"
fileout "$heading ocsp_stapling" "OK" "OCSP stapling : offered" fileout "$heading ocsp_stapling" "OK" "OCSP stapling : offered"
else else
if $GOST_STATUS_PROBLEM; then if $GOST_STATUS_PROBLEM; then
outln " (GOST servers make problems here, sorry)" outln "(GOST servers make problems here, sorry)"
fileout "$heading ocsp_stapling" "OK" "OCSP stapling : (GOST servers make problems here, sorry)" fileout "$heading ocsp_stapling" "OK" "OCSP stapling : (GOST servers make problems here, sorry)"
ret=0 ret=0
else else
outln " not sure what's going on here, debug:" out "(response status unknown)"
grep -aA 20 "OCSP response" <<<"$ocsp_response"
fileout "$heading ocsp_stapling" "OK" "OCSP stapling : not sure what's going on here, debug: grep -aA 20 "OCSP response" <<<"$ocsp_response"" fileout "$heading ocsp_stapling" "OK" "OCSP stapling : not sure what's going on here, debug: grep -aA 20 "OCSP response" <<<"$ocsp_response""
debug grep -a -A20 -B2 "OCSP response" <<<"$ocsp_response"
ret=2 ret=2
fi fi
fi fi
fi fi
outln outln "\n"
return $ret return $ret
} }
@ -6744,4 +6744,4 @@ fi
exit $? exit $?
# $Id: testssl.sh,v 1.461 2016/02/03 16:55:52 dirkw Exp $ # $Id: testssl.sh,v 1.462 2016/02/06 21:31:31 dirkw Exp $