Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-11-03 23:35:26 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #600 from dcooper16/unsupported_ciphers_in_litegrey

Browse Source 
Print unsupported ciphers in light grey
This commit is contained in:
Dirk Wetter
2017-01-30 18:29:57 +01:00
committed by GitHub
parent a7dff83160 392dac0e39
commit c0cf622aff
1 changed files with 22 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
testssl.sh
View File

@@ -2197,10 +2197,13 @@ neat_header(){
# arg2: cipher in openssl notation # arg2: cipher in openssl notation
# arg3: keyexchange # arg3: keyexchange
# arg4: encryption (maybe included "export") # arg4: encryption (maybe included "export")
# arg5: "true" if the cipher's "quality" should be highlighted
# "false" if the line should be printed in light grey
# empty if line should be printed in black
neat_list(){ neat_list(){
local hexcode="$1" local hexcode="$1"
local ossl_cipher="$2" tls_cipher="" local ossl_cipher="$2" tls_cipher=""
local kx enc strength local kx enc strength line
kx="${3//Kx=/}" kx="${3//Kx=/}"
enc="${4//Enc=/}" enc="${4//Enc=/}"
@@ -2216,6 +2219,12 @@ neat_list(){
[[ -n "$ADD_RFC_STR" ]] && tls_cipher="$(show_rfc_style "$hexcode")" [[ -n "$ADD_RFC_STR" ]] && tls_cipher="$(show_rfc_style "$hexcode")"
if [[ "$5" == "false" ]]; then
line="$(printf -- " %-7s %-33s %-10s %-10s%-8s${ADD_RFC_STR:+ %-49s}${SHOW_EACH_C:+ %-0s}" "$hexcode" "$ossl_cipher" "$kx" "$enc" "$strength" "$tls_cipher")"
pr_litegrey "$line"
return 0
fi
#printf -- "%q" "$kx" | xxd | head -1 #printf -- "%q" "$kx" | xxd | head -1
# length correction for color escape codes (printf counts the escape color codes!!) # length correction for color escape codes (printf counts the escape color codes!!)
if printf -- "%q" "$kx" | egrep -aq '.;3.m|E\[1m' ; then # here's a color code which screws up the formatting with printf below if printf -- "%q" "$kx" | egrep -aq '.;3.m|E\[1m' ; then # here's a color code which screws up the formatting with printf below
@@ -2479,12 +2488,12 @@ test_just_one(){
for (( i=0; i < nr_ciphers; i++ )); do for (( i=0; i < nr_ciphers; i++ )); do
export="${export2[i]}" export="${export2[i]}"
neat_list "${normalized_hexcode[i]}" "${ciph[i]}" "${kx[i]}" "${enc[i]}" neat_list "${normalized_hexcode[i]}" "${ciph[i]}" "${kx[i]}" "${enc[i]}" "${ciphers_found[i]}"
if "${ciphers_found[i]}"; then if "${ciphers_found[i]}"; then
pr_cyan " available" pr_cyan " available"
fileout "cipher_${normalized_hexcode[i]}" "INFO" "$(neat_list "${normalized_hexcode[i]}" "${ciph[i]}" "${kx[i]}" "${enc[i]}") available" fileout "cipher_${normalized_hexcode[i]}" "INFO" "$(neat_list "${normalized_hexcode[i]}" "${ciph[i]}" "${kx[i]}" "${enc[i]}") available"
else else
out " not a/v" pr_litegrey " not a/v"
fileout "cipher_${normalized_hexcode[i]}" "INFO" "$(neat_list "${normalized_hexcode[i]}" "${ciph[i]}" "${kx[i]}" "${enc[i]}") not a/v" fileout "cipher_${normalized_hexcode[i]}" "INFO" "$(neat_list "${normalized_hexcode[i]}" "${ciph[i]}" "${kx[i]}" "${enc[i]}") not a/v"
fi fi
outln outln
@@ -2730,7 +2739,7 @@ run_allciphers() {
for (( i=0 ; i<nr_ciphers; i++ )); do for (( i=0 ; i<nr_ciphers; i++ )); do
if "${ciphers_found[i]}" || ( "$SHOW_EACH_C" && ( "$using_sockets" || "${ossl_supported[i]}" ) ); then if "${ciphers_found[i]}" || ( "$SHOW_EACH_C" && ( "$using_sockets" || "${ossl_supported[i]}" ) ); then
export=${export2[i]} export=${export2[i]}
neat_list "${normalized_hexcode[i]}" "${ciph[i]}" "${kx[i]}" "${enc[i]}" neat_list "${normalized_hexcode[i]}" "${ciph[i]}" "${kx[i]}" "${enc[i]}" "${ciphers_found[i]}"
available="" available=""
if "$SHOW_EACH_C"; then if "$SHOW_EACH_C"; then
if ${ciphers_found[i]}; then if ${ciphers_found[i]}; then
@@ -2738,7 +2747,7 @@ run_allciphers() {
pr_cyan "$available" pr_cyan "$available"
else else
available="not a/v" available="not a/v"
out "$available" pr_litegrey "$available"
fi fi
fi fi
outln "${sigalg[i]}" outln "${sigalg[i]}"
@@ -3019,7 +3028,7 @@ run_cipher_per_proto() {
if "${ciphers_found[i]}" || "$SHOW_EACH_C"; then if "${ciphers_found[i]}" || "$SHOW_EACH_C"; then
export=${export2[i]} export=${export2[i]}
normalized_hexcode[i]="$(tolower "${normalized_hexcode[i]}")" normalized_hexcode[i]="$(tolower "${normalized_hexcode[i]}")"
neat_list "${normalized_hexcode[i]}" "${ciph[i]}" "${kx[i]}" "${enc[i]}" neat_list "${normalized_hexcode[i]}" "${ciph[i]}" "${kx[i]}" "${enc[i]}" "${ciphers_found[i]}"
available="" available=""
if "$SHOW_EACH_C"; then if "$SHOW_EACH_C"; then
if "${ciphers_found[i]}"; then if "${ciphers_found[i]}"; then
@@ -3027,7 +3036,7 @@ run_cipher_per_proto() {
pr_cyan "$available" pr_cyan "$available"
else else
available="not a/v" available="not a/v"
out "$available" pr_litegrey "$available"
fi fi
fi fi
outln "${sigalg[i]}" outln "${sigalg[i]}"
@@ -6617,12 +6626,12 @@ run_pfs() {
fi fi
fi fi
if "$WIDE"; then if "$WIDE"; then
neat_list "$(tolower "${normalized_hexcode[i]}")" "${ciph[i]}" "${kx[i]}" "${enc[i]}" neat_list "$(tolower "${normalized_hexcode[i]}")" "${ciph[i]}" "${kx[i]}" "${enc[i]}" "${ciphers_found[i]}"
if "$SHOW_EACH_C"; then if "$SHOW_EACH_C"; then
if ${ciphers_found[i]}; then if ${ciphers_found[i]}; then
pr_done_best "available" pr_done_best "available"
else else
out "not a/v" pr_litegrey "not a/v"
fi fi
fi fi
outln "${sigalg[i]}" outln "${sigalg[i]}"
@@ -10185,7 +10194,7 @@ run_beast(){
for (( i=0; i < nr_ciphers; i++ )); do for (( i=0; i < nr_ciphers; i++ )); do
if "${ciphers_found[i]}" || "$SHOW_EACH_C"; then if "${ciphers_found[i]}" || "$SHOW_EACH_C"; then
export="${export2[i]}" export="${export2[i]}"
neat_list "$(tolower "${normalized_hexcode[i]}")" "${ciph[i]}" "${kx[i]}" "${enc[i]}" neat_list "$(tolower "${normalized_hexcode[i]}")" "${ciph[i]}" "${kx[i]}" "${enc[i]}" "${ciphers_found[i]}"
if "$SHOW_EACH_C"; then if "$SHOW_EACH_C"; then
if "${ciphers_found[i]}"; then if "${ciphers_found[i]}"; then
if [[ -n "$higher_proto_supported" ]]; then if [[ -n "$higher_proto_supported" ]]; then
@@ -10194,7 +10203,7 @@ run_beast(){
pr_svrty_medium "available" pr_svrty_medium "available"
fi fi
else else
out "not a/v" pr_litegrey "not a/v"
fi fi
fi fi
outln "${sigalg[i]}" outln "${sigalg[i]}"
@@ -10486,12 +10495,12 @@ run_rc4() {
if "$WIDE"; then if "$WIDE"; then
#FIXME: JSON+CSV in wide mode is missing #FIXME: JSON+CSV in wide mode is missing
export="${export2[i]}" export="${export2[i]}"
neat_list "${normalized_hexcode[i]}" "${ciph[i]}" "${kx[i]}" "${enc[i]}" neat_list "${normalized_hexcode[i]}" "${ciph[i]}" "${kx[i]}" "${enc[i]}" "${ciphers_found[i]}"
if "$SHOW_EACH_C"; then if "$SHOW_EACH_C"; then
if "${ciphers_found[i]}"; then if "${ciphers_found[i]}"; then
pr_svrty_high "available" pr_svrty_high "available"
else else
out "not a/v" pr_litegrey "not a/v"
fi fi
fi fi
outln "${sigalg[i]}" outln "${sigalg[i]}"