From c23f47858dab212502e4efe90a1934167cb39ec2 Mon Sep 17 00:00:00 2001 From: Dirk Date: Thu, 14 Dec 2017 10:06:19 +0100 Subject: [PATCH] Overwrite as a default empty files This commit tries to address #934. Empty files can now be overwritten without exiting with an error. --- doc/testssl.1 | 4 ++-- doc/testssl.1.md | 2 +- testssl.sh | 10 +++++----- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/doc/testssl.1 b/doc/testssl.1 index c0b0df3..133af5c 100644 --- a/doc/testssl.1 +++ b/doc/testssl.1 @@ -1,7 +1,7 @@ .\" generated with Ronn/v0.7.3 .\" http://github.com/rtomayko/ronn/tree/0.7.3 . -.TH "TESTSSL" "1" "November 2017" "" "" +.TH "TESTSSL" "1" "December 2017" "" "" . .SH "NAME" \fBtestssl\fR @@ -408,7 +408,7 @@ whole 9 yards \fB\-\-severity \fR For JSON and CSV output this will only add findings to the output file if a severity is equal or higher than the \fBseverity\fR value specified\. Allowed are \fB\fR . .P -\fB\-\-append\fR If an output file exists it will append to this file, without a header\. The environment variable APPEND does the same\. If the file exists and you don\'t use \fB\-\-append\fR testssl\.sh will exit with an error\. Be careful using this switch/variable\. A complementary option which overwrites an existing file doesn\'t exist per design\. +\fB\-\-append\fR Normally, if an output file already exists and it has a file size greater zero, testssl\.sh will prompt you to manually remove the file exit with an error\. \fB\-\-append\fR however will append to this file, without a header\. The environment variable APPEND does the same\. Be careful using this switch/variable\. A complementary option which overwrites an existing file doesn\'t exist per design\. . .P \fB\-\-outprefix \fR Prepend output filename prefix \fIfname_prefix\fR before \'\e${NODE}\.\'\. You can use as well the environment variable FNAME_PREFIX\. diff --git a/doc/testssl.1.md b/doc/testssl.1.md index 6c5126f..88a9c53 100644 --- a/doc/testssl.1.md +++ b/doc/testssl.1.md @@ -276,7 +276,7 @@ The same can be achieved by setting the environment variable `WARNINGS`. `--severity ` For JSON and CSV output this will only add findings to the output file if a severity is equal or higher than the `severity` value specified. Allowed are `` -`--append` If an output file exists it will append to this file, without a header. The environment variable APPEND does the same. If the file exists and you don't use `--append` testssl.sh will exit with an error. Be careful using this switch/variable. A complementary option which overwrites an existing file doesn't exist per design. +`--append` Normally, if an output file already exists and it has a file size greater zero, testssl.sh will prompt you to manually remove the file exit with an error. `--append` however will append to this file, without a header. The environment variable APPEND does the same. Be careful using this switch/variable. A complementary option which overwrites an existing file doesn't exist per design. `--outprefix ` Prepend output filename prefix before '\${NODE}.'. You can use as well the environment variable FNAME_PREFIX. diff --git a/testssl.sh b/testssl.sh index 6298920..3ce514d 100755 --- a/testssl.sh +++ b/testssl.sh @@ -866,7 +866,7 @@ json_header() { if "$APPEND"; then JSONHEADER=false else - [[ -e "$JSONFILE" ]] && fatal "\"$JSONFILE\" exists. Either use \"--append\" or (re)move it" 1 + [[ -s "$JSONFILE" ]] && fatal "non-empty \"$JSONFILE\" exists. Either use \"--append\" or (re)move it" 1 "$do_json" && echo "[" > "$JSONFILE" "$do_pretty_json" && echo "{" > "$JSONFILE" fi @@ -906,7 +906,7 @@ csv_header() { if "$APPEND"; then CSVHEADER=false else - [[ -e "$CSVFILE" ]] && fatal "\"$CSVFILE\" exists. Either use \"--append\" or (re)move it" 1 + [[ -s "$CSVFILE" ]] && fatal "non-empty \"$CSVFILE\" exists. Either use \"--append\" or (re)move it" 1 echo "\"id\",\"fqdn/ip\",\"port\",\"severity\",\"finding\",\"cve\",\"cwe\",\"hint\"" > "$CSVFILE" fi return 0 @@ -949,7 +949,7 @@ html_header() { if "$APPEND"; then HTMLHEADER=false else - [[ -e "$HTMLFILE" ]] && fatal "\"$HTMLFILE\" exists. Either use \"--append\" or (re)move it" 1 + [[ -s "$HTMLFILE" ]] && fatal "non-empty \"$HTMLFILE\" exists. Either use \"--append\" or (re)move it" 1 html_out "\n" html_out "\n" html_out "\n" @@ -13501,7 +13501,7 @@ file output options (can also be preset via environment variables) --out(f,F)ile|-oa/-oA log to a LOG,JSON,CSV,HTML file (see nmap). -oA/-oa: pretty/flat JSON. "auto" uses '\${NODE}-p\${port}\${YYYYMMDD-HHMM}' --hints additional hints to findings --severity severities with lower level will be filtered for CSV+JSON, possible values - --append if , , or exists rather append then overwrite. Omits any header + --append if (non-empty) , , or exists, append to file. Omits any header --outprefix before '\${NODE}.' above prepend @@ -13876,7 +13876,7 @@ prepare_logging() { fi if ! "$APPEND"; then - [[ -e "$LOGFILE" ]] && fatal "\"$LOGFILE\" exists. Either use \"--append\" or (re)move it" 1 + [[ -s "$LOGFILE" ]] && fatal "non-empty \"$LOGFILE\" exists. Either use \"--append\" or (re)move it" 1 fi tmln_out "## Scan started as: \"$PROG_NAME $CMDLINE\"" >>"$LOGFILE" tmln_out "## at $HNAME:$OPENSSL_LOCATION" >>"$LOGFILE"