From c38f46880f6f7878bc5578ae10be10c79129243a Mon Sep 17 00:00:00 2001
From: David Cooper <david.cooper@nist.gov>
Date: Wed, 26 Feb 2025 13:25:49 -0800
Subject: [PATCH] Avoid subshell overhead

This commit removes the use of parenthesis in two expressions in run_fs() in order to avoid subshell overhead.
---
 testssl.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/testssl.sh b/testssl.sh
index fa05197..fbfe660 100755
--- a/testssl.sh
+++ b/testssl.sh
@@ -10929,7 +10929,7 @@ run_fs() {
                     # Versions of TLS prior to 1.3 close the connection if the client does not support the curve
                     # used in the certificate. The easiest solution is to move the curves to the end of the list.
                     # instead of removing them from the ClientHello. This is only needed if there is no RSA certificate.
-                    if (! "$HAS_TLS13" || [[ "$proto" == "-no_tls1_3" ]]) && [[ ! "$ecdhe_cipher_list" == *RSA* ]]; then
+                    if { ! "$HAS_TLS13" || [[ "$proto" == "-no_tls1_3" ]]; } && [[ ! "$ecdhe_cipher_list" == *RSA* ]]; then
                          while true; do
                               curves_to_test=""
                               for (( i=low; i < high; i++ )); do
@@ -10999,7 +10999,7 @@ run_fs() {
                # Versions of TLS prior to 1.3 close the connection if the client does not support the curve
                # used in the certificate. The easiest solution is to move the curves to the end of the list.
                # instead of removing them from the ClientHello. This is only needed if there is no RSA certificate.
-               if ([[ "$proto" == 03 ]] && [[ ! "$ecdhe_cipher_list" == *RSA* ]]); then
+               if [[ "$proto" == 03 ]] && [[ ! "$ecdhe_cipher_list" == *RSA* ]]; then
                     while true; do
                          curves_to_test=""
                          for (( i=0; i < nr_curves; i++ )); do