From c91a771465b0a9ceec124579e37c93aa6eab4032 Mon Sep 17 00:00:00 2001
From: Dirk <dirk@testssl.sh>
Date: Sat, 17 Mar 2018 20:37:00 +0100
Subject: [PATCH] FIX #1009 and leftover fix for #988

In cases where HTTP/2 was the only ALPN protocol, the
JSON output was missing the finding as the additional
protocol was empty.

This fix tests whether there's an additional protcol
and only calls fileout() if there's one.
---
 testssl.sh | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/testssl.sh b/testssl.sh
index 9df225f..1f19dcc 100755
--- a/testssl.sh
+++ b/testssl.sh
@@ -8104,7 +8104,7 @@ run_alpn() {
                else
                     out ", "
                fi
-               # only h2 is what browser need to use HTTP/2.0 and brings a security benefit
+               # only h2 is what browser need to use HTTP/2.0 and brings a security,privacy and performance benefit
                if [[ "$proto" == "h2" ]]; then
                     pr_svrty_good "$proto"
                     fileout "${jsonID}_HTTP2" "OK" "$proto"
@@ -8116,7 +8116,8 @@ run_alpn() {
      done
      if $has_alpn_proto; then
           outln " (offered)"
-          fileout "$jsonID" "INFO" "$alpn_finding"
+          # if h2 is not the only protocol:
+          [[ -n "$alpn_finding" ]] && fileout "$jsonID" "INFO" "$alpn_finding"
      else
           outln "not offered"
           fileout "$jsonID" "INFO" "not offered"