From c93dc01b414ac0336f930dffcdffbbc4be2a94f4 Mon Sep 17 00:00:00 2001 From: Dirk Wetter Date: Wed, 26 Aug 2015 20:06:53 +0200 Subject: [PATCH] better service detection, dedicated line for NNTP and certificate stuff redirected to ERRFILE --- testssl.sh | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/testssl.sh b/testssl.sh index 2c7a315..3e81b63 100755 --- a/testssl.sh +++ b/testssl.sh @@ -452,13 +452,14 @@ wait_kill(){ # arg1 could be the protocol determined as "working". IIS6 needs that runs_HTTP() { # SNI is nonsense for !HTTPS but fortunately other protocols don't seem to care - printf "$GET_REQ11" | $OPENSSL s_client $1 -quiet -connect $NODEIP:$PORT $PROXY $SNI &>$TMPFILE & + printf "$GET_REQ11" | $OPENSSL s_client $1 -quiet -connect $NODEIP:$PORT $PROXY $SNI >$TMPFILE 2>$ERRFILE & wait_kill $! $HEADER_MAXSLEEP head $TMPFILE | grep -aq ^HTTP && SERVICE=HTTP head $TMPFILE | grep -aq SMTP && SERVICE=SMTP head $TMPFILE | grep -aq POP && SERVICE=POP head $TMPFILE | grep -aq IMAP && SERVICE=IMAP - debugme head $TMPFILE + head $TMPFILE | egrep -aqw "Jive News|InterNetNews|NNRP|INN" && SERVICE=NNTP + debugme head -50 $TMPFILE # $TMPFILE contains also a banner which we could use if there's a need for it out " Service detected: " @@ -466,7 +467,7 @@ runs_HTTP() { HTTP) out " $SERVICE" ret=0 ;; - IMAP|POP|SMTP) + IMAP|POP|SMTP|NNTP) out " $SERVICE, thus skipping HTTP specific checks" ret=0 ;; *) out " Couldn't determine what's running on port $PORT" @@ -4227,9 +4228,8 @@ determine_service() { fi $OPENSSL s_client -connect $NODEIP:$PORT $PROXY $STARTTLS 2>$ERRFILE >$TMPFILE