Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2026-06-02 22:48:49 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #3042 from testssl/grhza-3.3dev

Browse Source 
Improve PR #3041
This commit is contained in:
Dirk Wetter
2026-05-27 18:16:42 +02:00
committed by GitHub
parent 2f51cff728 f8af511952
commit ca99b45f1f
1 changed files with 46 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files
testssl.sh
+15 -1
View File
@@ -10268,13 +10268,17 @@ certificate_info() {
out "$indent"; pr_bold " DNS CAA RR"; out " (experimental) " out "$indent"; pr_bold " DNS CAA RR"; out " (experimental) "
jsonID="DNS_CAArecord" jsonID="DNS_CAArecord"
if is_ipv4addr "$NODE" || is_ipv6addr "$NODE"; then
out "not checked (IP address scan -- no domain to query)"
fileout "${jsonID}${json_postfix}" "INFO" "not checked (IP address scan)"
else
caa_node="$NODE" caa_node="$NODE"
caa="" caa=""
while [[ -z "$caa" ]] && [[ -n "$caa_node" ]]; do while [[ -z "$caa" ]] && [[ -n "$caa_node" ]]; do
[[ $caa_node =~ '.'$ ]] || caa_node+="." # force FQDN to prevent dig search-domain expansion
caa="$(get_caa_rr_record $caa_node)" caa="$(get_caa_rr_record $caa_node)"
tmp=${PIPESTATUS[@]} tmp=${PIPESTATUS[@]}
[[ $DEBUG -ge 4 ]] && echo "get_caa_rr_record: $tmp" [[ $DEBUG -ge 4 ]] && echo "get_caa_rr_record: $tmp"
[[ $caa_node =~ '.'$ ]] || caa_node+="."
caa_node=${caa_node#*.} caa_node=${caa_node#*.}
done done
if [[ -n "$caa" ]]; then if [[ -n "$caa" ]]; then
@@ -10302,6 +10306,7 @@ certificate_info() {
pr_svrty_low "not offered" pr_svrty_low "not offered"
fileout "${jsonID}${json_postfix}" "LOW" "--" fileout "${jsonID}${json_postfix}" "LOW" "--"
fi fi
fi
outln outln
out "$indent"; pr_bold " Certificate Transparency "; out "$indent"; pr_bold " Certificate Transparency ";
@@ -24673,6 +24678,7 @@ parse_cmd_line() {
local outfile_arg="" local outfile_arg=""
local cipher_mapping local cipher_mapping
local -i subret=0 local -i subret=0
local tmp=""
CMDLINE="$(create_cmd_line_string "${CMDLINE_ARRAY[@]}")" CMDLINE="$(create_cmd_line_string "${CMDLINE_ARRAY[@]}")"
CMDLINE_PARSED=false CMDLINE_PARSED=false
@@ -25352,6 +25358,14 @@ parse_cmd_line() {
set_rating_state set_rating_state
fi fi
tmp=${URI#*//} # remove https://
if [[ ! $tmp =~ [a-zA-Z] ]]; then
# No letters indicate it's not a name
outln
pr_warning " Warning: Target is not a server name: results may be completely wrong, at minimum trust may show false results."
fileout "ip_scan_warning" "WARN" "Target is not a server name: results may be completely wrong, at minimum trust may show false results."
fi
CMDLINE_PARSED=true CMDLINE_PARSED=true
} }