Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-01-01 06:19:44 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix run_ssl_poodle()

Browse Source 
PR #1463 changed run_ssl_poodle() to only run the test if it is known that the server supports SSLv3. However, support for SSLv3 may be unknown at the time run_ssl_poodle() is run (e.g., if the server supports TLS 1 and SSLv3, and run_ssl_poodle() is the first test performed). So, run_ssl_poodle() should perform testing unless it is known that SSLv3 is not supported.
This commit is contained in:
David Cooper 2020-01-22 11:20:34 -05:00 committed by GitHub
parent 2181061c6e
commit cce57c4613
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
testssl.sh
View File

@ -14798,7 +14798,7 @@ run_ssl_poodle() {
[[ $VULN_COUNT -le $VULN_THRESHLD ]] && outln && pr_headlineln " Testing for SSLv3 POODLE (Padding Oracle On Downgraded Legacy Encryption) " && outln
pr_bold " POODLE, SSL"; out " ($cve) "
if "$TLS13_ONLY" || [[ $(has_server_protocol ssl3) -ne 0 ]]; then
if "$TLS13_ONLY" || [[ $(has_server_protocol ssl3) -eq 1 ]]; then
# one condition should normally suffice but we don't know when run_poddle() was called
pr_svrty_best "not vulnerable (OK)"
outln ", no SSLv3 support"