Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-09-17 09:22:54 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix port problem for Opossum

Browse Source 
This fixes #2847 .

It was falsely assumed that the http head command blocks when port 80 is not available but
actucally the exec for the socket is the culprit.

This PR changes that so that the exec is put in the background.

Another change is that $node is still used but the port is stripped of which
lead to the problem raised in #2847. We use $node instead of $NODE has we
can recycle the `http_head[er]_printf()` later.

`http_header_printf()`was renamed to `http_head_printf()` as there's also an `http_head()`
and an `http_get()`
This commit is contained in:
Dirk
2025-07-18 18:18:30 +02:00
parent a719c46bcb
commit cd7a887878
1 changed files with 23 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
testssl.sh
View File

@ -1922,40 +1922,43 @@ http_head() {
# arg2: extra http header # arg2: extra http header
# #
# return codes: # return codes:
# 0: all fine # 0: all fine (response header is returned as string)
# 1: server dind't respond within HEADER_MAXSLEEP # 1: server didn't respond within HEADER_MAXSLEEP
# 3: server dind't respond within HEADER_MAXSLEEP and PROXY was defined # 3: server didn't respond within HEADER_MAXSLEEP and PROXY was defined
# #
http_header_printf() { http_head_printf() {
local request_header="$2" local request_header="$2"
local useragent="$UA_STD" local useragent="$UA_STD"
local tmpfile=$TEMPDIR/$NODE.$NODEIP.http_header_printf.log local tmpfile=$TEMPDIR/$NODE.$NODEIP.http_head_printf.log
local errfile=$TEMPDIR/$NODE.$NODEIP.http_header_printf-err.log local errfile=$TEMPDIR/$NODE.$NODEIP.http_head_printf-err.log
local -i ret=0 local -i ret=0
local proto="" foo="" node="" query="" local proto="" foo="" node="" query=""
[[ $DEBUG -eq 0 ]] && errfile=/dev/null [[ $DEBUG -eq 0 ]] && errfile=/dev/null
IFS=/ read -r proto foo node query <<< "$1" IFS=/ read -r proto foo node query <<< "$1"
exec 33<>/dev/tcp/$node/80 node=${node%:*}
printf -- "%b" "HEAD ${proto}//${node}/${query} HTTP/1.1\r\nUser-Agent: ${useragent}\r\nHost: ${node}\r\n${request_header}\r\nAccept: */*\r\n\r\n\r\n" >&33 2>$errfile & # $node works here good as it connects via IPv6 first, then IPv4
bash -c "exec 33<>/dev/tcp/$node/80" >/dev/null &
wait_kill $! $HEADER_MAXSLEEP wait_kill $! $HEADER_MAXSLEEP
if [[ $? -ne 0 ]]; then if [[ $? -ne 0 ]]; then
# not killed # not killed --> socket open. Now we connect to the virtual host "$node"
printf -- "%b" "HEAD ${proto}//${node}/${query} HTTP/1.1\r\nUser-Agent: ${useragent}\r\nHost: ${node}\r\n${request_header}\r\nAccept: */*\r\n\r\n\r\n" >&33 2>$errfile
ret=0
if [[ $DEBUG -eq 0 ]] ; then
cat <&33
else
cat <&33 >$tmpfile
cat $tmpfile
fi
else
if [[ -n "$PROXY" ]]; then if [[ -n "$PROXY" ]]; then
ret=3 ret=3
else
ret=1
fi fi
ret=1
else
ret=0
fi fi
if [[ $DEBUG -eq 0 ]] ; then exec 33<&-
cat <&33
else
cat <&33 >$tmpfile
cat $tmpfile
fi
exec 33<&-
exec 33>&- exec 33>&-
return $ret return $ret
} }
@ -1963,9 +1966,6 @@ http_header_printf() {
ldap_get() { ldap_get() {
local ldif local ldif
local -i success
local crl="$1"
local tmpfile="$2"
local jsonID="$3" local jsonID="$3"
if type -p curl &>/dev/null; then if type -p curl &>/dev/null; then
@ -17703,7 +17703,7 @@ run_opossum() {
case $service in case $service in
HTTP) HTTP)
uri=${URI/https:\/\//} uri=${URI/https:\/\//}
response=$(http_header_printf http://${uri} 'Upgrade: TLS/1.0\r\n\r\nClose\r\n') response=$(http_head_printf http://${uri} 'Upgrade: TLS/1.0\r\n\r\nClose\r\n')
# In any case we use $response but we handle the return codes # In any case we use $response but we handle the return codes
case $? in case $? in
0) ret=0 ;; 0) ret=0 ;;