Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2026-06-02 22:48:49 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add forward secrecy data to file output

Browse Source 
This fixes #3040 .

Also this removes the debug lines within the if statement (bottom of run_client_simulation() ), probably
a historic leftover.
This commit is contained in:
Dirk Wetter
2026-05-28 19:03:39 +02:00
parent 9567e65a01
commit cf66ad61bd
1 changed files with 9 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
testssl.sh
+9 -5
View File
@@ -5244,6 +5244,7 @@ run_client_simulation() {
local -i ret=0 local -i ret=0
local jsonID="clientsimulation" local jsonID="clientsimulation"
local client_service="" local client_service=""
local appendfile=""
# source the external file # source the external file
. "$TESTSSL_INSTALL_DIR/etc/client-simulation.txt" 2>/dev/null . "$TESTSSL_INSTALL_DIR/etc/client-simulation.txt" 2>/dev/null
@@ -5441,29 +5442,32 @@ run_client_simulation() {
fi fi
if [[ "$DISPLAY_CIPHERNAMES" =~ openssl ]]; then if [[ "$DISPLAY_CIPHERNAMES" =~ openssl ]]; then
print_n_spaces "$((34-${#cipher}))" print_n_spaces "$((34-${#cipher}))"
appendfile="$(print_n_spaces $((34-${#cipher})))"
else else
print_n_spaces "$((50-${#cipher}))" print_n_spaces "$((50-${#cipher}))"
appendfile="$(print_n_spaces $((50-${#cipher})))"
fi fi
if [[ -n "$what_dh" ]]; then if [[ -n "$what_dh" ]]; then
[[ -n "$curve" ]] && curve="($curve)" [[ -n "$curve" ]] && curve="($curve)"
if [[ "$what_dh" =~ MLKEM ]] || [[ "$what_dh" =~ Kyber ]]; then if [[ "$what_dh" =~ MLKEM ]] || [[ "$what_dh" =~ Kyber ]]; then
pr_kem_quality "$bits" "$(printf -- "%-12s" "$what_dh")" pr_kem_quality "$bits" "$(printf -- "%-12s" "$what_dh")"
appendfile+="$what_dh"
elif [[ "$what_dh" == ECDH ]]; then elif [[ "$what_dh" == ECDH ]]; then
pr_ecdh_quality "$bits" "$(printf -- "%-12s" "$bits bit $what_dh") $curve" pr_ecdh_quality "$bits" "$(printf -- "%-12s" "$bits bit $what_dh") $curve"
appendfile+="$what_dh $bits $curve"
else else
pr_dh_quality "$bits" "$(printf -- "%-12s" "$bits bit $what_dh") $curve" pr_dh_quality "$bits" "$(printf -- "%-12s" "$bits bit $what_dh") $curve"
appendfile+="$what_dh $bits $curve"
fi fi
else else
if "$HAS_DH_BITS" || { "$using_sockets" && [[ -n "${handshakebytes[i]}" ]]; }; then if "$HAS_DH_BITS" || { "$using_sockets" && [[ -n "${handshakebytes[i]}" ]]; }; then
out "No FS" out "No FS"
appendfile+="no FS"
fi fi
fi fi
outln outln
if [[ -n "${warning[i]}" ]]; then fileout "${jsonID}-${short[i]}" "INFO" "$proto $cipher $appendfile"
out " " # Just one "finding" with all the data has space for improvements
outln "${warning[i]}"
fi
fileout "${jsonID}-${short[i]}" "INFO" "$proto $cipher ${warning[i]}"
debugme cat $TMPFILE debugme cat $TMPFILE
fi fi
fi # correct service? fi # correct service?