Add forward secrecy data to file output

This fixes #3040 . Also this removes the debug lines within the if statement (bottom of run_client_simulation() ), probably a historic leftover.
2026-06-02 22:48:49 +02:00 · 2026-05-28 19:03:39 +02:00
parent 9567e65a01
commit cf66ad61bd
1 changed files with 9 additions and 5 deletions
@@ -5244,6 +5244,7 @@ run_client_simulation() {
     local -i ret=0
     local jsonID="clientsimulation"
     local client_service=""
+     local appendfile=""

     # source the external file
     . "$TESTSSL_INSTALL_DIR/etc/client-simulation.txt" 2>/dev/null
@@ -5441,29 +5442,32 @@ run_client_simulation() {
                         fi
                         if [[ "$DISPLAY_CIPHERNAMES" =~ openssl ]]; then
                              print_n_spaces "$((34-${#cipher}))"
+                              appendfile="$(print_n_spaces $((34-${#cipher})))"
                         else
                              print_n_spaces "$((50-${#cipher}))"
+                              appendfile="$(print_n_spaces $((50-${#cipher})))"
                         fi
                         if [[ -n "$what_dh" ]]; then
                              [[ -n "$curve" ]] && curve="($curve)"
                              if [[ "$what_dh" =~ MLKEM ]] || [[ "$what_dh" =~ Kyber ]]; then
                                   pr_kem_quality "$bits" "$(printf -- "%-12s" "$what_dh")"
+                                   appendfile+="$what_dh"
                              elif [[ "$what_dh" == ECDH ]]; then
                                   pr_ecdh_quality "$bits" "$(printf -- "%-12s" "$bits bit $what_dh") $curve"
+                                   appendfile+="$what_dh $bits $curve"
                              else
                                   pr_dh_quality "$bits" "$(printf -- "%-12s" "$bits bit $what_dh") $curve"
+                                   appendfile+="$what_dh $bits $curve"
                              fi
                         else
                              if "$HAS_DH_BITS" || { "$using_sockets" && [[ -n "${handshakebytes[i]}" ]]; }; then
                                   out "No FS"
+                                   appendfile+="no FS"
                              fi
                         fi
                         outln
-                         if [[ -n "${warning[i]}" ]]; then
-                              out "                            "
-                              outln "${warning[i]}"
-                         fi
-                         fileout "${jsonID}-${short[i]}" "INFO" "$proto $cipher  ${warning[i]}"
+                         fileout "${jsonID}-${short[i]}" "INFO" "$proto $cipher $appendfile"
+                         # Just one "finding" with all the data has space for improvements
                         debugme cat $TMPFILE
                    fi
               fi   # correct service?