Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-01-03 23:39:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

* FIX #654 (no logfile when -file is specified)

Browse Source 
* filename has now instead of just the number p+#
* minor polishing
This commit is contained in:
Dirk 2017-03-23 16:36:29 +01:00
parent 0d511e40e4
commit d5bb4edd80
1 changed files with 18 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
testssl.sh
View File

@ -76,10 +76,10 @@
# this missing feature! The idea is if this script can't tell something # this missing feature! The idea is if this script can't tell something
# for sure it speaks up so that you have clear picture. # for sure it speaks up so that you have clear picture.
DEBUGTIME=${DEBUGTIME:-false}
# debugging help: # debugging help:
#readonly PS4='${LINENO}> $(date "+%s.%N")\011 ${FUNCNAME[0]:+${FUNCNAME[0]}(): }' "$DEBUGTIME" && readonly PS4='|$(date "+%s.%N")\011${LINENO}>\011${FUNCNAME[0]:+${FUNCNAME[0]}(): }' || \
readonly PS4='|$(date "+%s.%N")\011${LINENO}>\011${FUNCNAME[0]:+${FUNCNAME[0]}(): }' readonly PS4='|${LINENO}>\011${FUNCNAME[0]:+${FUNCNAME[0]}(): }'
# make sure that temporary files are cleaned up after use in ANY case # make sure that temporary files are cleaned up after use in ANY case
trap "cleanup" QUIT EXIT trap "cleanup" QUIT EXIT
@ -980,7 +980,7 @@ html_header() {
fname_prefix="mx-$URI" fname_prefix="mx-$URI"
else else
( [[ -z "$HTMLFILE" ]] || [[ -d "$HTMLFILE" ]] ) && parse_hn_port "${URI}" # NODE, URL_PATH, PORT, IPADDR and IP46ADDR is set now ( [[ -z "$HTMLFILE" ]] || [[ -d "$HTMLFILE" ]] ) && parse_hn_port "${URI}" # NODE, URL_PATH, PORT, IPADDR and IP46ADDR is set now
fname_prefix="$NODE"_"$PORT" fname_prefix="${NODE}"_p"${PORT}"
fi fi
if [[ -n "$HTMLFILE" ]] && [[ ! -d "$HTMLFILE" ]]; then if [[ -n "$HTMLFILE" ]] && [[ ! -d "$HTMLFILE" ]]; then
@ -10774,7 +10774,7 @@ file output options (can also be preset via environment variables):
--htmlfile <htmlfile> additional output as HTML to the specifed file --htmlfile <htmlfile> additional output as HTML to the specifed file
--hints additional hints to findings --hints additional hints to findings
--severity <severity> severities with lower level will be filtered for CSV+JSON, possible values <LOW|MEDIUM|HIGH|CRITICAL> --severity <severity> severities with lower level will be filtered for CSV+JSON, possible values <LOW|MEDIUM|HIGH|CRITICAL>
--append if <csvfile> or <jsonfile> exists rather append then overwrite --append if <logfile>, <csvfile> or <jsonfile> exists rather append then overwrite
Options requiring a value can also be called with '=' e.g. testssl.sh -t=smtp --wide --openssl=/usr/bin/openssl <URI>. Options requiring a value can also be called with '=' e.g. testssl.sh -t=smtp --wide --openssl=/usr/bin/openssl <URI>.
@ -11056,14 +11056,14 @@ parse_hn_port() {
NODE="$1" NODE="$1"
# strip "https" and trailing urlpath supposed it was supplied additionally # strip "https" and trailing urlpath supposed it was supplied additionally
echo "$NODE" | grep -q 'https://' && NODE=$(echo "$NODE" | sed -e 's/^https\:\/\///') grep -q 'https://' <<< "$NODE" && NODE=$(sed -e 's/^https\:\/\///' <<< "$NODE")
# strip trailing urlpath # strip trailing urlpath
NODE=$(echo "$NODE" | sed -e 's/\/.*$//') NODE=$(sed -e 's/\/.*$//' <<< "$NODE")
# if there's a trailing ':' probably a starttls/application protocol was specified # if there's a trailing ':' probably a starttls/application protocol was specified
if grep -q ':$' <<< $NODE; then if grep -q ':$' <<< "$NODE"; then
if grep -wq http <<< $NODE; then if grep -wq http <<< "$NODE"; then
fatal "\"http\" is not what you meant probably" 1 fatal "\"http\" is not what you meant probably" 1
else else
fatal "\"$1\" is not a valid URI" 1 fatal "\"$1\" is not a valid URI" 1
@ -11081,17 +11081,17 @@ parse_hn_port() {
NODE=$(sed -e 's/\[//' -e 's/\]//' <<< "$NODE") NODE=$(sed -e 's/\[//' -e 's/\]//' <<< "$NODE")
else else
# determine v4 port, supposed it was supplied additionally # determine v4 port, supposed it was supplied additionally
echo "$NODE" | grep -q ':' && \ grep -q ':' <<< "$NODE" && \
PORT=$(echo "$NODE" | sed 's/^.*\://') && NODE=$(echo "$NODE" | sed 's/\:.*$//') PORT=$(sed 's/^.*\://' <<< "$NODE") && NODE=$(sed 's/\:.*$//' <<< "$NODE")
fi fi
debugme echo $NODE:$PORT debugme echo $NODE:$PORT
SNI="-servername $NODE" SNI="-servername $NODE"
URL_PATH=$(echo "$1" | sed 's/https:\/\///' | sed 's/'"${NODE}"'//' | sed 's/.*'"${PORT}"'//') # remove protocol and node part and port URL_PATH=$(sed 's/https:\/\///' <<< "$1" | sed 's/'"${NODE}"'//' | sed 's/.*'"${PORT}"'//') # remove protocol and node part and port
URL_PATH=$(echo "$URL_PATH" | sed 's/\/\//\//g') # we rather want // -> / URL_PATH=$(sed 's/\/\//\//g' <<< "$URL_PATH") # we rather want // -> /
[[ -z "$URL_PATH" ]] && URL_PATH="/" [[ -z "$URL_PATH" ]] && URL_PATH="/"
debugme echo $URL_PATH debugme echo $URL_PATH
return 0 # NODE, URL_PATH, PORT is set now return 0 # NODE, URL_PATH, PORT is set now
} }
@ -11100,7 +11100,7 @@ parse_hn_port() {
prepare_logging() { prepare_logging() {
local fname_prefix="$1" local fname_prefix="$1"
[[ -z "$fname_prefix" ]] && fname_prefix="$NODE"_"$PORT" [[ -z "$fname_prefix" ]] && fname_prefix="${NODE}"_p"${PORT}"
if "$do_logging"; then if "$do_logging"; then
if [[ -z "$LOGFILE" ]]; then if [[ -z "$LOGFILE" ]]; then
@ -11111,6 +11111,7 @@ prepare_logging() {
else else
: # just for clarity: a log file was specified, no need to do anything else : # just for clarity: a log file was specified, no need to do anything else
fi fi
[[ -e $LOGFILE ]] && fatal "\"$LOGFILE\" exists. Either use \"--append\" or (re)move it" 1
>$LOGFILE >$LOGFILE
tmln_out "## Scan started as: \"$PROG_NAME $CMDLINE\"" >>${LOGFILE} tmln_out "## Scan started as: \"$PROG_NAME $CMDLINE\"" >>${LOGFILE}
tmln_out "## at $HNAME:$OPENSSL_LOCATION" >>${LOGFILE} tmln_out "## at $HNAME:$OPENSSL_LOCATION" >>${LOGFILE}
@ -11138,7 +11139,6 @@ prepare_logging() {
fi fi
fi fi
fileout_header # write out any CSV/JSON header line fileout_header # write out any CSV/JSON header line
return 0 return 0
} }
@ -11896,7 +11896,7 @@ parse_opt_equal_sign() {
echo ${1#*=} echo ${1#*=}
return 1 # = means we don't need to shift args! return 1 # = means we don't need to shift args!
else else
echo $2 echo "$2"
return 0 # we need to shift return 0 # we need to shift
fi fi
} }
@ -12436,6 +12436,7 @@ if $do_display_only; then
fi fi
if $do_mass_testing; then if $do_mass_testing; then
prepare_logging
run_mass_testing run_mass_testing
exit $? exit $?
fi fi