mirror of
https://github.com/drwetter/testssl.sh.git
synced 2025-01-07 17:20:57 +01:00
Address a theorically still possible non HTTP case
This commit is contained in:
parent
09719a322b
commit
d8b439e48c
@ -17200,7 +17200,7 @@ run_renego() {
|
|||||||
# Connection could be closed by the server with 0 return value. We do one more iteration to not close
|
# Connection could be closed by the server with 0 return value. We do one more iteration to not close
|
||||||
# s_client STDIN too early as the close could come at any time and race with the tear down of s_client.
|
# s_client STDIN too early as the close could come at any time and race with the tear down of s_client.
|
||||||
# See https://github.com/drwetter/testssl.sh/issues/2590
|
# See https://github.com/drwetter/testssl.sh/issues/2590
|
||||||
# In this case the added iteration is harmfull as it will just spin in backgroup
|
# In this case the added iteration is harmless as it will just spin in backgroup
|
||||||
for ((i=0; i <= ssl_reneg_attempts; i++ )); do sleep $ssl_reneg_wait; echo R; k=0; \
|
for ((i=0; i <= ssl_reneg_attempts; i++ )); do sleep $ssl_reneg_wait; echo R; k=0; \
|
||||||
# 0 means client is renegotiating & doesn't return an error --> vuln!
|
# 0 means client is renegotiating & doesn't return an error --> vuln!
|
||||||
# 1 means client tried to renegotiating but the server side errored then. You still see RENEGOTIATING in the output
|
# 1 means client tried to renegotiating but the server side errored then. You still see RENEGOTIATING in the output
|
||||||
@ -17230,11 +17230,16 @@ run_renego() {
|
|||||||
if (tail -5 $TMPFILE| grep -qa '^closed'); then
|
if (tail -5 $TMPFILE| grep -qa '^closed'); then
|
||||||
tmp_result=1
|
tmp_result=1
|
||||||
fi
|
fi
|
||||||
|
# timeout reached ?
|
||||||
if [[ -f $TEMPDIR/was_killed ]]; then
|
if [[ -f $TEMPDIR/was_killed ]]; then
|
||||||
tmp_result=2
|
tmp_result=2
|
||||||
rm -f $TEMPDIR/was_killed
|
rm -f $TEMPDIR/was_killed
|
||||||
fi
|
fi
|
||||||
if [[ $SERVICE != HTTP ]]; then
|
if [[ $SERVICE != HTTP ]]; then
|
||||||
|
# theoric possible case
|
||||||
|
if [[ $loop_reneg -eq 2 ]];
|
||||||
|
$tmp_result=0
|
||||||
|
fi
|
||||||
case $tmp_result in
|
case $tmp_result in
|
||||||
0) pr_svrty_medium "VULNERABLE (NOT ok)"; outln ", potential DoS threat"
|
0) pr_svrty_medium "VULNERABLE (NOT ok)"; outln ", potential DoS threat"
|
||||||
fileout "$jsonID" "MEDIUM" "VULNERABLE, potential DoS threat" "$cve" "$cwe" "$hint"
|
fileout "$jsonID" "MEDIUM" "VULNERABLE, potential DoS threat" "$cve" "$cwe" "$hint"
|
||||||
|
Loading…
Reference in New Issue
Block a user