From 6b0f3892253be1ecb835852d9d781948d824fdd6 Mon Sep 17 00:00:00 2001
From: Dirk <dirk@testssl.sh>
Date: Wed, 5 Apr 2017 14:42:55 +0200
Subject: [PATCH 1/3] fix #694 (CSP and HTTP header friends were cut off @ last
 colon)

introduced strip_leading_space() / strip_trailing_space()
---
 testssl.sh | 34 +++++++++++++++++++++-------------
 1 file changed, 21 insertions(+), 13 deletions(-)

diff --git a/testssl.sh b/testssl.sh
index 207cfbc..e4f8562 100755
--- a/testssl.sh
+++ b/testssl.sh
@@ -1204,9 +1204,14 @@ strip_spaces() {
      echo "${1// /}"
 }
 
-trim_trailing_space() {
-     echo "${1%%*( )}"
+# https://web.archive.org/web/20121022051228/http://codesnippets.joyent.com/posts/show/1816
+strip_leading_space() {
+     echo "${1#"${1%%[\![:space:]]*}"}"
 }
+strip_trailing_space() {
+     echo "${1%"${1##*[![:space:]]}"}"
+}
+
 
 # retrieve cipher from ServerHello (via openssl)
 get_cipher() {
@@ -1714,7 +1719,9 @@ detect_header() {
           HEADERVALUE=""
           return 0
      elif [[ $nr -eq 1 ]]; then
-          HEADERVALUE=$(grep -Faiw "$key:" $HEADERFILE | sed 's/^.*://')
+          HEADERVALUE=$(grep -Faiw "$key:" $HEADERFILE)
+          HEADERVALUE=${HEADERVALUE#*:}                        # remove leading part=key to colon
+          HEADERVALUE="$(strip_leading_space "$HEADERVALUE")"
           return 1
      else
           pr_svrty_medium "misconfiguration: "
@@ -1722,15 +1729,14 @@ detect_header() {
           pr_svrty_medium " ${nr}x"
           out " -- checking first one "
           out "\n$spaces"
-          # first awk matches the key, second extracts the from the first line the value, be careful with quotes here!
-          HEADERVALUE=$(grep -Faiw "$key:" $HEADERFILE | sed 's/^.*://' | head -1)
+          HEADERVALUE=$(grep -Faiw "$key:" $HEADERFILE | head -1)
+          HEADERVALUE=${HEADERVALUE#*:}
+          HEADERVALUE="$(strip_leading_space "$HEADERVALUE")"
           [[ $DEBUG -ge 2 ]] && tm_italic "$HEADERVALUE" && tm_out "\n$spaces"
           fileout "$2""_multiple" "WARN" "Multiple $2 headers. Using first header: $HEADERVALUE"
           return $nr
      fi
 }
-# wir brauchen hier eine Funktion, die generell den Header detectiert
-
 
 includeSubDomains() {
      if grep -aiqw includeSubDomains "$1"; then
@@ -2296,28 +2302,30 @@ run_more_flags() {
      pr_bold " Security headers             "
      for f2t in $good_flags2test; do
           debugme echo "---> $f2t"
-          detect_header $f2t $f2t
+          detect_header "$f2t" "$f2t"
           if [[ $? -ge 1 ]]; then
                if ! "$first"; then
-                    out "$spaces"  # output leading spaces if the first header
+                    out "$spaces"       # output leading spaces if the first header
                else
                     first=false
                fi
-               pr_done_good "$f2t"; outln "$HEADERVALUE"
+               pr_done_good "$f2t"
+               outln "$(out_row_aligned_max_width "$HEADERVALUE" "                              " $TERM_WIDTH)"
                fileout "$f2t" "OK" "$f2t: $HEADERVALUE"
           fi
      done
 
      for f2t in $other_flags2test; do
           debugme echo "---> $f2t"
-          detect_header $f2t $f2t
+          detect_header "$f2t" "$f2t"
           if [[ $? -ge 1 ]]; then
                if ! "$first"; then
-                    out "$spaces"  # output leading spaces if the first header
+                    out "$spaces"       # output leading spaces if the first header
                else
                     first=false
                fi
-               pr_litecyan "$f2t"; outln "$HEADERVALUE"
+               pr_litecyan "$f2t"
+               outln "$HEADERVALUE"     # shouldn't be that long
                fileout "$f2t" "WARN" "$f2t: $HEADERVALUE"
           fi
      done

From b1ce11d76e17c0dc656e2be1a097250d9dd4ee48 Mon Sep 17 00:00:00 2001
From: Dirk <dirk@testssl.sh>
Date: Wed, 5 Apr 2017 14:48:35 +0200
Subject: [PATCH 2/3] in addition to #694: using the predefined variable

---
 testssl.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/testssl.sh b/testssl.sh
index e4f8562..3101a8e 100755
--- a/testssl.sh
+++ b/testssl.sh
@@ -2310,7 +2310,7 @@ run_more_flags() {
                     first=false
                fi
                pr_done_good "$f2t"
-               outln "$(out_row_aligned_max_width "$HEADERVALUE" "                              " $TERM_WIDTH)"
+               outln "$(out_row_aligned_max_width "$HEADERVALUE" "$spaces" $TERM_WIDTH)"
                fileout "$f2t" "OK" "$f2t: $HEADERVALUE"
           fi
      done

From bfb0f4bc7d6abac726acefccab51ac315cf337ec Mon Sep 17 00:00:00 2001
From: Dirk <dirk@testssl.sh>
Date: Wed, 5 Apr 2017 17:28:06 +0200
Subject: [PATCH 3/3] FIX #697 in 2.9dev (bash hiccup @ tolower)

---
 testssl.sh | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/testssl.sh b/testssl.sh
index 3101a8e..7325d40 100755
--- a/testssl.sh
+++ b/testssl.sh
@@ -1142,12 +1142,12 @@ html_footer() {
 
 ###### START helper function definitions ######
 
-if [[ $(uname) == "Linux" ]] ; then
-     toupper() { echo -n "${1^^}" ;  }
-     tolower() { echo -n "${1,,}" ;  }
-else
+toupper() { echo -n "${1^^}" ;  }
+tolower() { echo -n "${1,,}" ;  }
+if ! toupper aaa 2>/dev/null; then
+     # Older bash can't do this (MacOS X), even SLES 11, see #697
      toupper() { tr 'a-z' 'A-Z' <<< "$1"; }
-     tolower() { tr 'A-Z' 'a-z'  <<< "$1"; }
+     tolower() { tr 'A-Z' 'a-z' <<< "$1"; }
 fi
 
 debugme() {