From e4bbd6b517d71a7a40fb50340da38bb07569fd49 Mon Sep 17 00:00:00 2001 From: Dirk Wetter Date: Wed, 19 Mar 2025 23:30:06 +0100 Subject: [PATCH] Set POODLE var when exiting run_ssl_poodle() ... so that run_tls_fallback_scsv() doesn't exit with a warning. This fixes #2708 . --- testssl.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/testssl.sh b/testssl.sh index 6612e32..7bd7e95 100755 --- a/testssl.sh +++ b/testssl.sh @@ -17954,10 +17954,12 @@ run_ssl_poodle() { pr_bold " POODLE, SSL"; out " ($cve) " if "$TLS13_ONLY" || [[ $(has_server_protocol ssl3) -eq 1 ]]; then - # one condition should normally suffice but we don't know when run_poddle() was called + # one condition should normally suffice but we don't know when run_poodle() was called pr_svrty_best "not vulnerable (OK)" outln ", no SSLv3 support" fileout "$jsonID" "OK" "not vulnerable, no SSLv3" "$cve" "$cwe" + # otherwise we'll get a non-zero return code and a message 'Rerun including POODLE SSL check' @ TLS_FALLBACK_SCSV, see #2708 + POODLE=1 return 0 fi