From 11b30b9335fcf6d79d5244373d4b96f5b72a5855 Mon Sep 17 00:00:00 2001
From: Chad Brigance <cbrigance@gmail.com>
Date: Fri, 16 Oct 2020 15:35:46 +0000
Subject: [PATCH 1/2] Added support for custom user agent

---
 testssl.sh | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/testssl.sh b/testssl.sh
index af7ea83..d292bf3 100755
--- a/testssl.sh
+++ b/testssl.sh
@@ -229,7 +229,7 @@ else
      MEASURE_TIME=${MEASURE_TIME:-false}
 fi
 DISPLAY_CIPHERNAMES="openssl"           # display OpenSSL ciphername (but both OpenSSL and RFC ciphernames in wide mode)
-declare -r UA_STD="TLS tester from $SWURL"
+declare UA_STD="TLS tester from $SWURL"
 declare -r UA_SNEAKY="Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0"
 
 ########### Initialization part, further global vars just being declared here
@@ -19207,6 +19207,7 @@ tuning / connect options (most also can be preset via environment variables):
                                    b) arg "one" means: just test the first DNS returns (useful for multiple IPs)
      -n, --nodns <min|none>        if "none": do not try any DNS lookups, "min" queries A, AAAA and MX records
      --sneaky                      leave less traces in target logs: user agent, referer
+     --user-agent                  set a custom user agent instead of the standard user agent
      --ids-friendly                skips a few vulnerability checks which may cause IDSs to block the scanning IP
      --phone-out                   allow to contact external servers for CRL download and querying OCSP responder
      --add-ca <CA files|CA dir>    path to <CAdir> with *.pem or a comma separated list of CA files to include in trust check
@@ -21908,6 +21909,10 @@ parse_cmd_line() {
                --sneaky)
                     SNEAKY=true
                     ;;
+               --user-agent|--user-agent=*)
+                    UA_STD="$(parse_opt_equal_sign "$1" "$2")"
+                    [[ $? -eq 0 ]] && shift
+                    ;;
                -q|--quiet)
                     QUIET=true
                     ;;

From 59c24e33b0d4f10a323c6e8bd30bc7ddbf073fb5 Mon Sep 17 00:00:00 2001
From: Chad Brigance <cbrigance@gmail.com>
Date: Fri, 16 Oct 2020 19:29:54 +0000
Subject: [PATCH 2/2] fixed missing <user agent> in help text

---
 testssl.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/testssl.sh b/testssl.sh
index d292bf3..962f335 100755
--- a/testssl.sh
+++ b/testssl.sh
@@ -19207,7 +19207,7 @@ tuning / connect options (most also can be preset via environment variables):
                                    b) arg "one" means: just test the first DNS returns (useful for multiple IPs)
      -n, --nodns <min|none>        if "none": do not try any DNS lookups, "min" queries A, AAAA and MX records
      --sneaky                      leave less traces in target logs: user agent, referer
-     --user-agent                  set a custom user agent instead of the standard user agent
+     --user-agent <user agent>     set a custom user agent instead of the standard user agent
      --ids-friendly                skips a few vulnerability checks which may cause IDSs to block the scanning IP
      --phone-out                   allow to contact external servers for CRL download and querying OCSP responder
      --add-ca <CA files|CA dir>    path to <CAdir> with *.pem or a comma separated list of CA files to include in trust check