Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-01-20 23:49:30 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #805 from dcooper16/client_sim_ssl2_server

Browse Source 
Client simulation and SSLv2 servers
This commit is contained in:
Dirk Wetter 2017-07-27 17:34:42 +02:00 committed by GitHub
commit eeda1ef684
1 changed files with 36 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

59
testssl.sh
View File

@ -3488,8 +3488,10 @@ client_simulation_sockets() {
tls_hello_ascii=$(hexdump -v -e '16/1 "%02X"' "$SOCK_REPLY_FILE") tls_hello_ascii=$(hexdump -v -e '16/1 "%02X"' "$SOCK_REPLY_FILE")
tls_hello_ascii="${tls_hello_ascii%%[!0-9A-F]*}" tls_hello_ascii="${tls_hello_ascii%%[!0-9A-F]*}"
check_tls_serverhellodone "$tls_hello_ascii" if [[ "${tls_hello_ascii:0:1}" != "8" ]]; then
hello_done=$? check_tls_serverhellodone "$tls_hello_ascii"
hello_done=$?
fi
for(( 1 ; hello_done==1; 1 )); do for(( 1 ; hello_done==1; 1 )); do
sock_reply_file2=${SOCK_REPLY_FILE}.2 sock_reply_file2=${SOCK_REPLY_FILE}.2
@ -3526,31 +3528,42 @@ client_simulation_sockets() {
hexdump -C $SOCK_REPLY_FILE | head -6 hexdump -C $SOCK_REPLY_FILE | head -6
echo echo
fi fi
parse_tls_serverhello "$tls_hello_ascii" "ephemeralkey" "$cipher_list_2send" if [[ "${tls_hello_ascii:0:1}" == "8" ]]; then
save=$? parse_sslv2_serverhello "$SOCK_REPLY_FILE" "false"
if [[ $? -eq 3 ]] && [[ "$V2_HELLO_CIPHERSPEC_LENGTH" -ne 0 ]]; then
if [[ $save -eq 0 ]]; then echo "Protocol : SSLv2" > "$TEMPDIR/$NODEIP.parse_tls_serverhello.txt"
debugme echo "sending close_notify..." DETECTED_TLS_VERSION="0200"
if [[ "$DETECTED_TLS_VERSION" == "0300" ]]; then ret=0
socksend ",x15, x03, x00, x00, x02, x02, x00" 0
else else
socksend ",x15, x03, x01, x00, x02, x02, x00" 0 ret=1
fi fi
fi
if [[ $DEBUG -ge 2 ]]; then
# see https://secure.wand.net.nz/trac/libprotoident/wiki/SSL
lines=$(count_lines "$(hexdump -C "$SOCK_REPLY_FILE" 2>$ERRFILE)")
tm_out " ($lines lines returned) "
fi
# determine the return value for higher level, so that they can tell what the result is
if [[ $save -eq 1 ]] || [[ $lines -eq 1 ]]; then
ret=1 # NOT available
else else
ret=0 parse_tls_serverhello "$tls_hello_ascii" "ephemeralkey" "$cipher_list_2send"
save=$?
if [[ $save -eq 0 ]]; then
debugme echo "sending close_notify..."
if [[ "$DETECTED_TLS_VERSION" == "0300" ]]; then
socksend ",x15, x03, x00, x00, x02, x02, x00" 0
else
socksend ",x15, x03, x01, x00, x02, x02, x00" 0
fi
fi
if [[ $DEBUG -ge 2 ]]; then
# see https://secure.wand.net.nz/trac/libprotoident/wiki/SSL
lines=$(count_lines "$(hexdump -C "$SOCK_REPLY_FILE" 2>$ERRFILE)")
tm_out " ($lines lines returned) "
fi
# determine the return value for higher level, so that they can tell what the result is
if [[ $save -eq 1 ]] || [[ $lines -eq 1 ]]; then
ret=1 # NOT available
else
ret=0
fi
debugme tmln_out
fi fi
debugme tmln_out
close_socket close_socket
TMPFILE=$SOCK_REPLY_FILE TMPFILE=$SOCK_REPLY_FILE