From 6b7836d3506fa0eb3d7ef81fa94b7617597dfc1f Mon Sep 17 00:00:00 2001 From: David Cooper Date: Mon, 22 Nov 2021 12:25:20 -0500 Subject: [PATCH] Fix sub_cipherlists() This commit fixes a bug in sub_cipherlists() when using sockets to test whether a server supports a set of ciphers with SSLv2. Code that is supposed to extract the list of SSLv2 ciphers to test for is incorrectly reading from the list of non-SSLv2 ciphers. --- testssl.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/testssl.sh b/testssl.sh index 5b0d9b9..abaea6f 100755 --- a/testssl.sh +++ b/testssl.sh @@ -5889,7 +5889,7 @@ sub_cipherlists() { elif [[ -n "$7" ]]; then sslv2_sockets "$7" "true" if [[ $? -eq 3 ]] && [[ "$V2_HELLO_CIPHERSPEC_LENGTH" -ne 0 ]]; then - sslv2_cipherlist="$(strip_spaces "${6//,/}")" + sslv2_cipherlist="$(strip_spaces "${7//,/}")" len=${#sslv2_cipherlist} detected_ssl2_ciphers="$(grep "Supported cipher: " "$TEMPDIR/$NODEIP.parse_sslv2_serverhello.txt")" for (( i=0; i