Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-01-07 17:20:57 +01:00
Code Issues Packages Projects Releases Wiki Activity

FIX #622

Browse Source 
If the host negotiated SSLv3 reading of the ServerKeyExchange message failed
and as a consequence determination of the DH key
This commit is contained in:
Dirk 2017-09-18 17:50:06 +02:00
parent 8b076e9841
commit f372b4b775
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
testssl.sh
View File

@ -10385,6 +10385,9 @@ run_logjam() {
# Example: '<<< TLS 1.0 Handshake [length 010b], ServerKeyExchange' # Example: '<<< TLS 1.0 Handshake [length 010b], ServerKeyExchange'
# get line with ServerKeyExchange, cut from the beginning to "length ". cut from the end to ']' # get line with ServerKeyExchange, cut from the beginning to "length ". cut from the end to ']'
str="$(awk '/<<< TLS 1.[0-2].*ServerKeyExchange$/' $TMPFILE)" str="$(awk '/<<< TLS 1.[0-2].*ServerKeyExchange$/' $TMPFILE)"
if [[ -z "$str" ]] ; then
str="$(awk '/<<< SSL [2-3].*ServerKeyExchange$/' $TMPFILE)"
fi
str="${str#<*length }" str="${str#<*length }"
str="${str%]*}" str="${str%]*}"
server_key_exchange_len=$(hex2dec "$str") server_key_exchange_len=$(hex2dec "$str")
@ -10414,7 +10417,7 @@ run_logjam() {
else else
dh_p="$(toupper "$dh_p")" dh_p="$(toupper "$dh_p")"
# In the previous line of the match is bascially the hint we want to echo # In the previous line of the match is bascially the hint we want to echo
# the most elegant thing to get the previous line [ awk '/regex/ { print x }; { x=$0 }' ] doesn't work with GNU grep # the most elegant thing to get the previous line [ awk '/regex/ { print x }; { x=$0 }' ] doesn't work with gawk
lineno_matched=$(grep -n "$dh_p" "$common_primes_file" 2>/dev/null | awk -F':' '{ print $1 }') lineno_matched=$(grep -n "$dh_p" "$common_primes_file" 2>/dev/null | awk -F':' '{ print $1 }')
if [[ "$lineno_matched" -ne 0 ]]; then if [[ "$lineno_matched" -ne 0 ]]; then
comment="$(awk "NR == $lineno_matched-1" "$common_primes_file" | awk -F'"' '{ print $2 }')" comment="$(awk "NR == $lineno_matched-1" "$common_primes_file" | awk -F'"' '{ print $2 }')"