Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-01-06 00:39:44 +01:00
Code Issues Packages Projects Releases Wiki Activity

Use $HAS_SSL2

Browse Source 
I changed the code to use the global $HAS_SSL2 rather than $sslv2_locally_supported.

I don't think there's a need to use $HAS_SSL3 in run_allciphers(), since the call to "$OPENSSL s_client" for non-SSLv2 ciphers does not specify a protocol. It's also not needed in run_cipher_per_proto(), since there is already a call to locally_supported() before anything further is done with a protocol.
This commit is contained in:
David Cooper 2016-04-19 09:47:52 -04:00
parent c6db49066f
commit fe098d4b39
1 changed files with 2 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
testssl.sh
View File

@ -1578,11 +1578,10 @@ run_allciphers() {
local dhlen
local available
local ciphers_to_test
local sslv2_locally_supported=false sslv2_supported=false
local sslv2_supported=false
# get a list of all the cipher suites to test (only need the hexcode, ciph, sslvers, kx, enc, and export values)
while read hexcode[nr_ciphers] n ciph[nr_ciphers] sslvers[nr_ciphers] kx[nr_ciphers] auth enc[nr_ciphers] mac export2[nr_ciphers]; do
[[ "${sslvers[nr_ciphers]}" == "SSLv2" ]] && sslv2_locally_supported=true
nr_ciphers=$nr_ciphers+1
done < <($OPENSSL ciphers -V 'ALL:COMPLEMENTOFALL:@STRENGTH' 2>>$ERRFILE)
@ -1592,7 +1591,7 @@ run_allciphers() {
outln
neat_header
if $sslv2_locally_supported; then
if "$HAS_SSL2"; then
$OPENSSL s_client $STARTTLS $BUGS -connect $NODEIP:$PORT $PROXY -ssl2 >$TMPFILE 2>$ERRFILE </dev/null
sclient_connect_successful "$?" "$TMPFILE"
[[ "$?" -eq 0 ]] && sslv2_supported=true