mirror of
https://github.com/drwetter/testssl.sh.git
synced 2025-01-23 08:59:31 +01:00
Use $HAS_SSL2
I changed the code to use the global $HAS_SSL2 rather than $sslv2_locally_supported. I don't think there's a need to use $HAS_SSL3 in run_allciphers(), since the call to "$OPENSSL s_client" for non-SSLv2 ciphers does not specify a protocol. It's also not needed in run_cipher_per_proto(), since there is already a call to locally_supported() before anything further is done with a protocol.
This commit is contained in:
parent
c6db49066f
commit
fe098d4b39
@ -1578,11 +1578,10 @@ run_allciphers() {
|
|||||||
local dhlen
|
local dhlen
|
||||||
local available
|
local available
|
||||||
local ciphers_to_test
|
local ciphers_to_test
|
||||||
local sslv2_locally_supported=false sslv2_supported=false
|
local sslv2_supported=false
|
||||||
|
|
||||||
# get a list of all the cipher suites to test (only need the hexcode, ciph, sslvers, kx, enc, and export values)
|
# get a list of all the cipher suites to test (only need the hexcode, ciph, sslvers, kx, enc, and export values)
|
||||||
while read hexcode[nr_ciphers] n ciph[nr_ciphers] sslvers[nr_ciphers] kx[nr_ciphers] auth enc[nr_ciphers] mac export2[nr_ciphers]; do
|
while read hexcode[nr_ciphers] n ciph[nr_ciphers] sslvers[nr_ciphers] kx[nr_ciphers] auth enc[nr_ciphers] mac export2[nr_ciphers]; do
|
||||||
[[ "${sslvers[nr_ciphers]}" == "SSLv2" ]] && sslv2_locally_supported=true
|
|
||||||
nr_ciphers=$nr_ciphers+1
|
nr_ciphers=$nr_ciphers+1
|
||||||
done < <($OPENSSL ciphers -V 'ALL:COMPLEMENTOFALL:@STRENGTH' 2>>$ERRFILE)
|
done < <($OPENSSL ciphers -V 'ALL:COMPLEMENTOFALL:@STRENGTH' 2>>$ERRFILE)
|
||||||
|
|
||||||
@ -1592,7 +1591,7 @@ run_allciphers() {
|
|||||||
outln
|
outln
|
||||||
neat_header
|
neat_header
|
||||||
|
|
||||||
if $sslv2_locally_supported; then
|
if "$HAS_SSL2"; then
|
||||||
$OPENSSL s_client $STARTTLS $BUGS -connect $NODEIP:$PORT $PROXY -ssl2 >$TMPFILE 2>$ERRFILE </dev/null
|
$OPENSSL s_client $STARTTLS $BUGS -connect $NODEIP:$PORT $PROXY -ssl2 >$TMPFILE 2>$ERRFILE </dev/null
|
||||||
sclient_connect_successful "$?" "$TMPFILE"
|
sclient_connect_successful "$?" "$TMPFILE"
|
||||||
[[ "$?" -eq 0 ]] && sslv2_supported=true
|
[[ "$?" -eq 0 ]] && sslv2_supported=true
|
||||||
|
Loading…
Reference in New Issue
Block a user