From 95c75f1792837753023e60a9f227d033973d07d6 Mon Sep 17 00:00:00 2001
From: David Cooper <dcooper16@gmail.com>
Date: Thu, 5 Jan 2017 15:45:18 -0500
Subject: [PATCH] Add support for OpenSSL 1.1.0

Starting with OpenSSL 1.1.0, s_client will not offer TLS compression methods, even if OpenSSL is compiled with zlib support, unless the `-comp` flag is included in the command line.
---
 testssl.sh | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/testssl.sh b/testssl.sh
index 2019b18..64310c4 100755
--- a/testssl.sh
+++ b/testssl.sh
@@ -8998,6 +8998,9 @@ run_crime() {
           fi
      else
           [[ "$OSSL_VER" == "0.9.8"* ]] && addcmd="-no_ssl2"
+          if [[ $OSSL_VER_MAJOR.$OSSL_VER_MINOR == "1.1.0"* ]] || [[ $OSSL_VER_MAJOR.$OSSL_VER_MINOR == "1.1.1"* ]]; then
+               addcmd="-comp"
+          fi
           $OPENSSL s_client $OPTIMAL_PROTO $BUGS $addcmd $STARTTLS -connect $NODEIP:$PORT $PROXY $SNI </dev/null &>$TMPFILE
           sclient_connect_successful $? $TMPFILE
           sclient_success=$?