mirror of
				https://github.com/drwetter/testssl.sh.git
				synced 2025-10-26 21:31:01 +01:00 
			
		
		
		
	SSLv2 fixes for test_just_one()
This PR changes test_just_one() to correctly handle SSLv2 ciphers. As with PR #424, this PR addresses the problem in which servers that do not implement SSLv2, but that implement RC4-MD5, EXP-RC2-CBC-MD5, EXP-RC4-MD5, or NULL-MD5 are shown as implementing both the SSLv2 and SSLv3 versions of the ciphers, and that any SSLv2 ciphers that a server does implement are not shown as being implemented.
This commit is contained in:
		
							parent
							
								
									9b3cfab5b8
								
							
						
					
					
						commit
						add75caf82
					
				| @ -1591,7 +1591,11 @@ test_just_one(){ | |||||||
|                     neat_list $HEXC $ciph $kx $enc | grep -qwai "$arg" |                     neat_list $HEXC $ciph $kx $enc | grep -qwai "$arg" | ||||||
|                fi |                fi | ||||||
|                if [[ $? -eq 0 ]]; then    # string matches, so we can ssl to it: |                if [[ $? -eq 0 ]]; then    # string matches, so we can ssl to it: | ||||||
|                     $OPENSSL s_client -cipher $ciph $STARTTLS $BUGS -connect $NODEIP:$PORT $PROXY $SNI 2>$ERRFILE >$TMPFILE </dev/null |                     if [[ "$sslvers" == "SSLv2" ]]; then | ||||||
|  |                          $OPENSSL s_client -ssl2 -cipher $ciph $STARTTLS $BUGS -connect $NODEIP:$PORT $PROXY 2>$ERRFILE >$TMPFILE </dev/null | ||||||
|  |                     else | ||||||
|  |                          $OPENSSL s_client -cipher $ciph $STARTTLS $BUGS -connect $NODEIP:$PORT $PROXY $SNI 2>$ERRFILE >$TMPFILE </dev/null | ||||||
|  |                     fi | ||||||
|                     sclient_connect_successful $? $TMPFILE |                     sclient_connect_successful $? $TMPFILE | ||||||
|                     sclient_success=$? |                     sclient_success=$? | ||||||
|                     if [[ $kx == "Kx=ECDH" ]] || [[ $kx == "Kx=DH" ]] || [[ $kx == "Kx=EDH" ]]; then |                     if [[ $kx == "Kx=ECDH" ]] || [[ $kx == "Kx=DH" ]] || [[ $kx == "Kx=EDH" ]]; then | ||||||
|  | |||||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user