mirrors/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-10-31 07:40:58 +01:00
Code Issues Projects Releases Wiki Activity

Merge branch 'master' into issuer2

Browse Source 
Conflicts:
	testssl.sh
This commit is contained in:
David Cooper 2016-07-20 11:45:08 -04:00
commit bdea1a0971
1 changed files with 7 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
testssl.sh
View File

@ -3839,7 +3839,8 @@ certificate_info() {
local ocsp_response=$5 local ocsp_response=$5
local ocsp_response_status=$6 local ocsp_response_status=$6
local cert_sig_algo cert_sig_hash_algo cert_key_algo local cert_sig_algo cert_sig_hash_algo cert_key_algo
local expire days2expire secs2warn ocsp_uri crl startdate enddate issuer_CN issuer_C issuer_O issuer_DC issuer issuerfinding sans san cn cn_nosni local expire days2expire secs2warn ocsp_uri crl startdate enddate issuer_CN issuer_C issuer_O issuer sans san cn
local issuer_DC issuerfinding cn_nosni=""
local cert_fingerprint_sha1 cert_fingerprint_sha2 cert_fingerprint_serial local cert_fingerprint_sha1 cert_fingerprint_sha2 cert_fingerprint_serial
local policy_oid local policy_oid
local spaces="" local spaces=""
@ -4079,8 +4080,10 @@ certificate_info() {
# no cipher suites specified here. We just want the default vhost subject # no cipher suites specified here. We just want the default vhost subject
$OPENSSL s_client $STARTTLS $BUGS -connect $NODEIP:$PORT $PROXY $OPTIMAL_PROTO 2>>$ERRFILE </dev/null | awk '/-----BEGIN/,/-----END/ { print $0 }' >$HOSTCERT.nosni $OPENSSL s_client $STARTTLS $BUGS -connect $NODEIP:$PORT $PROXY $OPTIMAL_PROTO 2>>$ERRFILE </dev/null | awk '/-----BEGIN/,/-----END/ { print $0 }' >$HOSTCERT.nosni
if grep -q "\-\-\-\-\-BEGIN" "$HOSTCERT.nosni"; then
cn_nosni="$(get_cn_from_cert "$HOSTCERT.nosni")" cn_nosni="$(get_cn_from_cert "$HOSTCERT.nosni")"
[[ -z "$cn_nosni" ]] && cn_nosni="no CN field in subject" [[ -z "$cn_nosni" ]] && cn_nosni="no CN field in subject"
fi
#FIXME: check for SSLv3/v2 and look whether it goes to a different CN (probably not polite) #FIXME: check for SSLv3/v2 and look whether it goes to a different CN (probably not polite)
@ -8346,4 +8349,4 @@ fi
exit $? exit $?
# $Id: testssl.sh,v 1.526 2016/07/16 18:48:55 dirkw Exp $ # $Id: testssl.sh,v 1.527 2016/07/20 15:36:50 dirkw Exp $