mirrors/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-10-30 23:30:59 +01:00
Code Issues Projects Releases Wiki Activity

Merge pull request #418 from dcooper16/issuer2

Browse Source 
CA names with domain component attributes
This commit is contained in:
Dirk Wetter 2016-07-21 12:16:24 +02:00 committed by GitHub
commit ddead05825
1 changed files with 22 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
testssl.sh
View File

@ -3840,7 +3840,7 @@ certificate_info() {
local ocsp_response_status=$6 local ocsp_response_status=$6
local cert_sig_algo cert_sig_hash_algo cert_key_algo local cert_sig_algo cert_sig_hash_algo cert_key_algo
local expire days2expire secs2warn ocsp_uri crl startdate enddate issuer_CN issuer_C issuer_O issuer sans san cn local expire days2expire secs2warn ocsp_uri crl startdate enddate issuer_CN issuer_C issuer_O issuer sans san cn
local cn_nosni="" local issuer_DC issuerfinding cn_nosni=""
local cert_fingerprint_sha1 cert_fingerprint_sha2 cert_fingerprint_serial local cert_fingerprint_sha1 cert_fingerprint_sha2 cert_fingerprint_serial
local policy_oid local policy_oid
local spaces="" local spaces=""
@ -4149,22 +4149,33 @@ certificate_info() {
issuer_CN="$(awk -F'=' '/CN=/ { print $2 }' <<< "$issuer")" issuer_CN="$(awk -F'=' '/CN=/ { print $2 }' <<< "$issuer")"
issuer_O="$(awk -F'=' '/O=/ { print $2 }' <<< "$issuer")" issuer_O="$(awk -F'=' '/O=/ { print $2 }' <<< "$issuer")"
issuer_C="$(awk -F'=' '/ C=/ { print $2 }' <<< "$issuer")" issuer_C="$(awk -F'=' '/ C=/ { print $2 }' <<< "$issuer")"
issuer_DC="$(awk -F'=' '/DC=/ { print $2 }' <<< "$issuer")"
if [[ "$issuer_O" == "issuer=" ]] || [[ "$issuer_O" == "issuer= " ]] || [[ "$issuer_CN" == "$CN" ]]; then if [[ "$issuer_O" == "issuer=" ]] || [[ "$issuer_O" == "issuer= " ]] || [[ "$issuer_CN" == "$CN" ]]; then
pr_svrty_criticalln "self-signed (NOT ok)" pr_svrty_criticalln "self-signed (NOT ok)"
fileout "${json_prefix}issuer" "NOT ok" "Issuer: selfsigned (NOT ok)" fileout "${json_prefix}issuer" "NOT ok" "Issuer: selfsigned (NOT ok)"
else else
pr_dquoted "$issuer_CN" issuerfinding="$(pr_dquoted "$issuer_CN")"
out " (" if [[ -z "$issuer_O" ]] && [[ -n "$issuer_DC" ]]; then
pr_dquoted "$issuer_O" for san in $issuer_DC; do
if [[ -n "$issuer_C" ]]; then if [[ -z "$issuer_O" ]]; then
out " from " issuer_O="${san}"
pr_dquoted "$issuer_C"
fileout "${json_prefix}issuer" "INFO" "Issuer: \"$issuer_CN\" ( \"$issuer_O\" from \"$issuer_C\")"
else else
fileout "${json_prefix}issuer" "INFO" "Issuer: \"$issuer_CN\" ( \"$issuer_O\" )" issuer_O="${san}.${issuer_O}"
fi fi
outln ")" done
fi
if [[ -n "$issuer_O" ]]; then
issuerfinding+=" ("
issuerfinding+="$(pr_dquoted "$issuer_O")"
if [[ -n "$issuer_C" ]]; then
issuerfinding+=" from "
issuerfinding+="$(pr_dquoted "$issuer_C")"
fi
issuerfinding+=")"
fi
outln "$issuerfinding"
fileout "${json_prefix}issuer" "INFO" "Issuer: $issuerfinding"
fi fi
# http://events.ccc.de/congress/2010/Fahrplan/attachments/1777_is-the-SSLiverse-a-safe-place.pdf, see page 40pp # http://events.ccc.de/congress/2010/Fahrplan/attachments/1777_is-the-SSLiverse-a-safe-place.pdf, see page 40pp