From 4c2f3dbc4d33de4eac5adb8598b412b4bd942013 Mon Sep 17 00:00:00 2001
From: Jonathan Hodgson <git@jonathanh.co.uk>
Date: Wed, 13 Jan 2021 16:27:59 +0000
Subject: [PATCH] BIN: adds sweet32 test to verifySSL

---
 bin/.bin/webtest/verifySSL | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/bin/.bin/webtest/verifySSL b/bin/.bin/webtest/verifySSL
index fd0e5aa5..c9c5f3d0 100755
--- a/bin/.bin/webtest/verifySSL
+++ b/bin/.bin/webtest/verifySSL
@@ -22,6 +22,7 @@ print_help(){
 
 list_vulnerabilites(){
 	echo "Beast"
+	echo "Sweet32"
 }
 
 check-beast(){
@@ -61,6 +62,16 @@ check-beast(){
 
 }
 
+check-sweet32(){
+	local tmpfile="$(mktemp)"
+	echo "openssl s_client -cipher 3DES -connect ${host}:${port}" >> "$tmpfile"
+	echo "" | $openssl s_client -cipher 3DES -connect "${host}:${port}" >> "$tmpfile" 2>&1
+	if [ "$?" -eq 0 ]; then
+		cat "$tmpfile"
+	fi
+	rm "$tmpfile"
+}
+
 while [ "$#" -gt 0 ]; do
 	case "$1" in
 		-p|--port)
@@ -98,6 +109,9 @@ case "$(echo "$vulnerability" | tr '[:upper:]' '[:lower:]')" in
 	beast)
 		check-beast
 		;;
+	sweet32)
+		check-sweet32
+		;;
 	*)
 		die "Unknown vulnerability $vulnerability"
 		;;