From a4dc363ee6ed4616b6fe607c47e104c484284fc1 Mon Sep 17 00:00:00 2001 From: Jonathan Hodgson Date: Wed, 13 Jan 2021 16:21:01 +0000 Subject: [PATCH] BIN: makes the verifySSL print progress messages to stderr I chose to do this because I want to be able to pipe stdout to a file and use it as evidence. I don't need the progress for that --- bin/.bin/webtest/verifySSL | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/bin/.bin/webtest/verifySSL b/bin/.bin/webtest/verifySSL index 54d5a99f..fd0e5aa5 100755 --- a/bin/.bin/webtest/verifySSL +++ b/bin/.bin/webtest/verifySSL @@ -34,7 +34,12 @@ check-beast(){ echo "" | $openssl s_client -ssl3 -connect "${host}:${port}" > /dev/null 2>&1 ssl3="$?" - $openssl ciphers -v | grep -i cbc | cut -d' ' -f1 | while read cipher; do + if [ $tls1 -gt 0 ] && [ $ssl3 -gt 0 ]; then + die "Neither TLSv1 or SSLv3 connected successfully so there is no need to test the ciphers" + fi + + $openssl ciphers -v | grep -i cbc | cut -d' ' -f1 | while read cipher; do + echo "Testing $cipher" >&2 if [ $tls1 -eq 0 ]; then echo "openssl s_client -tls1 -cipher $cipher -connect ${host}:${port}" >> "$tmpfile" echo "" | $openssl s_client -tls1 -cipher "$cipher" -connect "${host}:${port}" >> "$tmpfile" 2>&1