From f7919d00537a9676a493a64c2e73096b49d657bd Mon Sep 17 00:00:00 2001 From: Jonathan Hodgson Date: Sat, 13 Feb 2021 20:11:16 +0000 Subject: [PATCH] Bin: fixes the lucky13 check It apparently works with any cbc cipher and doesn't require tls1 --- bin/.bin/webtest/verifySSL | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/bin/.bin/webtest/verifySSL b/bin/.bin/webtest/verifySSL index a9f40b3e..ada057e1 100755 --- a/bin/.bin/webtest/verifySSL +++ b/bin/.bin/webtest/verifySSL @@ -70,8 +70,8 @@ check-sweet32(){ check-lucky13(){ local tmpfile="$(mktemp)" - $openssl ciphers -v | grep -i cbc3 | cut -d' ' -f1 | while read cipher; do - echo "\$ openssl s_client -tls1 -cipher $cipher -connect ${host}:${port}" >> "$tmpfile" + $openssl ciphers -v | grep -i cbc | cut -d' ' -f1 | while read cipher; do + echo "\$ openssl s_client -cipher $cipher -connect ${host}:${port}" >> "$tmpfile" echo "" | $openssl s_client -tls1 -cipher "$cipher" -connect "${host}:${port}" >> "$tmpfile" 2>&1 if [ "$?" -eq 0 ]; then cat "$tmpfile"