2
0
mirror of https://github.com/mozilla/cipherscan.git synced 2024-11-22 22:33:40 +01:00

Make mktemp obsolete

We have pipes, we shall use them!
This commit is contained in:
Michael Zeltner 2014-02-07 00:56:31 +01:00
parent 57f41d7376
commit 26b52d4e17
No known key found for this signature in database
GPG Key ID: 4E35F65846C8F7DA

View File

@ -65,17 +65,16 @@ test_cipher_on_target() {
pfs="" pfs=""
for tls_version in "-ssl2" "-ssl3" "-tls1" "-tls1_1" "-tls1_2" for tls_version in "-ssl2" "-ssl3" "-tls1" "-tls1_1" "-tls1_2"
do do
local tmp=$(mktemp "/tmp/cipherscan.XXXXXXXX") # OS X mktemp requires this.
# echo "$sslcommand $tls_version" # echo "$sslcommand $tls_version"
$sslcommand $tls_version 1>"$tmp" 2>/dev/null << EOF local tmp=$($sslcommand $tls_version 1>/dev/stdout 2>/dev/null << EOF
$REQUEST $REQUEST
EOF EOF
current_cipher=$(grep "New, " $tmp|awk '{print $5}') )
current_pfs=$(grep 'Server Temp Key' $tmp|awk '{print $4$5$6$7}') current_cipher=$(grep "New, " <<<"$tmp"|awk '{print $5}')
current_protocol=$(grep -E "^\s+Protocol\s+:" $tmp|awk '{print $3}') current_pfs=$(grep 'Server Temp Key' <<<"$tmp"|awk '{print $4$5$6$7}')
current_protocol=$(grep -E "^\s+Protocol\s+:" <<<"$tmp"|awk '{print $3}')
if [[ -z "$current_protocol" || "$current_cipher" == '(NONE)' ]]; then if [[ -z "$current_protocol" || "$current_cipher" == '(NONE)' ]]; then
# connection failed, try again with next TLS version # connection failed, try again with next TLS version
rm "$tmp"
continue continue
fi fi
# connection succeeded, add TLS version to positive results # connection succeeded, add TLS version to positive results
@ -87,7 +86,6 @@ EOF
cipher=$current_cipher cipher=$current_cipher
pfs=$current_pfs pfs=$current_pfs
# grab the cipher and PFS key size # grab the cipher and PFS key size
rm "$tmp"
done done
# if cipher is empty, that means none of the TLS version worked with # if cipher is empty, that means none of the TLS version worked with
# the current cipher # the current cipher