From 28555b03f0f6c5438c83d1cd3f6cbb8361c778e3 Mon Sep 17 00:00:00 2001 From: Richard Soderberg Date: Sat, 5 Sep 2015 01:01:19 -0700 Subject: [PATCH] Refuse to proceed if the final argument starts with a hyphen. This detects and prevents a specific category of user error, where an incomplete cipherscan command line ending in an OpenSSL -option results in cipherscan attempting to scan the target '-option:443'. --- cipherscan | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/cipherscan b/cipherscan index 21d52c6..361f4fa 100755 --- a/cipherscan +++ b/cipherscan @@ -1359,6 +1359,14 @@ if [[ "$HOST" = "$PORT" ]]; then PORT=443 fi +# Refuse to proceed if the hostname starts with a hyphen, since hostnames can't +# begin with a hyphen and this likely means we accidentally parsed an option as +# a hostname. +if [[ $HOST =~ ^- ]]; then + echo "The final argument '$TEMPTARGET' begins with a hyphen '-', which is not a valid HOST[:PORT]." 1>&2 + exit 1 +fi + debug "host: $HOST" debug "Port: $PORT"