From 3107661b7c4ef3a7f4935320033b38191982becb Mon Sep 17 00:00:00 2001
From: Richard Soderberg <rsoderberg@gmail.com>
Date: Fri, 18 Sep 2015 14:21:38 -0700
Subject: [PATCH] Unroll the if-return/elif-return/else-return chain in
 test_cipher_on_target.

Rather than doing if-return, elif-return, else-return, just do
if-return, if-return, if-return. This provides no immediate benefit to
the code itself, but permits the introduction of code that alters the
$sigalg variable in between the first if-return and the latter two in an
upcoming commit.
---
 cipherscan | 36 ++++++++++++++++++------------------
 1 file changed, 18 insertions(+), 18 deletions(-)

diff --git a/cipherscan b/cipherscan
index 24be563..30c8357 100755
--- a/cipherscan
+++ b/cipherscan
@@ -597,34 +597,34 @@ test_cipher_on_target() {
         verbose "handshake failed, no ciphersuite was returned"
         result='ConnectionFailure'
         return 2
+    fi
 
     # if cipher contains NONE, the cipher wasn't accepted
-    elif [[ "$cipher" == '(NONE)  ' ]]; then
+    if [[ "$cipher" == '(NONE)  ' ]]; then
         result="$cipher $protocols $pubkey $sigalg $trusted $tickethint $ocspstaple $pfs $current_curves $curves_ordering"
         verbose "handshake failed, server returned ciphersuite '$result'"
         return 1
+    fi
 
     # the connection succeeded
-    else
-        current_curves="None"
-        # if pfs uses ECDH, test supported curves
-        if [[ $pfs =~ ECDH ]]; then
-            has_curves="True"
-            if [[ $TEST_CURVES == "True" ]]; then
-                test_curves
-                if [[ -n $ecc_ciphers ]]; then
-                    ecc_ciphers+=":"
-                fi
-                ecc_ciphers+="$cipher"
-            else
-                # resolve the openssl curve to the proper IANA name
-                current_curves="$(get_curve_name "$(echo $pfs|cut -d ',' -f2)")"
+    current_curves="None"
+    # if pfs uses ECDH, test supported curves
+    if [[ $pfs =~ ECDH ]]; then
+        has_curves="True"
+        if [[ $TEST_CURVES == "True" ]]; then
+            test_curves
+            if [[ -n $ecc_ciphers ]]; then
+                ecc_ciphers+=":"
             fi
+            ecc_ciphers+="$cipher"
+        else
+            # resolve the openssl curve to the proper IANA name
+            current_curves="$(get_curve_name "$(echo $pfs|cut -d ',' -f2)")"
         fi
-        result="$cipher $protocols $pubkey $sigalg $trusted $tickethint $ocspstaple $pfs $current_curves $curves_ordering"
-        verbose "handshake succeeded, server returned ciphersuite '$result'"
-        return 0
     fi
+    result="$cipher $protocols $pubkey $sigalg $trusted $tickethint $ocspstaple $pfs $current_curves $curves_ordering"
+    verbose "handshake succeeded, server returned ciphersuite '$result'"
+    return 0
 }
 
 # Calculate the average handshake time for a specific ciphersuite