mirror of
https://github.com/mozilla/cipherscan.git
synced 2024-11-22 22:33:40 +01:00
Unroll the if-return/elif-return/else-return chain in test_cipher_on_target.
Rather than doing if-return, elif-return, else-return, just do if-return, if-return, if-return. This provides no immediate benefit to the code itself, but permits the introduction of code that alters the $sigalg variable in between the first if-return and the latter two in an upcoming commit.
This commit is contained in:
parent
34d6ca62bd
commit
3107661b7c
36
cipherscan
36
cipherscan
@ -597,34 +597,34 @@ test_cipher_on_target() {
|
|||||||
verbose "handshake failed, no ciphersuite was returned"
|
verbose "handshake failed, no ciphersuite was returned"
|
||||||
result='ConnectionFailure'
|
result='ConnectionFailure'
|
||||||
return 2
|
return 2
|
||||||
|
fi
|
||||||
|
|
||||||
# if cipher contains NONE, the cipher wasn't accepted
|
# if cipher contains NONE, the cipher wasn't accepted
|
||||||
elif [[ "$cipher" == '(NONE) ' ]]; then
|
if [[ "$cipher" == '(NONE) ' ]]; then
|
||||||
result="$cipher $protocols $pubkey $sigalg $trusted $tickethint $ocspstaple $pfs $current_curves $curves_ordering"
|
result="$cipher $protocols $pubkey $sigalg $trusted $tickethint $ocspstaple $pfs $current_curves $curves_ordering"
|
||||||
verbose "handshake failed, server returned ciphersuite '$result'"
|
verbose "handshake failed, server returned ciphersuite '$result'"
|
||||||
return 1
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
# the connection succeeded
|
# the connection succeeded
|
||||||
else
|
current_curves="None"
|
||||||
current_curves="None"
|
# if pfs uses ECDH, test supported curves
|
||||||
# if pfs uses ECDH, test supported curves
|
if [[ $pfs =~ ECDH ]]; then
|
||||||
if [[ $pfs =~ ECDH ]]; then
|
has_curves="True"
|
||||||
has_curves="True"
|
if [[ $TEST_CURVES == "True" ]]; then
|
||||||
if [[ $TEST_CURVES == "True" ]]; then
|
test_curves
|
||||||
test_curves
|
if [[ -n $ecc_ciphers ]]; then
|
||||||
if [[ -n $ecc_ciphers ]]; then
|
ecc_ciphers+=":"
|
||||||
ecc_ciphers+=":"
|
|
||||||
fi
|
|
||||||
ecc_ciphers+="$cipher"
|
|
||||||
else
|
|
||||||
# resolve the openssl curve to the proper IANA name
|
|
||||||
current_curves="$(get_curve_name "$(echo $pfs|cut -d ',' -f2)")"
|
|
||||||
fi
|
fi
|
||||||
|
ecc_ciphers+="$cipher"
|
||||||
|
else
|
||||||
|
# resolve the openssl curve to the proper IANA name
|
||||||
|
current_curves="$(get_curve_name "$(echo $pfs|cut -d ',' -f2)")"
|
||||||
fi
|
fi
|
||||||
result="$cipher $protocols $pubkey $sigalg $trusted $tickethint $ocspstaple $pfs $current_curves $curves_ordering"
|
|
||||||
verbose "handshake succeeded, server returned ciphersuite '$result'"
|
|
||||||
return 0
|
|
||||||
fi
|
fi
|
||||||
|
result="$cipher $protocols $pubkey $sigalg $trusted $tickethint $ocspstaple $pfs $current_curves $curves_ordering"
|
||||||
|
verbose "handshake succeeded, server returned ciphersuite '$result'"
|
||||||
|
return 0
|
||||||
}
|
}
|
||||||
|
|
||||||
# Calculate the average handshake time for a specific ciphersuite
|
# Calculate the average handshake time for a specific ciphersuite
|
||||||
|
Loading…
Reference in New Issue
Block a user