2
0
mirror of https://github.com/mozilla/cipherscan.git synced 2024-11-22 14:23:41 +01:00

Merge pull request #30 from tomato42/timeouts

Fix delay option
This commit is contained in:
Julien Vehent 2014-10-29 17:34:18 -04:00
commit 334c3118e2
2 changed files with 13 additions and 7 deletions

View File

@ -43,11 +43,19 @@ VERBOSE=0
DELAY=0 DELAY=0
ALLCIPHERS=0 ALLCIPHERS=0
OUTPUTFORMAT="terminal" OUTPUTFORMAT="terminal"
TIMEOUT=10 TIMEOUT=30
# place where to put the found intermediate CA certificates and where # place where to put the found intermediate CA certificates and where
# trust anchors are stored # trust anchors are stored
CAPATH="" CAPATH=""
# because running external commands like sleep incurs a fork penalty, we
# first check if it is necessary
ratelimit() {
if [[ $DELAY != "0" ]]; then
sleep $DELAY
fi
}
usage() { usage() {
echo -e "usage: $0 [-a|--allciphers] [-b|--benchmark] [--capath directory] [-d|--delay seconds] [-D|--debug] [-j|--json] [-v|--verbose] [-o|--openssl file] [openssl s_client args] <target:port> echo -e "usage: $0 [-a|--allciphers] [-b|--benchmark] [--capath directory] [-d|--delay seconds] [-D|--debug] [-j|--json] [-v|--verbose] [-o|--openssl file] [openssl s_client args] <target:port>
usage: $0 -h|--help usage: $0 -h|--help
@ -109,6 +117,7 @@ test_cipher_on_target() {
else else
cmnd=$sslcommand cmnd=$sslcommand
fi fi
ratelimit
debug echo \"Q\" \| $cmnd $tls_version debug echo \"Q\" \| $cmnd $tls_version
local tmp=$(echo "Q" | $cmnd $tls_version 1>/dev/stdout 2>/dev/null) local tmp=$(echo "Q" | $cmnd $tls_version 1>/dev/stdout 2>/dev/null)
if grep 'OCSP Response Data' <<<"$tmp" >/dev/null; then if grep 'OCSP Response Data' <<<"$tmp" >/dev/null; then
@ -237,7 +246,6 @@ get_cipher_pref() {
get_cipher_pref "!$pciph:$ciphersuite" get_cipher_pref "!$pciph:$ciphersuite"
return 0 return 0
fi fi
sleep $DELAY
} }
display_results_in_terminal() { display_results_in_terminal() {
@ -521,7 +529,5 @@ if [ $ALLCIPHERS -gt 0 ]; then
r="pass" r="pass"
fi fi
echo "$c $r"|awk '{printf "%-35s %s\n",$1,$2}' echo "$c $r"|awk '{printf "%-35s %s\n",$1,$2}'
debug "Sleeping for $DELAY."
sleep $DELAY
done done
fi fi

View File

@ -1,7 +1,7 @@
#!/usr/bin/env bash #!/usr/bin/env bash
parallel=10 parallel=10
max_bg=50 max_bg=50
absolute_max_bg=100 absolute_max_bg=400
max_load_avg=50 max_load_avg=50
if [ $(ulimit -u) -lt $((10*absolute_max_bg)) ]; then if [ $(ulimit -u) -lt $((10*absolute_max_bg)) ]; then
@ -32,7 +32,7 @@ function scan_host() {
if [ $? -gt 0 ]; then if [ $? -gt 0 ]; then
return return
fi fi
../cipherscan -json -servername $1 $2:443 > results/$1@$2 ../cipherscan --delay 2 -json -servername $1 $2:443 > results/$1@$2
} }
function scan_host_no_sni() { function scan_host_no_sni() {
@ -44,7 +44,7 @@ function scan_host_no_sni() {
if [ $? -gt 0 ]; then if [ $? -gt 0 ]; then
return return
fi fi
../cipherscan -json $1:443 > results/$1 ../cipherscan --delay 2 -json $1:443 > results/$1
} }
function scan_hostname() { function scan_hostname() {