2
0
mirror of https://github.com/mozilla/cipherscan.git synced 2024-12-25 04:03:41 +01:00

Enable SNI by default only if target is a fqdn and -servername not supplied

This commit is contained in:
Julien Vehent 2015-09-18 13:36:09 -04:00
parent 72e2b4f6e9
commit 5284dda0fb

View File

@ -1531,7 +1531,10 @@ if [[ $VERBOSE != 0 ]] ; then
fi
SCLIENTARGS="${PARAMS[*]}"
if [[ $SNI == "True" ]]; then
# only append the SNI:
# if the target is a hostname by validating the tld
# if -servername was not supplied by the user
if [[ $SNI == "True" && $sni_target =~ \.[a-z]{1,20}$ && ! $SCLIENTARGS =~ servername ]]; then
SCLIENTARGS="$SCLIENTARGS -servername $sni_target"
fi
debug "sclientargs: $SCLIENTARGS"