LittleNellie/cipherscan
2
0
Fork 0
mirror of https://github.com/mozilla/cipherscan.git synced 2024-11-22 14:23:41 +01:00
Code Issues Releases Wiki Activity

fixes for the pull request #18

Browse Source 
there were few small issues with the pull #18 even though jvehent merged
it, this fixes them
This commit is contained in:
Hubert Kario 2014-10-04 14:46:36 +02:00
parent 8911827be1
commit 77f326522e
3 changed files with 8 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cipherscan
View File

@ -22,6 +22,8 @@ fi
if [ ! -e "$CACERTS" ]; then if [ ! -e "$CACERTS" ]; then
echo "Warning: CA Certificates not found at $CACERTS, export CACERTS variable with location of your trust anchors" 1>&2 echo "Warning: CA Certificates not found at $CACERTS, export CACERTS variable with location of your trust anchors" 1>&2
fi fi
# RSA ciphers are put at the end to force Google servers to accept ECDSA ciphers
# (probably a result of a workaround for the bug in Apple implementation of ECDSA)
CIPHERSUITE="ALL:COMPLEMENTOFALL:+aRSA" CIPHERSUITE="ALL:COMPLEMENTOFALL:+aRSA"
DEBUG=0 DEBUG=0
VERBOSE=0 VERBOSE=0

1
top1m/parse_results.py
View File

@ -75,6 +75,7 @@ for r,d,flist in os.walk(path):
tempdsakeystats = {} tempdsakeystats = {}
tempsigstats = {} tempsigstats = {}
tempticketstats = {} tempticketstats = {}
""" supported ciphers by the server under scan """
tempcipherstats = {} tempcipherstats = {}
ciphertypes = 0 ciphertypes = 0
AESGCM = False AESGCM = False

8
top1m/testtop1m.sh
View File

@ -2,7 +2,7 @@
parallel=10 parallel=10
max_bg=50 max_bg=50
absolute_max_bg=100 absolute_max_bg=100
max_load=50 max_load_avg=50
if [ $(ulimit -u) -lt $((10*absolute_max_bg)) ]; then if [ $(ulimit -u) -lt $((10*absolute_max_bg)) ]; then
echo "max user processes too low, use ulimit -u to increase" echo "max user processes too low, use ulimit -u to increase"
@ -38,8 +38,8 @@ function wait_for_jobs() {
local no_jobs local no_jobs
no_jobs=$(jobs | wc -l) no_jobs=$(jobs | wc -l)
while [ $no_jobs -gt $1 ] || awk -v maxload=$max_load '{ if ($1 < maxload) exit 1 }' /proc/loadavg; do while [ $no_jobs -gt $1 ] || awk -v maxload=$max_load_avg '{ if ($1 < maxload) exit 1 }' /proc/loadavg; do
if awk -v maxload=$max_load '{ if ($1 > maxload) exit 1 }' /proc/loadavg && [ $no_jobs -lt $absolute_max_bg ]; then if awk -v maxload=$max_load_avg '{ if ($1 > maxload) exit 1 }' /proc/loadavg && [ $no_jobs -lt $absolute_max_bg ]; then
return return
fi fi
sleep 1 sleep 1
@ -72,6 +72,8 @@ function scan_host_no_sni() {
} }
function scan_hostname() { function scan_hostname() {
# check if the hostname isn't an IP address (since we can't put IP
# addresses to SNI extension)
if [[ ! -z $(awk -F. '$1>=0 && $1<=255 && $2>=0 && $2<=255 && if [[ ! -z $(awk -F. '$1>=0 && $1<=255 && $2>=0 && $2<=255 &&
$3>=0 && $3<=255 && $4>=0 && $4<=255 && NF==4' <<<"$1") ]]; then $3>=0 && $3<=255 && $4>=0 && $4<=255 && NF==4' <<<"$1") ]]; then
scan_host_no_sni $1 scan_host_no_sni $1