2
0
mirror of https://github.com/mozilla/cipherscan.git synced 2024-11-05 07:23:42 +01:00

Unroll the if-return/elif-return/else-return chain in test_cipher_on_target.

Rather than doing if-return, elif-return, else-return, just do
if-return, if-return, if-return. This provides no immediate benefit to
the code itself, but permits the introduction of code that alters the
$sigalg variable in between the first if-return and the latter two in an
upcoming commit.
This commit is contained in:
Richard Soderberg 2015-09-18 14:21:38 -07:00
parent e27f614f08
commit 87ecf60212

View File

@ -604,34 +604,34 @@ test_cipher_on_target() {
verbose "handshake failed, no ciphersuite was returned"
result='ConnectionFailure'
return 2
fi
# if cipher contains NONE, the cipher wasn't accepted
elif [[ "$cipher" == '(NONE) ' ]]; then
if [[ "$cipher" == '(NONE) ' ]]; then
result="$cipher $protocols $pubkey $sigalg $trusted $tickethint $ocspstaple $pfs $current_curves $curves_ordering"
verbose "handshake failed, server returned ciphersuite '$result'"
return 1
fi
# the connection succeeded
else
current_curves="None"
# if pfs uses ECDH, test supported curves
if [[ $pfs =~ ECDH ]]; then
has_curves="True"
if [[ $TEST_CURVES == "True" ]]; then
test_curves
if [[ -n $ecc_ciphers ]]; then
ecc_ciphers+=":"
fi
ecc_ciphers+="$cipher"
else
# resolve the openssl curve to the proper IANA name
current_curves="$(get_curve_name "$(echo $pfs|cut -d ',' -f2)")"
current_curves="None"
# if pfs uses ECDH, test supported curves
if [[ $pfs =~ ECDH ]]; then
has_curves="True"
if [[ $TEST_CURVES == "True" ]]; then
test_curves
if [[ -n $ecc_ciphers ]]; then
ecc_ciphers+=":"
fi
ecc_ciphers+="$cipher"
else
# resolve the openssl curve to the proper IANA name
current_curves="$(get_curve_name "$(echo $pfs|cut -d ',' -f2)")"
fi
result="$cipher $protocols $pubkey $sigalg $trusted $tickethint $ocspstaple $pfs $current_curves $curves_ordering"
verbose "handshake succeeded, server returned ciphersuite '$result'"
return 0
fi
result="$cipher $protocols $pubkey $sigalg $trusted $tickethint $ocspstaple $pfs $current_curves $curves_ordering"
verbose "handshake succeeded, server returned ciphersuite '$result'"
return 0
}
# Calculate the average handshake time for a specific ciphersuite