mirror of
https://github.com/mozilla/cipherscan.git
synced 2024-12-25 20:23:41 +01:00
Unroll the if-return/elif-return/else-return chain in test_cipher_on_target.
Rather than doing if-return, elif-return, else-return, just do if-return, if-return, if-return. This provides no immediate benefit to the code itself, but permits the introduction of code that alters the $sigalg variable in between the first if-return and the latter two in an upcoming commit.
This commit is contained in:
parent
e27f614f08
commit
87ecf60212
36
cipherscan
36
cipherscan
@ -604,34 +604,34 @@ test_cipher_on_target() {
|
||||
verbose "handshake failed, no ciphersuite was returned"
|
||||
result='ConnectionFailure'
|
||||
return 2
|
||||
fi
|
||||
|
||||
# if cipher contains NONE, the cipher wasn't accepted
|
||||
elif [[ "$cipher" == '(NONE) ' ]]; then
|
||||
if [[ "$cipher" == '(NONE) ' ]]; then
|
||||
result="$cipher $protocols $pubkey $sigalg $trusted $tickethint $ocspstaple $pfs $current_curves $curves_ordering"
|
||||
verbose "handshake failed, server returned ciphersuite '$result'"
|
||||
return 1
|
||||
fi
|
||||
|
||||
# the connection succeeded
|
||||
else
|
||||
current_curves="None"
|
||||
# if pfs uses ECDH, test supported curves
|
||||
if [[ $pfs =~ ECDH ]]; then
|
||||
has_curves="True"
|
||||
if [[ $TEST_CURVES == "True" ]]; then
|
||||
test_curves
|
||||
if [[ -n $ecc_ciphers ]]; then
|
||||
ecc_ciphers+=":"
|
||||
fi
|
||||
ecc_ciphers+="$cipher"
|
||||
else
|
||||
# resolve the openssl curve to the proper IANA name
|
||||
current_curves="$(get_curve_name "$(echo $pfs|cut -d ',' -f2)")"
|
||||
current_curves="None"
|
||||
# if pfs uses ECDH, test supported curves
|
||||
if [[ $pfs =~ ECDH ]]; then
|
||||
has_curves="True"
|
||||
if [[ $TEST_CURVES == "True" ]]; then
|
||||
test_curves
|
||||
if [[ -n $ecc_ciphers ]]; then
|
||||
ecc_ciphers+=":"
|
||||
fi
|
||||
ecc_ciphers+="$cipher"
|
||||
else
|
||||
# resolve the openssl curve to the proper IANA name
|
||||
current_curves="$(get_curve_name "$(echo $pfs|cut -d ',' -f2)")"
|
||||
fi
|
||||
result="$cipher $protocols $pubkey $sigalg $trusted $tickethint $ocspstaple $pfs $current_curves $curves_ordering"
|
||||
verbose "handshake succeeded, server returned ciphersuite '$result'"
|
||||
return 0
|
||||
fi
|
||||
result="$cipher $protocols $pubkey $sigalg $trusted $tickethint $ocspstaple $pfs $current_curves $curves_ordering"
|
||||
verbose "handshake succeeded, server returned ciphersuite '$result'"
|
||||
return 0
|
||||
}
|
||||
|
||||
# Calculate the average handshake time for a specific ciphersuite
|
||||
|
Loading…
Reference in New Issue
Block a user