From 94a1c6fc0d8af62aef1f7604beda5b06851eaefa Mon Sep 17 00:00:00 2001
From: Hubert Kario <hkario@redhat.com>
Date: Mon, 4 Aug 2014 17:22:53 +0200
Subject: [PATCH] make handling of self signed certs more robust

openssl sometimes will print the filename, then the error, and finish
with OK, matching the colon and space prevents from considering such
certs to be valid
---
 cipherscan | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cipherscan b/cipherscan
index 9bae63d..b62ebb1 100755
--- a/cipherscan
+++ b/cipherscan
@@ -230,7 +230,7 @@ test_cipher_on_target() {
             local saved="False"
             if ${OPENSSLBIN} verify "${trust_source[@]}" \
                 -untrusted <(echo "$tmp") <(echo "$cert") 2>/dev/null | \
-                grep 'OK$' >/dev/null; then
+                grep ': OK$' >/dev/null; then
 
                 # if the certificate is an intermediate CA it may be useful
                 # for connecting to servers that are misconfigured so save it