mirror of
https://github.com/mozilla/cipherscan.git
synced 2024-11-04 15:03:41 +01:00
Fixes instances of SC2086, SC2046 errors regarding unquoted variables.
In cipherscan line 294: echo $identifier ^-- SC2086: Double quote to prevent globbing and word splitting. In cipherscan line 587: current_curves="$(get_curve_name $(echo $pfs|cut -d ',' -f2))" ^-- SC2046: Quote this to prevent word splitting. In cipherscan line 603: debug Connection $i ^-- SC2086: Double quote to prevent globbing and word splitting. In cipherscan line 715: echo $header ^-- SC2086: Double quote to prevent globbing and word splitting. In cipherscan line 719: echo $result|grep -v '(NONE)' ^-- SC2086: Double quote to prevent globbing and word splitting. In cipherscan line 897: local tmp=$(echo Q | $sslcommand -curves $test_curves 2>/dev/null) ^-- SC2086: Double quote to prevent globbing and word splitting. In cipherscan line 910: cname="$(get_curve_name ${ephem_data[1]})" ^-- SC2086: Double quote to prevent globbing and word splitting. In cipherscan line 953: local tmp=$(echo Q | $sslcommand -curves $test_curves 2>/dev/null) ^-- SC2086: Double quote to prevent globbing and word splitting. In cipherscan line 967: local cname="$(get_curve_name ${ephem_data[1]})" ^-- SC2086: Double quote to prevent globbing and word splitting. In cipherscan line 1017: local tmp=$(echo Q | $sslcommand -curves $test_curves 2>/dev/null) ^-- SC2086: Double quote to prevent globbing and word splitting. In cipherscan line 1030: local cname="$(get_curve_name ${ephem_data[1]})" ^-- SC2086: Double quote to prevent globbing and word splitting.
This commit is contained in:
parent
c103805a38
commit
bc79c51065
22
cipherscan
22
cipherscan
@ -328,7 +328,7 @@ get_curve_name() {
|
||||
return
|
||||
fi
|
||||
done
|
||||
echo $identifier
|
||||
echo "$identifier"
|
||||
return
|
||||
}
|
||||
|
||||
@ -621,7 +621,7 @@ test_cipher_on_target() {
|
||||
ecc_ciphers+="$cipher"
|
||||
else
|
||||
# resolve the openssl curve to the proper IANA name
|
||||
current_curves="$(get_curve_name $(echo $pfs|cut -d ',' -f2))"
|
||||
current_curves="$(get_curve_name "$(echo $pfs|cut -d ',' -f2)")"
|
||||
fi
|
||||
fi
|
||||
result="$cipher $protocols $pubkey $sigalg $trusted $tickethint $ocspstaple $pfs $current_curves $curves_ordering"
|
||||
@ -637,7 +637,7 @@ bench_cipher() {
|
||||
local t="$(date +%s%N)"
|
||||
verbose "Benchmarking handshake on '$TARGET' with ciphersuite '$ciphersuite'"
|
||||
for i in $(seq 1 $BENCHMARKITER); do
|
||||
debug Connection $i
|
||||
debug "Connection $i"
|
||||
(echo "Q" | $sslcommand 2>/dev/null 1>/dev/null)
|
||||
if (( $? != 0 )); then
|
||||
break
|
||||
@ -749,11 +749,11 @@ display_results_in_terminal() {
|
||||
ctr=0
|
||||
for result in "${results[@]}"; do
|
||||
if [[ $ctr -eq 0 ]]; then
|
||||
echo $header
|
||||
echo "$header"
|
||||
ctr=$((ctr+1))
|
||||
fi
|
||||
if [[ $different == "True" ]]; then
|
||||
echo $result|grep -v '(NONE)'
|
||||
echo "$result"|grep -v '(NONE)'
|
||||
else
|
||||
# prints priority, ciphersuite, protocols and pfs
|
||||
awk '!/(NONE)/{print $1 " " $2 " " $3 " " $9 " " $10}' <<<"$result"
|
||||
@ -931,7 +931,7 @@ test_curves() {
|
||||
verbose "Testing $test_curves with command $sslcommand"
|
||||
|
||||
ratelimit
|
||||
local tmp=$(echo Q | $sslcommand -curves $test_curves 2>/dev/null)
|
||||
local tmp=$(echo Q | $sslcommand -curves "$test_curves" 2>/dev/null)
|
||||
parse_openssl_output <<<"$tmp"
|
||||
|
||||
if [[ -z $current_protocol || $current_cipher == "(NONE)" || $current_cipher == '0000' ]]; then
|
||||
@ -944,7 +944,7 @@ test_curves() {
|
||||
if [[ -n $current_curves ]]; then
|
||||
current_curves+=","
|
||||
fi
|
||||
cname="$(get_curve_name ${ephem_data[1]})"
|
||||
cname="$(get_curve_name "${ephem_data[1]}")"
|
||||
verbose "Server selected ${ephem_data[1]}, a.k.a $cname"
|
||||
current_curves+="$cname"
|
||||
fi
|
||||
@ -987,7 +987,7 @@ test_curves() {
|
||||
|
||||
verbose "Testing ordering with $sslcommand -curves $test_curves"
|
||||
ratelimit
|
||||
local tmp=$(echo Q | $sslcommand -curves $test_curves 2>/dev/null)
|
||||
local tmp=$(echo Q | $sslcommand -curves "$test_curves" 2>/dev/null)
|
||||
parse_openssl_output <<<"$tmp"
|
||||
|
||||
if [[ -z $current_protocol || $current_cipher == "(NONE)" || $current_cipher == '0000' ]]; then
|
||||
@ -1001,7 +1001,7 @@ test_curves() {
|
||||
if [[ ${ephem_data[0]} =~ ECDH ]]; then
|
||||
verbose "Server did select ${ephem_data[1]} curve"
|
||||
curves_ordering="inconclusive-${ephem_data[1]}"
|
||||
local cname="$(get_curve_name ${ephem_data[1]})"
|
||||
local cname="$(get_curve_name "${ephem_data[1]}")"
|
||||
if [[ "$cname" == "$most_wanted" ]]; then
|
||||
curves_ordering="client"
|
||||
else
|
||||
@ -1051,7 +1051,7 @@ test_curves_fallback() {
|
||||
verbose "Testing $sslcommand -curves $test_curves"
|
||||
|
||||
ratelimit
|
||||
local tmp=$(echo Q | $sslcommand -curves $test_curves 2>/dev/null)
|
||||
local tmp=$(echo Q | $sslcommand -curves "$test_curves" 2>/dev/null)
|
||||
parse_openssl_output <<<"$tmp"
|
||||
|
||||
if [[ -z $current_protocol || $current_cipher == "(NONE)" || $current_cipher == '0000' ]]; then
|
||||
@ -1064,7 +1064,7 @@ test_curves_fallback() {
|
||||
|
||||
if [[ ${ephem_data[0]} =~ ECDH ]]; then
|
||||
# we got an ecc connection, remove the curve from the list of testable curves
|
||||
local cname="$(get_curve_name ${ephem_data[1]})"
|
||||
local cname="$(get_curve_name "${ephem_data[1]}")"
|
||||
verbose "Server selected curve $cname"
|
||||
for id in "${!curves[@]}"; do
|
||||
if [[ "${curves[id]}" == "$cname" ]]; then
|
||||
|
Loading…
Reference in New Issue
Block a user