2
0
mirror of https://github.com/mozilla/cipherscan.git synced 2024-11-04 15:03:41 +01:00

Fixes instances of SC2086, SC2046 errors regarding unquoted variables.

In cipherscan line 294:
    echo $identifier
         ^-- SC2086: Double quote to prevent globbing and word splitting.

In cipherscan line 587:
                current_curves="$(get_curve_name $(echo $pfs|cut -d ',' -f2))"
                                                 ^-- SC2046: Quote this to prevent word splitting.

In cipherscan line 603:
        debug Connection $i
                         ^-- SC2086: Double quote to prevent globbing and word splitting.

In cipherscan line 715:
            echo $header
                 ^-- SC2086: Double quote to prevent globbing and word splitting.

In cipherscan line 719:
            echo $result|grep -v '(NONE)'
                 ^-- SC2086: Double quote to prevent globbing and word splitting.

In cipherscan line 897:
        local tmp=$(echo Q | $sslcommand -curves $test_curves 2>/dev/null)
                                                 ^-- SC2086: Double quote to prevent globbing and word splitting.

In cipherscan line 910:
                cname="$(get_curve_name ${ephem_data[1]})"
                                        ^-- SC2086: Double quote to prevent globbing and word splitting.

In cipherscan line 953:
        local tmp=$(echo Q | $sslcommand -curves $test_curves 2>/dev/null)
                                                 ^-- SC2086: Double quote to prevent globbing and word splitting.

In cipherscan line 967:
                local cname="$(get_curve_name ${ephem_data[1]})"
                                              ^-- SC2086: Double quote to prevent globbing and word splitting.

In cipherscan line 1017:
        local tmp=$(echo Q | $sslcommand -curves $test_curves 2>/dev/null)
                                                 ^-- SC2086: Double quote to prevent globbing and word splitting.

In cipherscan line 1030:
                local cname="$(get_curve_name ${ephem_data[1]})"
                                              ^-- SC2086: Double quote to prevent globbing and word splitting.
This commit is contained in:
Richard Soderberg 2015-09-05 04:25:55 -07:00
parent c103805a38
commit bc79c51065

View File

@ -328,7 +328,7 @@ get_curve_name() {
return
fi
done
echo $identifier
echo "$identifier"
return
}
@ -621,7 +621,7 @@ test_cipher_on_target() {
ecc_ciphers+="$cipher"
else
# resolve the openssl curve to the proper IANA name
current_curves="$(get_curve_name $(echo $pfs|cut -d ',' -f2))"
current_curves="$(get_curve_name "$(echo $pfs|cut -d ',' -f2)")"
fi
fi
result="$cipher $protocols $pubkey $sigalg $trusted $tickethint $ocspstaple $pfs $current_curves $curves_ordering"
@ -637,7 +637,7 @@ bench_cipher() {
local t="$(date +%s%N)"
verbose "Benchmarking handshake on '$TARGET' with ciphersuite '$ciphersuite'"
for i in $(seq 1 $BENCHMARKITER); do
debug Connection $i
debug "Connection $i"
(echo "Q" | $sslcommand 2>/dev/null 1>/dev/null)
if (( $? != 0 )); then
break
@ -749,11 +749,11 @@ display_results_in_terminal() {
ctr=0
for result in "${results[@]}"; do
if [[ $ctr -eq 0 ]]; then
echo $header
echo "$header"
ctr=$((ctr+1))
fi
if [[ $different == "True" ]]; then
echo $result|grep -v '(NONE)'
echo "$result"|grep -v '(NONE)'
else
# prints priority, ciphersuite, protocols and pfs
awk '!/(NONE)/{print $1 " " $2 " " $3 " " $9 " " $10}' <<<"$result"
@ -931,7 +931,7 @@ test_curves() {
verbose "Testing $test_curves with command $sslcommand"
ratelimit
local tmp=$(echo Q | $sslcommand -curves $test_curves 2>/dev/null)
local tmp=$(echo Q | $sslcommand -curves "$test_curves" 2>/dev/null)
parse_openssl_output <<<"$tmp"
if [[ -z $current_protocol || $current_cipher == "(NONE)" || $current_cipher == '0000' ]]; then
@ -944,7 +944,7 @@ test_curves() {
if [[ -n $current_curves ]]; then
current_curves+=","
fi
cname="$(get_curve_name ${ephem_data[1]})"
cname="$(get_curve_name "${ephem_data[1]}")"
verbose "Server selected ${ephem_data[1]}, a.k.a $cname"
current_curves+="$cname"
fi
@ -987,7 +987,7 @@ test_curves() {
verbose "Testing ordering with $sslcommand -curves $test_curves"
ratelimit
local tmp=$(echo Q | $sslcommand -curves $test_curves 2>/dev/null)
local tmp=$(echo Q | $sslcommand -curves "$test_curves" 2>/dev/null)
parse_openssl_output <<<"$tmp"
if [[ -z $current_protocol || $current_cipher == "(NONE)" || $current_cipher == '0000' ]]; then
@ -1001,7 +1001,7 @@ test_curves() {
if [[ ${ephem_data[0]} =~ ECDH ]]; then
verbose "Server did select ${ephem_data[1]} curve"
curves_ordering="inconclusive-${ephem_data[1]}"
local cname="$(get_curve_name ${ephem_data[1]})"
local cname="$(get_curve_name "${ephem_data[1]}")"
if [[ "$cname" == "$most_wanted" ]]; then
curves_ordering="client"
else
@ -1051,7 +1051,7 @@ test_curves_fallback() {
verbose "Testing $sslcommand -curves $test_curves"
ratelimit
local tmp=$(echo Q | $sslcommand -curves $test_curves 2>/dev/null)
local tmp=$(echo Q | $sslcommand -curves "$test_curves" 2>/dev/null)
parse_openssl_output <<<"$tmp"
if [[ -z $current_protocol || $current_cipher == "(NONE)" || $current_cipher == '0000' ]]; then
@ -1064,7 +1064,7 @@ test_curves_fallback() {
if [[ ${ephem_data[0]} =~ ECDH ]]; then
# we got an ecc connection, remove the curve from the list of testable curves
local cname="$(get_curve_name ${ephem_data[1]})"
local cname="$(get_curve_name "${ephem_data[1]}")"
verbose "Server selected curve $cname"
for id in "${!curves[@]}"; do
if [[ "${curves[id]}" == "$cname" ]]; then