Skip to content

Commit

Permalink
Fix #2599
Browse files Browse the repository at this point in the history
This commit fixes #2599 by not wrapping fileout() messages in a "clientProblem" wrapper if TLS13_ONLY is set. The TLS13_ONLY flag being set is an indicator that fileout_banner() has already been called.
  • Loading branch information
dcooper16 authored Nov 26, 2024
1 parent 65c463f commit 26a3a8f
Showing 1 changed file with 6 additions and 2 deletions.
8 changes: 6 additions & 2 deletions testssl.sh
Original file line number Diff line number Diff line change
Expand Up @@ -1371,13 +1371,17 @@ fileout_insert_warning() {
[[ "$CMDLINE=" =~ -iL ]] && return 0
# Note we still have the message on screen + in HTML which is not as optimal as it could be

if "$do_pretty_json" && "$JSONHEADER"; then
# See #2599. The "clientProblem" wrapper should only be added if fileout_insert_warning()
# is called before fileout_banner(). The only instance in which this function is called
# after fileout_banner() is in the case of a TLS 1.3 only server when $OPENSSL does not
# support TLS 1.3.
if "$do_pretty_json" && "$JSONHEADER" && ! "$TLS13_ONLY"; then
echo -e " \"clientProblem${CLIENT_PROB_NO}\" : [" >>"$JSONFILE"
CLIENT_PROB_NO=$((CLIENT_PROB_NO + 1))
FIRST_FINDING=true # make sure we don't have a comma here
fi
fileout "$1" "$2" "$3"
if "$do_pretty_json"; then
if "$do_pretty_json" && ! "$TLS13_ONLY"; then
if "$JSONHEADER"; then
echo -e "\n ]," >>"$JSONFILE"
else
Expand Down

0 comments on commit 26a3a8f

Please sign in to comment.