"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "sslscan.c" between
sslscan-2.0.7.tar.gz and sslscan-2.0.8.tar.gz

About: sslscan tests SSL/TLS enabled services to discover supported cipher suites (a fork of an older sslscan).

sslscan.c  (sslscan-2.0.7):sslscan.c  (sslscan-2.0.8)
skipping to change at line 544 skipping to change at line 544
'1', '.', '3', '.', '6', '.', '1', '.', '4', '.', '1', '.', '1', '.', '3', '.', '6', '.', '1', '.', '4', '.', '1', '.',
'1', '4', '6', '6', '.', '2', '0', '0', '3', '7'}; '1', '4', '6', '6', '.', '2', '0', '0', '3', '7'};
char ok[] = "1.3.6.1.4.1.1466.20037"; char ok[] = "1.3.6.1.4.1.1466.20037";
char unsupported[] = "unsupported extended operation"; char unsupported[] = "unsupported extended operation";
// Send TLS // Send TLS
send(socketDescriptor, starttls, sizeof(starttls), 0); send(socketDescriptor, starttls, sizeof(starttls), 0);
if (!readOrLogAndClose(socketDescriptor, buffer, BUFFERSIZE, options)) if (!readOrLogAndClose(socketDescriptor, buffer, BUFFERSIZE, options))
return 0; return 0;
if (strstr(buffer, ok)) { if (memmem(buffer, BUFFERSIZE, ok, strlen(ok))) {
printf_verbose("STARTLS LDAP setup complete.\n"); printf_verbose("STARTLS LDAP setup complete.\n");
} }
else if (strstr(buffer, unsupported)) { else if (strstr(buffer, unsupported)) {
printf_error("STARTLS LDAP connection to %s:%d failed with '%s'.", printf_error("STARTLS LDAP connection to %s:%d failed with '%s'.",
options->host, options->port, unsupported); options->host, options->port, unsupported);
return 0; return 0;
} else { } else {
printf_error("STARTLS LDAP connection to %s:%d failed with unknown e rror.", printf_error("STARTLS LDAP connection to %s:%d failed with unknown e rror.",
options->host, options->port); options->host, options->port);
return 0; return 0;
skipping to change at line 1065 skipping to change at line 1065
} }
else else
{ {
printf("Server doesn't support TLS - skipping T LS Fallback SCSV check\n\n"); printf("Server doesn't support TLS - skipping T LS Fallback SCSV check\n\n");
status = false; status = false;
} }
} }
else else
{ {
printf("Server %sdoes not%s support TLS Fallback SCSV\n\n", COL_RED, RESET); printf("Server %sdoes not%s support TLS Fallback SCSV\n\n", COL_RED, RESET);
printf_xml(" <fallback supported=\"0\" />\n");
} }
} }
else else
{ {
if (downgraded) if (downgraded)
{ {
if (SSL_get_error(ssl, connStatus == 1)) if (SSL_get_error(ssl, connStatus == 1))
{ {
ERR_get_error(); ERR_get_error();
if (SSL_get_error(ssl, connStatus == 6)) if (SSL_get_error(ssl, connStatus == 6))
{ {
printf("Server %ssupports%s TLS Fallback SCSV\n\n", COL_GREEN, RESET); printf("Server %ssupports%s TLS Fallback SCSV\n\n", COL_GREEN, RESET);
printf_xml(" <fallback supported=\"1\" />\n");
status = false; status = false;
} }
} }
} }
else else
{ {
printf("%sConnection failed%s - unable to determ ine TLS Fallback SCSV support\n\n", printf("%sConnection failed%s - unable to determ ine TLS Fallback SCSV support\n\n",
COL_YELLOW, RESET); COL_YELLOW, RESET);
status = false; status = false;
} }
skipping to change at line 3534 skipping to change at line 3536
printf_xml(" <certificates>\n"); printf_xml(" <certificates>\n");
// Full certificate details (--show-certificates) // Full certificate details (--show-certificates)
if (status == true && options->showCertificate == true) if (status == true && options->showCertificate == true)
{ {
status = showCertificate(options); status = showCertificate(options);
} }
// Default certificate details // Default certificate details
if (status == true && options->checkCertificate == true) if (status == true && options->checkCertificate == true)
{ {
status = checkCertificateProtocol(options, TLS_client_method());
if (status != false) if (status != false)
{ status = checkCertificateProtocol(options, TLSv1_3_client_method
());
if (status != false)
status = checkCertificateProtocol(options, TLSv1_2_client_method
());
if (status != false)
status = checkCertificateProtocol(options, TLSv1_1_client_method
());
if (status != false)
status = checkCertificateProtocol(options, TLSv1_client_method()
);
if (status != false)
printf("Certificate information cannot be retrieved.\n\n"); printf("Certificate information cannot be retrieved.\n\n");
}
} }
printf_xml(" </certificates>\n"); printf_xml(" </certificates>\n");
} }
// Print client auth trusted CAs // Print client auth trusted CAs
if (options->showTrustedCAs == true) if (options->showTrustedCAs == true)
{ {
status = showTrustedCAs(options); status = showTrustedCAs(options);
} }
 End of changes. 6 change blocks. 
4 lines changed or deleted 15 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)