Skip to content

Commit ddd4e2a

Browse files
author
Patrick Bogen
committed
Correct syntax errors that result when no supported curves are found.
1 parent 696e902 commit ddd4e2a

1 file changed

Lines changed: 17 additions & 15 deletions

File tree

cipherTest.sh

Lines changed: 17 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -105,25 +105,25 @@ then
105105
fi
106106

107107
cur=0
108-
if echo -ne $request | gnutls-cli --insecure --priority NONE:$all_protos:$all_kx:$all_macs:+COMP-NULL:$all_ciphers:$all_curves -p $PORT $IP > /dev/null 2>&1
108+
if echo -ne $request | gnutls-cli --insecure --priority NONE:$all_protos:$all_kx:$all_macs:+COMP-NULL:$all_ciphers${all_curves:+:$all_curves} -p $PORT $IP > /dev/null 2>&1
109109
then
110110
true
111111
else
112-
if echo -ne $request | gnutls-cli --insecure --priority NONE:$all_protos:$all_eckx:$all_macs:+COMP-NULL:$all_ciphers:$all_curves -p $PORT $IP > /dev/null 2>&1
112+
if echo -ne $request | gnutls-cli --insecure --priority NONE:$all_protos:$all_eckx:$all_macs:+COMP-NULL:$all_ciphers${all_curves:+:$all_curves} -p $PORT $IP > /dev/null 2>&1
113113
then
114114
true
115115
else
116116
echo "$0: error: ciphertest ran the following commands, both of which failed to connect:" >&2
117-
echo "$0: gnutls-cli --insecure --priority NONE:$all_protos:$all_kx:$all_macs:+COMP-NULL:$all_ciphers:$all_curves -p $PORT $IP" >&2
118-
echo "$0: gnutls-cli --insecure --priority NONE:$all_protos:$all_eckx:$all_macs:+COMP-NULL:$all_ciphers:$all_curves -p $PORT $IP" >&2
117+
echo "$0: gnutls-cli --insecure --priority NONE:$all_protos:$all_kx:$all_macs:+COMP-NULL:$all_ciphers${all_curves:+:$all_curves} -p $PORT $IP" >&2
118+
echo "$0: gnutls-cli --insecure --priority NONE:$all_protos:$all_eckx:$all_macs:+COMP-NULL:$all_ciphers${all_curves:+:$all_curves} -p $PORT $IP" >&2
119119
echo "$0: This may indicate that there is a flaw in this script, or that the remote server is not functioning correctly." >&2
120120
echo "$0: Please check the server and try again." >&2
121121
exit 1
122122
fi
123123
fi
124124

125125
[ -t 1 ] && echo -en "\r\e[KEvaluating ECDHE support..."
126-
if echo -ne $request | gnutls-cli --insecure --priority NONE:$all_protos:$all_kx:$all_eckx:$all_macs:+COMP-NULL:$all_ciphers:$all_curves -p $PORT $IP > /dev/null 2>&1
126+
if echo -ne $request | gnutls-cli --insecure --priority NONE:$all_protos:$all_kx:$all_eckx:$all_macs:+COMP-NULL:$all_ciphers${all_curves:+:$all_curves} -p $PORT $IP > /dev/null 2>&1
127127
then
128128
all_kx="$all_kx:$all_eckx"
129129
[ ${DEBUG:-0} -ge 1 ] && echo -e "\r$0: Good news! Elliptic curve is supported, so elliptic curve algorithms will be tested." >&2
@@ -139,7 +139,7 @@ for tgt in ${PROTOS[@]}
139139
do
140140
cur=$(( $cur + 1 ))
141141
[ -t 1 ] && echo -en "\r\e[KOptimizing $tgt... ($cur/$total)"
142-
if echo -ne $request | gnutls-cli --insecure --priority NONE:+VERS-$tgt:$all_kx:$all_macs:+COMP-NULL:$all_ciphers:$all_curves -p $PORT $IP > /dev/null 2>&1
142+
if echo -ne $request | gnutls-cli --insecure --priority NONE:+VERS-$tgt:$all_kx:$all_macs:+COMP-NULL:$all_ciphers${all_curves:+:$all_curves} -p $PORT $IP > /dev/null 2>&1
143143
then
144144
[ -z "$result" ] && result="$tgt" || result="$result $tgt"
145145
fi
@@ -182,8 +182,8 @@ result=""
182182
for cipher in ${CIPHERS[@]}
183183
do
184184
cur=$(( $cur + 1 ))
185-
[ -t 1 ] && echo -en "\r\e[KOptimizing... $cipher ($cur/$total)"
186-
TEST="gnutls-cli --insecure --priority NONE:$all_protos:$all_kx:$all_macs:+COMP-NULL:+$cipher:$all_curves -p $PORT $IP"
185+
[ -t 1 ] && echo -en "\r\e[KOptimizing $cipher... ($cur/$total)"
186+
TEST="gnutls-cli --insecure --priority NONE:$all_protos:$all_kx:$all_macs:+COMP-NULL:+$cipher${all_curves:+:$all_curves} -p $PORT $IP"
187187
[ ${DEBUG:-0} -ge 3 ] && echo -e "\rRunning $TEST..." >&2
188188
if echo -ne $request | $TEST > /dev/null 2>&1
189189
then
@@ -202,8 +202,9 @@ result=""
202202
for tgt in ${MACS[@]}
203203
do
204204
cur=$(( $cur + 1 ))
205-
[ -t 1 ] && echo -en "\r\e[KOptimizing... ($cur/$total)"
206-
if echo -ne $request | gnutls-cli --insecure --priority NONE:$all_protos:$all_kx:+$tgt:+COMP-NULL:$all_ciphers:$all_curves -p $PORT $IP > /dev/null 2>&1
205+
[ -t 1 ] && echo -en "\r\e[KOptimizing $tgt... ($cur/$total)"
206+
TEST="gnutls-cli --insecure --priority NONE:$all_protos:$all_kx:+$tgt:+COMP-NULL:$all_ciphers${all_curves:+:$all_curves} -p $PORT $IP"
207+
if echo -ne $request | $TEST > /dev/null 2>&1
207208
then
208209
[ -z "$result" ] && result="$tgt" || result="$result $tgt"
209210
fi
@@ -221,7 +222,8 @@ for tgt in ${KX[@]}
221222
do
222223
cur=$(( $cur + 1 ))
223224
[ -t 1 ] && echo -en "\r\e[KOptimizing... ($cur/$total)"
224-
if echo -ne $request | gnutls-cli --insecure --priority NONE:$all_protos:+$tgt:$all_macs:+COMP-NULL:$all_ciphers:$all_curves -p $PORT $IP > /dev/null 2>&1
225+
TEST="gnutls-cli --insecure --priority NONE:$all_protos:+$tgt:$all_macs:+COMP-NULL:$all_ciphers${all_curves:+:$all_curves} -p $PORT $IP"
226+
if echo -ne $request | $TEST > /dev/null 2>&1
225227
then
226228
[ -z "$result" ] && result="$tgt" || result="$result $tgt"
227229
fi
@@ -258,23 +260,23 @@ done
258260
for proto in ${PROTOS[@]}
259261
do
260262
[ -t 1 ] && printf '\r\e[K%-7s %-17s %-10s %-11s %-16s (%d / %d)' $proto "" "" "" "" $i $total
261-
echo -ne $request | gnutls-cli --insecure --priority NONE:+VERS-$proto:$all_kx:$all_macs:+COMP-NULL:$all_ciphers:$all_curves -p $PORT $IP > /dev/null 2>&1
263+
echo -ne $request | gnutls-cli --insecure --priority NONE:+VERS-$proto:$all_kx:$all_macs:+COMP-NULL:$all_ciphers${all_curves:+:$all_curves} -p $PORT $IP > /dev/null 2>&1
262264
[ $? -eq 0 ] || { i=$(( $i + ${#KX[@]} * ${#CIPHERS[@]} * ${#MACS[@]} )); continue; }
263265
for kx in ${KX[@]}
264266
do
265267
[ -t 1 ] && printf '\r%-7s %-17s %-10s %-11s %-16s (%d / %d)' $proto "" "" $kx "" $i $total
266-
echo -ne $request | gnutls-cli --insecure --priority NONE:+VERS-$proto:+$kx:$all_macs:+COMP-NULL:$all_ciphers:$all_curves -p $PORT $IP > /dev/null 2>&1
268+
echo -ne $request | gnutls-cli --insecure --priority NONE:+VERS-$proto:+$kx:$all_macs:+COMP-NULL:$all_ciphers${all_curves:+:$all_curves} -p $PORT $IP > /dev/null 2>&1
267269
[ $? -eq 0 ] || { i=$(( $i + ${#CIPHERS[@]} * ${#MACS[@]} )); continue; }
268270
for cipher in ${CIPHERS[@]}
269271
do
270272
[ -t 1 ] && printf '\r%-7s %-17s %-10s %-11s %-16s (%d / %d)' $proto $cipher "" $kx "" $i $total
271-
echo -ne $request | gnutls-cli --insecure --priority NONE:+VERS-$proto:+$kx:$all_macs:+COMP-NULL:+$cipher:$all_curves -p $PORT $IP > /dev/null 2>&1
273+
echo -ne $request | gnutls-cli --insecure --priority NONE:+VERS-$proto:+$kx:$all_macs:+COMP-NULL:+$cipher${all_curves:+:$all_curves} -p $PORT $IP > /dev/null 2>&1
272274
[ $? -eq 0 ] || { i=$(( $i + ${#MACS[@]} )); continue; }
273275
for mac in ${MACS[@]}
274276
do
275277
i=$(( $i + 1 ))
276278
[ -t 1 ] && printf '\r%-7s %-17s %-10s %-11s %-16s (%d / %d)' $proto $cipher $mac $kx "" $i $total
277-
echo -ne $request | gnutls-cli --insecure --priority NONE:+VERS-$proto:+$kx:+$mac:+COMP-NULL:+$cipher:$all_curves -p $PORT $IP > /dev/null 2>&1
279+
echo -ne $request | gnutls-cli --insecure --priority NONE:+VERS-$proto:+$kx:+$mac:+COMP-NULL:+$cipher${all_curves:+:$all_curves} -p $PORT $IP > /dev/null 2>&1
278280
[ $? -eq 0 ] || { i=$(( $i + ${#CURVES[@]} )); continue; }
279281
RE="^ECDHE.*"
280282
if [[ $kx =~ $RE ]]; then

0 commit comments

Comments
 (0)