Skip to content

Commit

Permalink
Check TLS 1.3 support in 0rtt-check command
Browse files Browse the repository at this point in the history
  • Loading branch information
@andyone
andyone committed May 28, 2020
1 parent 09196a4 commit 73f4e4a
Showing 1 changed file with 16 additions and 1 deletion.
17 changes: 16 additions & 1 deletion SOURCES/webkaos-utils
View file
Original file line number Diff line number Diff line change
Expand Up @@ -208,7 +208,7 @@ checkOCSP() {
host="$1"
server_name="${2:-$host}"
tmp_file=$(mktemp -u "$TMP_PATTERN")
status=$(openssl s_client -servername "$server_name" -connect "$host:443" -tls1_1 -tlsextdebug -status 2>&1 < /dev/null &> "$tmp_file")
status=$(openssl s_client -servername "$server_name" -connect "$host:443" -tls1 -tlsextdebug -status 2>&1 < /dev/null &> "$tmp_file")

if [[ $(grep 'OCSP Response Status: successful' "$tmp_file") == "" ]] ; then
show "OCSP Response Status: ${CL_RED}No response sent${CL_NORM}"
Expand All @@ -231,6 +231,11 @@ checkRTT() {
usage && exit 0
fi

if ! isProtocolSupported "TLSv1.3" ; then
error "Installed OpenSSL version doesn't support TLS 1.3"
exit 1
fi

local host req_temp status

host="$1"
Expand Down Expand Up @@ -427,6 +432,16 @@ sigExitTrap() {
doExit 1
}

# Checks if installed OpenSSL version supported given protocol
#
# 1: Protocol (String)
#
# Code: Yes
# Echo: No
isProtocolSupported() {
openssl ciphers -v | tr -s " " | cut -f2 -d" " | grep "$1"
}

# Remove temporary data and exit with given exit code
#
# 1: Exit code (Number) [Optional]
Expand Down

0 comments on commit 73f4e4a

Please sign in to comment.