PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-06 04:31:29 +00:00
Code Issues Projects Releases Wiki Activity

Fix a crash in ssl-enum-ciphers when parsing unsupported cert types

Browse Source
This commit is contained in:
dmiller
2016-08-30 16:07:08 +00:00
parent c82915cb71
commit 8779c1e376
4 changed files with 21 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
scripts/ssl-enum-ciphers.nse
View File

@@ -685,8 +685,10 @@ local function find_ciphers_group(host, port, protocol, group, scores)
-- This may not always be the case, so
-- TODO: reorder certificates and validate entire chain
-- TODO: certificate validation (date, self-signed, etc)
local c = sslcert.parse_ssl_certificate(certs.certificates[1])
if c.pubkey.type == kex.pubkey then
local c, err = sslcert.parse_ssl_certificate(certs.certificates[1])
if not c then
stdnse.debug1("Failed to parse certificate: %s", err)
elseif c.pubkey.type == kex.pubkey then
local sigalg = c.sig_algorithm:match("([mM][dD][245])")
if sigalg then
-- MD2 and MD5 are broken