From ee4b2dfe5d40f09ec6419bedf726183fe0e85730 Mon Sep 17 00:00:00 2001
From: dmiller <dmiller@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Thu, 1 Jan 2015 21:09:05 +0000
Subject: [PATCH] A TODO note for ssl-enum-ciphers

We recently became dependent on OpenSSL for some of ssl-enum-ciphers's
functionality (parsing certificates). We should have a decent fallback
(e.g. don't parse the certificate, issue a warning, and use a dummy
score).

[ci skip] This tells Travis to skip the CI build when this commit is
pushed, useful for documentation changes that don't affect the build.
---
 scripts/ssl-enum-ciphers.nse | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/scripts/ssl-enum-ciphers.nse b/scripts/ssl-enum-ciphers.nse
index cff3f6647..c8b0f8606 100644
--- a/scripts/ssl-enum-ciphers.nse
+++ b/scripts/ssl-enum-ciphers.nse
@@ -509,6 +509,8 @@ local function find_ciphers_group(host, port, protocol, group, scores)
                 -- This may not always be the case, so
                 -- TODO: reorder certificates and validate entire chain
                 -- TODO: certificate validation (date, self-signed, etc)
+                -- TODO: Handle this gracefully when OpenSSL is not compiled in
+                --       (throws error otherwise)
                 local c = sslcert.parse_ssl_certificate(certs.certificates[1])
                 if c.pubkey.type == kex.pubkey then
                   local sigalg = c.sig_algorithm:match("([mM][dD][245])")