PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-07 13:11:28 +00:00
Code Issues Projects Releases Wiki Activity

A TODO note for ssl-enum-ciphers

Browse Source 
We recently became dependent on OpenSSL for some of ssl-enum-ciphers's
functionality (parsing certificates). We should have a decent fallback
(e.g. don't parse the certificate, issue a warning, and use a dummy
score).

[ci skip] This tells Travis to skip the CI build when this commit is
pushed, useful for documentation changes that don't affect the build.
This commit is contained in:
dmiller
2015-01-01 21:09:05 +00:00
parent d1e429f42b
commit ee4b2dfe5d
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
scripts/ssl-enum-ciphers.nse
View File

@@ -509,6 +509,8 @@ local function find_ciphers_group(host, port, protocol, group, scores)
-- This may not always be the case, so
-- TODO: reorder certificates and validate entire chain
-- TODO: certificate validation (date, self-signed, etc)
-- TODO: Handle this gracefully when OpenSSL is not compiled in
-- (throws error otherwise)
local c = sslcert.parse_ssl_certificate(certs.certificates[1])
if c.pubkey.type == kex.pubkey then
local sigalg = c.sig_algorithm:match("([mM][dD][245])")