]>
git.proxmox.com Git - ceph.git/blob - ceph/src/jaegertracing/thrift/test/features/nosslv3.sh
4 # Checks to make sure SSLv3 is not allowed by a server.
10 while [[ $# -ge 1 ]]; do
16 THRIFTHOST
=${argIN[1]}
20 THRIFTPORT
=${argIN[1]}
24 # unknown option ignored
28 shift # past argument or value
37 opensslv
=$
(openssl version | cut
-d' ' -f2)
38 if [[ $opensslv > "1.0" ]]; then
39 echo "[pass] OpenSSL 1.1 or later - no need to check ssl3"
43 # echo "openssl s_client -connect $THRIFTHOST:$THRIFTPORT -CAfile ../keys/CA.pem -ssl3 2>&1 < /dev/null"
44 nego
=$
(openssl s_client
-connect $THRIFTHOST:$THRIFTPORT -CAfile ..
/keys
/CA.pem
-ssl3 2>&1 < /dev
/null
)
47 if [[ $negodenied -ne 0 ]]; then
48 echo "[pass] SSLv3 negotiation disabled"
53 echo "[fail] SSLv3 negotiation enabled! stdout:"