diff options
author | d4t4king <dataking@gmail.com> | 2014-10-09 02:04:29 +0400 |
---|---|---|
committer | d4t4king <dataking@gmail.com> | 2014-10-09 02:04:29 +0400 |
commit | 111097506fddf5ae6257f8f84d6e27ed857b8040 (patch) | |
tree | 0b1fea322e3a3b4f8ec9ac6fad753773a2bd76b3 | |
parent | 3d0fb8d529e69d6325742c098d7283a7d7e74e2d (diff) |
Tweaked nginx protocol check so it actually works. Added insecure protocol detection.
-rw-r--r-- | include/functions | 1 | ||||
-rw-r--r-- | include/tests_webservers | 6 |
2 files changed, 7 insertions, 0 deletions
diff --git a/include/functions b/include/functions index df24633c..21736f71 100644 --- a/include/functions +++ b/include/functions @@ -824,6 +824,7 @@ if [ "${VALUE}" = "on" ]; then NGINX_SSL_PREFER_SERVER_CIPHERS=1; fi ;; ssl_protocols) + NGINX_SSL_PROTOCOLS=1 ;; ssl_session_cache) ;; diff --git a/include/tests_webservers b/include/tests_webservers index cc7b8bf1..df1086a4 100644 --- a/include/tests_webservers +++ b/include/tests_webservers @@ -501,6 +501,12 @@ if [ ${NGINX_SSL_PROTOCOLS} -eq 1 ]; then Display --indent 8 --text "- Protocols configured" --result "YES" --color GREEN + FIND=`${GREPBINARY} "ssl_protocols" ${NGINX_CONF_LOCATION} | ${GREPBINARY} "SSLv[12]"` + if [ "${FIND}" = "" ]; then + Display --indent 10 --text "- Insecure protocols found" --result "NO" --color GREEN + else + Display --indent 10 --text "- Insecure protocols found" --result "YES" --color RED + fi else Display --indent 8 --text "- Protocols configured" --result "NO" --color RED NGINX_SSL_SUGGESTION=1 |