Skip to content

Commit

Permalink
Merge pull request rbsec#299 from jtesta/certificate_retrieval_fix
Browse files Browse the repository at this point in the history
Fixed certificate parsing against some servers. (rbsec#298)
  • Loading branch information
rbsec authored Nov 14, 2023
2 parents d84ca17 + 561591d commit 6b6140d
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions sslscan.c
Original file line number Diff line number Diff line change
Expand Up @@ -1869,6 +1869,9 @@ int testCipher(struct sslCheckOptions *options, const SSL_METHOD *sslMethod)
// This enables TLS SNI
SSL_set_tlsext_host_name (ssl, options->sniname);

// Against some servers, this is required for a successful SSL_connect(), below.
SSL_set_options(ssl, SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION);

// Connect SSL over socket
cipherStatus = SSL_connect(ssl);
printf_verbose("SSL_connect() returned: %d\n", cipherStatus);
Expand Down Expand Up @@ -2033,6 +2036,9 @@ int checkCertificate(struct sslCheckOptions *options, const SSL_METHOD *sslMetho
SSL_set_tlsext_host_name (ssl, options->sniname);
#endif

// Against some servers, this is required for a successful SSL_connect(), below.
SSL_set_options(ssl, SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION);

// Connect SSL over socket
SSL_connect(ssl);
// Setup BIO's
Expand Down

0 comments on commit 6b6140d

Please sign in to comment.