summaryrefslogtreecommitdiffstats
path: root/debian/patches/allow_loading_config.patch
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-15 17:11:13 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-15 17:11:13 +0000
commit070810782883ce2d58dbc97f32dafcd73281869e (patch)
tree09e86e8af6da2bad2635b24a2e9232f11d0c6047 /debian/patches/allow_loading_config.patch
parentAdding upstream version 3.2~rc3+dfsg. (diff)
downloadtestssl.sh-070810782883ce2d58dbc97f32dafcd73281869e.tar.xz
testssl.sh-070810782883ce2d58dbc97f32dafcd73281869e.zip
Adding debian version 3.2~rc3+dfsg-1.debian/3.2_rc3+dfsg-1debian
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r--debian/patches/allow_loading_config.patch107
1 files changed, 107 insertions, 0 deletions
diff --git a/debian/patches/allow_loading_config.patch b/debian/patches/allow_loading_config.patch
new file mode 100644
index 0000000..1f66aae
--- /dev/null
+++ b/debian/patches/allow_loading_config.patch
@@ -0,0 +1,107 @@
+Description: Config is presumed to be in the same dir as the script, or in ./etc/
+Author: Unit 193 <unit193@debian.org>
+Origin: vendor
+Forwarded: not-needed
+Last-Update: 2019-10-01
+
+---
+ testssl.sh | 24 ++++++++++++------------
+ 1 file changed, 12 insertions(+), 12 deletions(-)
+
+--- a/testssl.sh
++++ b/testssl.sh
+@@ -192,7 +192,7 @@ ADDTL_CA_FILES="${ADDTL_CA_FILES:-""}"
+
+ ########### Tuning vars which cannot be set by a cmd line switch. Use instead e.g "HEADER_MAXSLEEP=10 ./testssl.sh <your_args_here>"
+ #
+-TESTSSL_INSTALL_DIR="${TESTSSL_INSTALL_DIR:-""}" # If you run testssl.sh and it doesn't find it necessary file automagically set TESTSSL_INSTALL_DIR
++TESTSSL_INSTALL_DIR="${TESTSSL_INSTALL_DIR:-"/etc/testssl"}" # If you run testssl.sh and it doesn't find it necessary file automagically set TESTSSL_INSTALL_DIR
+ CA_BUNDLES_PATH="${CA_BUNDLES_PATH:-""}" # You can have your CA stores some place else
+ EXPERIMENTAL=${EXPERIMENTAL:-false} # a development hook which allows us to disable code
+ PROXY_WAIT=${PROXY_WAIT:-20} # waiting at max 20 seconds for socket reply through proxy
+@@ -2792,7 +2792,7 @@ run_hpkp() {
+ local -i i nrsaved
+ local first_hpkp_header
+ local spki
+- local ca_hashes="$TESTSSL_INSTALL_DIR/etc/ca_hashes.txt"
++ local ca_hashes="$TESTSSL_INSTALL_DIR/ca_hashes.txt"
+
+ if [[ ! -s $HEADERFILE ]]; then
+ run_http_header "$1" || return 1
+@@ -5029,9 +5029,9 @@ run_client_simulation() {
+ local client_service=""
+
+ # source the external file
+- . "$TESTSSL_INSTALL_DIR/etc/client-simulation.txt" 2>/dev/null
++ . "$TESTSSL_INSTALL_DIR/client-simulation.txt" 2>/dev/null
+ if [[ $? -ne 0 ]]; then
+- prln_local_problem "couldn't find client simulation data in $TESTSSL_INSTALL_DIR/etc/client-simulation.txt"
++ prln_local_problem "couldn't find client simulation data in $TESTSSL_INSTALL_DIR/client-simulation.txt"
+ return 1
+ fi
+
+@@ -7614,7 +7614,7 @@ determine_trust() {
+
+ # if you run testssl.sh from a different path /you can set either TESTSSL_INSTALL_DIR or CA_BUNDLES_PATH to find the CA BUNDLES
+ if [[ -z "$CA_BUNDLES_PATH" ]]; then
+- ca_bundles="$TESTSSL_INSTALL_DIR/etc/*.pem"
++ ca_bundles="$TESTSSL_INSTALL_DIR/*.pem"
+ else
+ ca_bundles="$CA_BUNDLES_PATH/*.pem"
+ fi
+@@ -8887,7 +8887,7 @@ certificate_info() {
+ local certificate_list_ordering_problem="${13}"
+ local cert_sig_algo cert_sig_hash_algo cert_key_algo cert_spki_info
+ local hostcert=""
+- local common_primes_file="$TESTSSL_INSTALL_DIR/etc/common-primes.txt"
++ local common_primes_file="$TESTSSL_INSTALL_DIR/common-primes.txt"
+ local -i lineno_matched=0
+ local cert_keyusage cert_ext_keyusage short_keyAlgo
+ local outok=true
+@@ -17956,7 +17956,7 @@ get_common_prime() {
+ local spaces="$3"
+ local pubkey dh_p=""
+ local -i subret=0
+- local common_primes_file="$TESTSSL_INSTALL_DIR/etc/common-primes.txt"
++ local common_primes_file="$TESTSSL_INSTALL_DIR/common-primes.txt"
+ local -i lineno_matched=0
+
+ "$HAS_PKEY" || return 2
+@@ -19952,16 +19952,16 @@ get_install_dir() {
+ DISPLAY_CIPHERNAMES="openssl-only"
+ debugme echo "$CIPHERS_BY_STRENGTH_FILE"
+ prln_warning "\nATTENTION: No cipher mapping file found!"
+- outln "Please note from 2.9 on $PROG_NAME needs files in \"\$TESTSSL_INSTALL_DIR/etc/\" to function correctly."
++ outln "Please note from 2.9 on $PROG_NAME needs files in \"\$TESTSSL_INSTALL_DIR/\" to function correctly."
+ outln
+ ignore_no_or_lame "Type \"yes\" to ignore this warning and proceed at your own risk" "yes"
+ [[ $? -ne 0 ]] && exit $ERR_RESOURCE
+ fi
+
+- TLS_DATA_FILE="$TESTSSL_INSTALL_DIR/etc/tls_data.txt"
++ TLS_DATA_FILE="$TESTSSL_INSTALL_DIR/tls_data.txt"
+ if [[ ! -r "$TLS_DATA_FILE" ]]; then
+ prln_warning "\nATTENTION: No TLS data file found -- needed for socket-based handshakes"
+- outln "Please note from 2.9 on $PROG_NAME needs files in \"\$TESTSSL_INSTALL_DIR/etc/\" to function correctly."
++ outln "Please note from 2.9 on $PROG_NAME needs files in \"\$TESTSSL_INSTALL_DIR/\" to function correctly."
+ outln
+ ignore_no_or_lame "Type \"yes\" to ignore this warning and proceed at your own risk" "yes"
+ [[ $? -ne 0 ]] && exit $ERR_RESOURCE
+@@ -20029,7 +20029,7 @@ find_openssl_binary() {
+ # couldn't be parsed by our openssl it bailed out here with a misleading error, see #1982.
+ # Now we try with another version of the config file and if it still fails we bail out.
+ if ! $OPENSSL version -d >/dev/null 2>&1 ; then
+- export OPENSSL_CONF="$TESTSSL_INSTALL_DIR/etc/openssl.cnf"
++ export OPENSSL_CONF="$TESTSSL_INSTALL_DIR/openssl.cnf"
+ if ! $OPENSSL version -d >/dev/null 2>&1 ; then
+ fatal "cannot exec or find any openssl binary" $ERR_OSSLBIN
+ else
+@@ -20850,7 +20850,7 @@ initialize_engine(){
+ else
+ # we have engine support. But we want to check whether an external OPENSSL_CONF was supplied.
+ # $TESTSSL_INSTALL_DIR/etc/openssl.cnf is an internal presetting, see #1982
+- if [[ -n "$OPENSSL_CONF" ]] && [[ "$OPENSSL_CONF" != "$TESTSSL_INSTALL_DIR/etc/openssl.cnf" ]]; then
++ if [[ -n "$OPENSSL_CONF" ]] && [[ "$OPENSSL_CONF" != "$TESTSSL_INSTALL_DIR/openssl.cnf" ]]; then
+ prln_warning "For now I am providing the config file to have GOST support"
+ else
+ OPENSSL_CONF=$TEMPDIR/gost.conf