Fix: determine SSL/TLS support on services #1176
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Scanner failed to determine SSL/TLS support on services requiring a client certificate. Now the variable trp is passed to the function to be set. Test: `sudo openvas-nasl -X -B -d -i ./ -t zero.webappsecurity.com find_service.nasl --kb="Ports/tcp/443=1"` without the patch, I have seen like the transport key stores a random integer (trp not set/initiliazed) `lib misc-Message: 13:59:08.804: set key Transports/TCP/443 -> 109136` with the patch, the transport key is set with the right value: `lib misc-Message: 14:02:51.355: set key Transports/TCP/443 -> 9`
Kraemii
approved these changes
Aug 24, 2022
mergify bot
pushed a commit
that referenced
this pull request
Aug 24, 2022
Scanner failed to determine SSL/TLS support on services requiring a client certificate. Now the variable trp is passed to the function to be set. Test: `sudo openvas-nasl -X -B -d -i ./ -t zero.webappsecurity.com find_service.nasl --kb="Ports/tcp/443=1"` without the patch, I have seen like the transport key stores a random integer (trp not set/initiliazed) `lib misc-Message: 13:59:08.804: set key Transports/TCP/443 -> 109136` with the patch, the transport key is set with the right value: `lib misc-Message: 14:02:51.355: set key Transports/TCP/443 -> 9` (cherry picked from commit 710066d)
jjnicola
added a commit
that referenced
this pull request
Aug 25, 2022
Scanner failed to determine SSL/TLS support on services requiring a client certificate. Now the variable trp is passed to the function to be set. Test: `sudo openvas-nasl -X -B -d -i ./ -t zero.webappsecurity.com find_service.nasl --kb="Ports/tcp/443=1"` without the patch, I have seen like the transport key stores a random integer (trp not set/initiliazed) `lib misc-Message: 13:59:08.804: set key Transports/TCP/443 -> 109136` with the patch, the transport key is set with the right value: `lib misc-Message: 14:02:51.355: set key Transports/TCP/443 -> 9` (cherry picked from commit 710066d) Co-authored-by: Juan José Nicola <juan.nicola@greenbone.net>
Merged
Note that this seems to also affect other kind of SSL/TLS services, not only the ones requiring a client certificate |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What:
Scanner failed to determine SSL/TLS support on services requiring a client certificate.
Jira: SC-659
Why:
Now the variable trp is passed to the function to be set.
How:
sudo openvas-nasl -X -B -d -i ./ -t zero.webappsecurity.com find_service.nasl --kb="Ports/tcp/443=1"without the patch, I have seen like the transport key stores a random integer (trp not set/initiliazed)
lib misc-Message: 13:59:08.804: set key Transports/TCP/443 -> 109136with the patch, the transport key is set with the right value:
lib misc-Message: 14:02:51.355: set key Transports/TCP/443 -> 9Checklist: