Minor: Improve TLS/SSL checks:

Allowing testssl.sh to check the URI and display the associated errors.
rfc-st · Nov 18, 2023 · f6df0e1 · f6df0e1
1 parent 4e97012
commit f6df0e1
Show file tree

Hide file tree

Showing 4 changed files with 18 additions and 24 deletions.
diff --git a/README.md b/README.md
@@ -4,7 +4,7 @@
 <a target="_blank" href="https://www.python.org/downloads/" title="Minimum Python version required to run this tool"><img src="https://img.shields.io/badge/Python-%3E%3D3.9-blue?labelColor=343b41"></a>
 <a target="_blank" href="LICENSE" title="License of this tool"><img src="https://img.shields.io/badge/License-MIT-blue.svg?labelColor=343b41"></a>
 <a target="_blank" href="https://github.com/rfc-st/humble/releases" title="Latest release of this tool"><img src="https://img.shields.io/github/v/release/rfc-st/humble?display_name=release&label=Latest%20release&labelColor=343b41"></a>
-<a target="_blank" href="https://github.com/rfc-st/humble/commits/master" title="Latest commit of this tool"><img src="https://img.shields.io/badge/Latest_Commit-2023--11--17-blue.svg?labelColor=343b41"></a>
+<a target="_blank" href="https://github.com/rfc-st/humble/commits/master" title="Latest commit of this tool"><img src="https://img.shields.io/badge/Latest_Commit-2023--11--18-blue.svg?labelColor=343b41"></a>
 <a target="_blank" href="https://github.com/rfc-st/humble/actions?query=workflow%3ACodeQL" title="Results of the last analysis of this tool with CodeQL"><img src="https://github.com/rfc-st/humble/workflows/CodeQL/badge.svg"></a>
 <a target="_blank" href="https://owasp.org/www-project-secure-headers/#div-technical" title="Tool accepted as a technical resource for OWASP"><img src="https://img.shields.io/badge/OWASP-Resource-blue?labelColor=343b41"></a>
 <a target="_blank" href="https://www.kali.org/tools/humble/" title="Tool accepted in Kali"><img src="https://img.shields.io/badge/Kali%20Linux-Tool-blue?labelColor=343b41"></a>

diff --git a/humble.py b/humble.py
@@ -40,7 +40,6 @@
 from fpdf import FPDF
 from time import time
 from datetime import datetime
-from urllib.parse import urlparse
 from os import linesep, path, remove
 from colorama import Fore, Style, init
 from collections import Counter, defaultdict
@@ -85,7 +84,7 @@
 
 export_date = datetime.now().strftime("%Y%m%d")
 now = datetime.now().strftime("%Y/%m/%d - %H:%M:%S")
-version = datetime.strptime('2023-11-17', '%Y-%m-%d').date()
+version = datetime.strptime('2023-11-18', '%Y-%m-%d').date()
 
 
 class PDF(FPDF):
@@ -293,21 +292,10 @@ def testssl_params(directory, uri):
     testssl_file = path.join(directory, 'testssl.sh')
     if not path.isfile(testssl_file):
         sys.exit(f"\n{get_detail('[notestssl_path]')}")
-    elif not testsst_check_uri(uri):
-        print("")
-        sys.exit(get_detail('[kotestssl_uri]'))
     else:
         testssl_analysis(testssl_file, uri)
 
 
-def testsst_check_uri(uri):
-    try:
-        parsed_uri = urlparse(uri)
-        return all([parsed_uri.scheme, parsed_uri.netloc])
-    except ValueError:
-        return False
-
-
 def testssl_analysis(testssl_file, uri):
     # Check './testssl.sh --help' to choose your preferred options:
     # -p: checks TLS/SSL protocols (including SPDY/HTTP2)
@@ -319,13 +307,25 @@ def testssl_analysis(testssl_file, uri):
         process = subprocess.Popen(command, shell=True,
                                    stdout=subprocess.PIPE,
                                    stderr=subprocess.PIPE, text=True)
-        for line in iter(process.stdout.readline, ''):
+        while True:
+            line = process.stdout.readline()
+            if not line:
+                break
             print(line, end='')
+
             if 'Done' in line:
                 process.terminate()
+                process.wait()
                 sys.exit()
+
+        stdout, stderr = process.communicate()
+
+        if stdout:
+            print(stdout)
+        if stderr:
+            print(stderr)
     except subprocess.CalledProcessError as e:
-        print(f"Command stderr: {e.stderr}")
+        print(e.stderr)
     except Exception as e:
         print(f"Error running testssl analysis!: {e}")
 

diff --git a/i10n/details.txt b/i10n/details.txt
@@ -1160,7 +1160,4 @@ Windows is excluded in this analysis (it should work with Cygwin//MSYS2/WSL but
 '-o json' currently requires '-b'.
 
 [notestssl_path]
-Error: 'testssl.sh' is not found in that PATH.
-
-[kotestssl_uri]
-Error: The URL may be incorrect; please check it.
+Error: 'testssl.sh' is not found in that PATH.
diff --git a/i10n/details_es.txt b/i10n/details_es.txt
@@ -1160,7 +1160,4 @@ Windows está excluido en este análisis (debería funcionar con Cygwin//MSYS2/W
 '-o json' requiere, por ahora, '-b'.
 
 [notestssl_path]
-Error: no ha encontrado 'testssl.sh' en esa ruta.
-
-[kotestssl_uri]
-Error: La URL puede ser incorrecta; por favor, revísala.
+Error: no ha encontrado 'testssl.sh' en esa ruta.