@@ -5216,7 +5216,7 @@ run_client_simulation() {
52165216 fi
52175217 if [[ $sclient_success -eq 0 ]]; then
52185218 # If an ephemeral DH key was used, check that the number of bits is within range.
5219- temp=$(awk -F': ' '/^Server Temp Key/ { print $2 }' "$TMPFILE") # extract line
5219+ temp=$(awk -F': ' '/^Server Temp Key|^Peer Temp Key / { print $2 }' "$TMPFILE") # extract line
52205220 what_dh="${temp%%,*}"
52215221 bits="${temp##*, }"
52225222 # formatting
@@ -6706,7 +6706,7 @@ pr_cipher_quality() {
67066706read_dhtype_from_file() {
67076707 local temp kx
67086708
6709- temp=$(awk -F': ' '/^Server Temp Key/ { print $2 }' "$1") # extract line
6709+ temp=$(awk -F': ' '/^Server Temp Key|^Peer Temp Key|^Negotiated TLS1.3 group / { print $2 }' "$1") # extract line
67106710 kx="Kx=${temp%%,*}"
67116711 [[ "$kx" == "Kx=X25519" ]] && kx="Kx=ECDH"
67126712 [[ "$kx" == "Kx=X448" ]] && kx="Kx=ECDH"
@@ -6739,7 +6739,7 @@ read_dhbits_from_file() {
67396739 local add=""
67406740 local old_fart=" (your $OPENSSL cannot show DH bits)"
67416741
6742- temp=$(awk -F': ' '/^Server Temp Key/ { print $2 }' "$1") # extract line
6742+ temp=$(awk -F': ' '/^Server Temp Key|^Peer Temp Key|^Negotiated TLS1.3 group / { print $2 }' "$1") # extract line
67436743 what_dh="${temp%%,*}"
67446744 bits="${temp##*, }"
67456745 curve="${temp#*, }"
@@ -10910,7 +10910,7 @@ run_fs() {
1091010910 [[ -z "$curves_to_test" ]] && break
1091110911 $OPENSSL s_client $(s_client_options "$proto -cipher "\'${ecdhe_cipher_list:1}\'" -ciphersuites "\'${tls13_cipher_list:1}\'" -curves "${curves_to_test:1}" $STARTTLS $BUGS -connect $NODEIP:$PORT $PROXY $SNI") &>$TMPFILE </dev/null
1091210912 sclient_connect_successful $? $TMPFILE || break
10913- temp=$(awk -F': ' '/^Server Temp Key/ { print $2 }' "$TMPFILE")
10913+ temp=$(awk -F': ' '/^Server Temp Key|^Peer Temp Key|^Negotiated TLS1.3 group / { print $2 }' "$TMPFILE")
1091410914 curve_found="${temp%%,*}"
1091510915 if [[ "$curve_found" == ECDH ]]; then
1091610916 curve_found="${temp#*, }"
@@ -10943,7 +10943,7 @@ run_fs() {
1094310943 done
1094410944 $OPENSSL s_client $(s_client_options "$proto -cipher "\'${ecdhe_cipher_list:1}\'" -ciphersuites "\'${tls13_cipher_list:1}\'" -curves "${curves_to_test:1}" $STARTTLS $BUGS -connect $NODEIP:$PORT $PROXY $SNI") &>$TMPFILE </dev/null
1094510945 sclient_connect_successful $? $TMPFILE || break
10946- temp=$(awk -F': ' '/^Server Temp Key/ { print $2 }' "$TMPFILE")
10946+ temp=$(awk -F': ' '/^Server Temp Key|^Peer Temp Key|^Negotiated TLS1.3 group / { print $2 }' "$TMPFILE")
1094710947 curve_found="${temp%%,*}"
1094810948 if [[ "$curve_found" == ECDH ]]; then
1094910949 curve_found="${temp#*, }"
@@ -22354,7 +22354,7 @@ determine_optimal_proto() {
2235422354
2235522355 debugme echo "OPTIMAL_PROTO: $OPTIMAL_PROTO"
2235622356 fi
22357- [[ "$optimal_proto" != -ssl2 ]] && ! "$all_failed" && grep -q '^Server Temp Key' $TMPFILE && HAS_DH_BITS=true # FIX #190
22357+ [[ "$optimal_proto" != -ssl2 ]] && ! "$all_failed" && grep -Eq '^Server Temp Key|^Peer Temp Key|^Negotiated TLS1.3 group ' $TMPFILE && HAS_DH_BITS=true # FIX #190
2235822358 if [[ "$(has_server_protocol "tls1_3")" -eq 0 ]] && [[ "$(has_server_protocol "tls1_2")" -ne 0 ]] &&
2235922359 [[ "$(has_server_protocol "tls1_1")" -ne 0 ]] && [[ "$(has_server_protocol "tls1")" -ne 0 ]] &&
2236022360 [[ "$(has_server_protocol "ssl3")" -ne 0 ]]; then
0 commit comments