Skip to content

Commit b360960

Browse files
committed
remove unnecessary "if" statements and remove break from "if" statements
1 parent 355b9d2 commit b360960

1 file changed

Lines changed: 15 additions & 23 deletions

File tree

testssl.sh

Lines changed: 15 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -10873,22 +10873,18 @@ run_fs() {
1087310873
[[ $i -eq $high ]] && break
1087410874
supported_curve[i]=true
1087510875
done
10876-
while true; do
10877-
# Versions of TLS prior to 1.3 close the connection if the client does not support the curve
10878-
# used in the certificate. The easiest solution is to move the curves to the end of the list.
10879-
# instead of removing them from the ClientHello. This is only needed if there is no RSA certificate.
10880-
if ((! "$HAS_TLS13" || [[ "$proto" == "-no_tls1_3" ]]) && [[ ! "$ecdhe_cipher_list" == *RSA* ]]) || break; then
10876+
# Versions of TLS prior to 1.3 close the connection if the client does not support the curve
10877+
# used in the certificate. The easiest solution is to move the curves to the end of the list.
10878+
# instead of removing them from the ClientHello. This is only needed if there is no RSA certificate.
10879+
if (! "$HAS_TLS13" || [[ "$proto" == "-no_tls1_3" ]]) && [[ ! "$ecdhe_cipher_list" == *RSA* ]]; then
10880+
while true; do
1088110881
curves_to_test=""
1088210882
for (( i=low; i < high; i++ )); do
10883-
if ! "${curves_deprecated[i]}"; then
10884-
"${ossl_supported[i]}" && ! "${supported_curve[i]}" && curves_to_test+=":${curves_ossl[i]}"
10885-
fi
10883+
"${ossl_supported[i]}" && ! "${supported_curve[i]}" && curves_to_test+=":${curves_ossl[i]}"
1088610884
done
1088710885
[[ -z "$curves_to_test" ]] && break
1088810886
for (( i=low; i < high; i++ )); do
10889-
if ! "${curves_deprecated[i]}"; then
10890-
"${supported_curve[i]}" && curves_to_test+=":${curves_ossl[i]}"
10891-
fi
10887+
"${supported_curve[i]}" && curves_to_test+=":${curves_ossl[i]}"
1089210888
done
1089310889
$OPENSSL s_client $(s_client_options "$proto -cipher "\'${ecdhe_cipher_list:1}\'" -ciphersuites "\'${tls13_cipher_list:1}\'" -curves "${curves_to_test:1}" $STARTTLS $BUGS -connect $NODEIP:$PORT $PROXY $SNI") &>$TMPFILE </dev/null
1089410890
sclient_connect_successful $? $TMPFILE || break
@@ -10909,8 +10905,8 @@ run_fs() {
1090910905
done
1091010906
[[ $i -eq $high ]] && break
1091110907
supported_curve[i]=true
10912-
fi
10913-
done
10908+
done
10909+
fi
1091410910
done
1091510911
done
1091610912
fi
@@ -10950,19 +10946,15 @@ run_fs() {
1095010946
# Versions of TLS prior to 1.3 close the connection if the client does not support the curve
1095110947
# used in the certificate. The easiest solution is to move the curves to the end of the list.
1095210948
# instead of removing them from the ClientHello. This is only needed if there is no RSA certificate.
10953-
while true; do
10954-
if ([[ "$proto" == 03 ]] && [[ ! "$ecdhe_cipher_list" == *RSA* ]]) || break; then
10949+
if ([[ "$proto" == 03 ]] && [[ ! "$ecdhe_cipher_list" == *RSA* ]]); then
10950+
while true; do
1095510951
curves_to_test=""
1095610952
for (( i=0; i < nr_curves; i++ )); do
10957-
if ! "${curves_deprecated[i]}" || [[ "$proto" == 03 ]]; then
10958-
! "${supported_curve[i]}" && curves_to_test+=", ${curves_hex[i]}"
10959-
fi
10953+
! "${supported_curve[i]}" && curves_to_test+=", ${curves_hex[i]}"
1096010954
done
1096110955
[[ -z "$curves_to_test" ]] && break
1096210956
for (( i=0; i < nr_curves; i++ )); do
10963-
if ! "${curves_deprecated[i]}" || [[ "$proto" == 03 ]]; then
10964-
"${supported_curve[i]}" && curves_to_test+=", ${curves_hex[i]}"
10965-
fi
10957+
"${supported_curve[i]}" && curves_to_test+=", ${curves_hex[i]}"
1096610958
done
1096710959
len1=$(printf "%02x" "$((2*${#curves_to_test}/7))")
1096810960
len2=$(printf "%02x" "$((2*${#curves_to_test}/7+2))")
@@ -10980,8 +10972,8 @@ run_fs() {
1098010972
done
1098110973
[[ $i -eq $nr_curves ]] && break
1098210974
supported_curve[i]=true
10983-
fi
10984-
done
10975+
done
10976+
fi
1098510977
done
1098610978
fi
1098710979
if "$ecdhe_offered"; then

0 commit comments

Comments
 (0)