Skip to content

Commit c67cefa

Browse files
committed
add info about error handling
1 parent 336d3c9 commit c67cefa

1 file changed

Lines changed: 8 additions & 7 deletions

File tree

testssl.sh

Lines changed: 8 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -11422,7 +11422,7 @@ starttls_postgres_dialog() {
1142211422
}
1142311423

1142411424

11425-
# RFC 2830, RFC 4511
11425+
# RFC 2251, 2830, RFC 4511
1142611426
#
1142711427
starttls_ldap_dialog() {
1142811428
local debugpad=" > "
@@ -11442,17 +11442,18 @@ starttls_ldap_dialog() {
1144211442
[[ $DEBUG -ge 4 ]] && safe_echo "$debugpad $result\n"
1144311443

1144411444
# response is typically 30 0c 02 01 01 78 07 0a 01 00 04 00 04 00
11445-
# ^^ == success! [9] is checked below
11445+
# ^^ 0 would be success in 9th byte
1144611446
#
11447-
# definitions in https://git.openldap.org/openldap/openldap/-/blob/master/include/ldap.h
11447+
# return values in https://www.rfc-editor.org/rfc/rfc2251#page-45 and e.g.
11448+
# https://git.openldap.org/openldap/openldap/-/blob/master/include/ldap.h
1144811449

1144911450
case "${result:18:2}" in
1145011451
00) ret=0 ;;
11451-
# "success"
11452-
01) ret=1
11453-
;;
11452+
# success
11453+
01) ret=1 ;;
11454+
# operationsError
1145411455
02) ret=2
11455-
# normally: unsupported extended operation (~ STARTTLS not supported)
11456+
# protocolError (text msg: "unsupported extended operation") e.g. when STARTTLS not supported
1145611457
if [[ $DEBUG -ge 2 ]]; then
1145711458
msg_lenstr=$(hex2dec ${result:26:02})
1145811459
msg_len=$((2 * msg_lenstr))

0 commit comments

Comments
 (0)