@@ -8015,9 +8015,9 @@ get_server_certificate() {
80158015 [[ $(has_server_protocol "tls1_3") -eq 1 ]] && return 1
80168016 if "$HAS_TLS13" && "$HAS_SIGALGS" && [[ ! "$1" =~ tls1_3_EdDSA ]]; then
80178017 if [[ "$1" =~ tls1_3_RSA ]]; then
8018- $OPENSSL s_client $(s_client_options "$STARTTLS $BUGS -showcerts -connect $NODEIP:$PORT $PROXY $SNI -tls1_3 -tlsextdebug -status -msg -sigalgs PSS+SHA256:PSS+SHA384") </dev/null 2>$ERRFILE >$TMPFILE
8018+ $OPENSSL s_client $(s_client_options "$STARTTLS $BUGS -showcerts -connect $NODEIP:$PORT $PROXY $SNI -tls1_3 -tlsextdebug -status -msg -sigalgs PSS+SHA256:PSS+SHA384:PSS+SHA512:rsa_pss_pss_sha256:rsa_pss_pss_sha384:rsa_pss_pss_sha512 ") </dev/null 2>$ERRFILE >$TMPFILE
80198019 elif [[ "$1" =~ tls1_3_ECDSA ]]; then
8020- $OPENSSL s_client $(s_client_options "$STARTTLS $BUGS -showcerts -connect $NODEIP:$PORT $PROXY $SNI -tls1_3 -tlsextdebug -status -msg -sigalgs ECDSA+SHA256:ECDSA+SHA384") </dev/null 2>$ERRFILE >$TMPFILE
8020+ $OPENSSL s_client $(s_client_options "$STARTTLS $BUGS -showcerts -connect $NODEIP:$PORT $PROXY $SNI -tls1_3 -tlsextdebug -status -msg -sigalgs ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512 ") </dev/null 2>$ERRFILE >$TMPFILE
80218021 else
80228022 return 1
80238023 fi
@@ -8031,7 +8031,7 @@ get_server_certificate() {
80318031 if [[ "$STARTTLS" =~ irc ]]; then
80328032 return 1
80338033 elif [[ "$1" =~ tls1_3_RSA ]]; then
8034- tls_sockets "04" "$TLS13_CIPHER" "all+" "00,12,00,00, 00,05,00,05,01,00,00,00,00, 00,0d,00,10 ,00,0e ,08,04,08,05,08,06,04,01,05,01,06,01,02,01"
8034+ tls_sockets "04" "$TLS13_CIPHER" "all+" "00,12,00,00, 00,05,00,05,01,00,00,00,00, 00,0d,00,16 ,00,14 ,08,04,08,05,08,06,04,01,05,01,06,01,02,01,08,09,08,0a,08,0b "
80358035 elif [[ "$1" =~ tls1_3_ECDSA ]]; then
80368036 tls_sockets "04" "$TLS13_CIPHER" "all+" "00,12,00,00, 00,05,00,05,01,00,00,00,00, 00,0d,00,0a,00,08,04,03,05,03,06,03,02,03"
80378037 elif [[ "$1" =~ tls1_3_EdDSA ]]; then
0 commit comments