From f4b837d919b41b2cfb60c7b6cd85a81d590d0b5b Mon Sep 17 00:00:00 2001 From: bol-van Date: Sat, 11 Dec 2021 12:08:05 +0300 Subject: [PATCH] blockcheck: curl detect TLS libraries without tls-max support --- blockcheck.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/blockcheck.sh b/blockcheck.sh index 359caa1..a743fad 100755 --- a/blockcheck.sh +++ b/blockcheck.sh @@ -143,6 +143,8 @@ curl_supports_tls13() } curl_supports_tlsmax() { + # supported only in OpenSSL + curl --version | grep -q OpenSSL || return 1 # supported since curl 7.54 curl --tls-max 1.2 -Is -o /dev/null http://$LOCALHOST_IPT:65535 2>/dev/null # return code 2 = init failed. likely bad command line options @@ -526,6 +528,8 @@ ask_params() ENABLE_HTTP=1 ask_yes_no_var ENABLE_HTTP "check http" + [ -n "$TLSMAX12" ] || echo "WARNING ! your curl version or TLS library does not support tls-max option. TLS 1.2 tests may use TLS 1.3+ protocols" + ENABLE_HTTPS_TLS12=1 ask_yes_no_var ENABLE_HTTPS_TLS12 "check https tls 1.2"