Added explicit support for TLS v1.3

From 8d20bf3b790991a33c0ab721a2746ec222a74f2a Mon Sep 17 00:00:00 2001 From: Parker Ellertson <pellertson@firemail.cc> Date: Tue, 2 Jun 2020 15:06:34 -0700 Subject: [PATCH bollux] Added explicit support for TLS v1.3
author: Parker Ellertson 2020-06-02 15:16:28 -0700
committer: Case Duckworth 2020-06-02 21:56:54 -0500
commit: a3422e7ef823f06e462805f17f8de35d6958f0d4 (patch)
tree: 711aae314dbc3892273852b094852fe7953b09e0
parent: Add wip (diff)
download: bollux-a3422e7ef823f06e462805f17f8de35d6958f0d4.tar.gz
bollux-a3422e7ef823f06e462805f17f8de35d6958f0d4.zip
1 files changed, 9 insertions, 3 deletions
diff --git a/bollux b/bollux
index 68eade9..0bb7391 100755
--- a/bollux
+++ b/bollux

@@ -304,9 +304,15 @@ request_url() {
        local port="$2"
        local url="$3"
-        ssl_cmd=(openssl s_client -crlf -quiet -connect "$server:$port")
+        # support for TLS v1.3 and v1.2
-        ssl_cmd+=(-servername "$server") # SNI
+        ssl_cmd_tls1_2=(openssl s_client -tls1_2 -crlf -quiet -connect "$server:$port")
-        run "${ssl_cmd[@]}" <<<"$url" 2>/dev/null
+        ssl_cmd_tls1_3=(openssl s_client -tls1_3 -crlf -quiet -connect "$server:$port")
+        
+        ssl_cmd_tls1_2+=(-servername "$server") # SNI
+        ssl_cmd_tls1_3+=(-servername "$server") # SNI
+        # always try to connect with TLS v1.3 first
+        run "${ssl_cmd_tls1_3[@]}" <<<"$url" 2>/dev/null || run "${ssl_cmd_tls1_2[@]}" <<< "$url" 2>/dev/null
 }
 handle_response() {
author	Parker Ellertson	2020-06-02 15:16:28 -0700
committer	Case Duckworth	2020-06-02 21:56:54 -0500
commit	a3422e7ef823f06e462805f17f8de35d6958f0d4 (patch)
tree	711aae314dbc3892273852b094852fe7953b09e0
parent	Add wip (diff)
download	bollux-a3422e7ef823f06e462805f17f8de35d6958f0d4.tar.gz bollux-a3422e7ef823f06e462805f17f8de35d6958f0d4.zip