Fix: an issue where supported protocols are not unique

adedayo · Jun 13, 2019 · 9adf3a5 · 9adf3a5
1 parent cd63f34
commit 9adf3a5
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 1 deletion.
diff --git a/pkg/model/models.go b/pkg/model/models.go
@@ -137,7 +137,6 @@ func (cc *CipherConfig) getAuthPerf() int {
 		return 10
 	case "SRP":
 		return 10
-
 	}
 	if strings.Contains(cc.Cipher, "SCSV") {
 		//these are signalling ciphers just return a large multiplier

diff --git a/pkg/tlsscan.go b/pkg/tlsscan.go
@@ -229,6 +229,20 @@ func scanHost(hostPort tlsmodel.HostAndPort, config tlsmodel.ScanConfig, serverN
 		for res := range mergeHandShakeChannels(handshakeChannels...) {
 			process(res, &result)
 		}
+
+		//ensure supported protocols are unique
+		if len(result.SupportedProtocols) > 1 {
+			protocols := make(map[uint16]bool)
+			for _, p := range result.SupportedProtocols {
+				protocols[p] = true
+			}
+			supported := []uint16{}
+			for p := range protocols {
+				supported = append(supported, p)
+			}
+			result.SupportedProtocols = supported
+		}
+
 		sort.Sort(uint16Sorter(result.SupportedProtocols))
 
 		//check support for TLS_FALLBACK_SCSV