[BUG] Secure Client-Initiated Renegotiation test does not detect exponential renegotiation backoff mitigation.

[Tazmaniac]

testssl.sh 3.2 branch

Command line / docker command to reproduce ASSUME_HTTP=true testssl.sh -R https://target.fr (targets to reproduce available on request)

Expected behavior "not vulnerable (OK) -- mitigated" result.

The target is using exponential backoff/throttling between each renegotiation tries. testssl.sh has no provision to detect this mitigation (compared to the python tool sslyze) and give false positive.

Here is a proposition of a simple approach to fix this: #2443

Replaced by this PR with more fixes/enhancements https://github.com/drwetter/testssl.sh/pull/2459

[drwetter]

Thanks! Do you have one or two examples for a target for me?