The target is using exponential backoff/throttling between each renegotiation tries.
testssl.sh has no provision to detect this mitigation (compared to the python tool sslyze) and give false positive.
Here is a proposition of a simple approach to fix this: #2443
testssl.sh 3.2 branch
Command line / docker command to reproduce ASSUME_HTTP=true testssl.sh -R https://target.fr (targets to reproduce available on request)
Expected behavior "not vulnerable (OK) -- mitigated" result.
The target is using exponential backoff/throttling between each renegotiation tries. testssl.sh has no provision to detect this mitigation (compared to the python tool sslyze) and give false positive.
Here is a proposition of a simple approach to fix this: #2443Replaced by this PR with more fixes/enhancements https://github.com/drwetter/testssl.sh/pull/2459