Infinite hang on some domains (even with short timeout)

nabla-c0d3 / sslyze

Fast and powerful SSL/TLS scanning library.

GNU Affero General Public License v3.0

3.28k stars 454 forks source link

Infinite hang on some domains (even with short timeout) #217

Closed konklone closed 7 years ago

konklone commented 7 years ago

This command hangs forever for me, on Debian using sslyze 1.1.0:

sslyze --regular empowhr.gov

Adding a --timeout=1 flag doesn't help, either. It's not clear why it's hanging. https://empowhr.gov responds and loads quickly in Chrome.

ericrange commented 7 years ago

perhabs the same issue as #213

konklone commented 7 years ago

Looks like expanding --regular to its full set of flags, and then removing --heartbleed, was enough to fix this. Unclear why the Heartbleed scan might be hanging indefinitely on certain domains.

dylanjbarth commented 6 years ago

I am still able to replicate this issue with 1.3.4. @nabla-c0d3 just sent you an email with a domain to try.

nabla-c0d3 commented 6 years ago

@dylanjbarth the issue you are running into is #286 ; the server you sent me dies under the number of concurrent connections initiated by SSLyze. It will be fixed in the next release if you use --slow_connection when running the tool.