nabla-c0d3
commented
9 months ago Nice catch! Thanks for the detailed report and PR 👍👍
Closed FestiveKyle closed 9 months ago
nabla-c0d3
commented
9 months ago Nice catch! Thanks for the detailed report and PR 👍👍
nabla-c0d3
commented
9 months ago Fixed in v5.2.0.
Describe the bug
If a server requests a client cert but then closes the connection, the scan will never finish. The issue occurs at _detect_client_auth_requirement_with_tls_1_3 under check_connectivity_to_server during the ssl_connection_auth.ssl_client.read(1) step. The client throws an IOError here which doesn't get caught.
Expected behavior
The error would be caught and shown in the results.
Looking at _detect_support_for_tls_1_3, this error would be caught under OSError, perhaps this could be added to _detect_client_auth_requirement_with_tls_1_3 as well?
Python environment (please complete the following information):
Additional context
Image of error: