ironcamel · August 29, 2015 13:58
diff --git a/README.md b/README.md
diff --git a/ssl-heartbleed-check.pl b/ssl-heartbleed-check.pl
 #!/usr/bin/env perl
 use strict;
 use warnings;
 use Net::SSLeay ();
 use Time::ParseDate;

 sub print_color {
    my ($color, $text) = @_;
    print "\e[${color}m$text\e[m\n";
 }

 my $ssl_ver = Net::SSLeay::SSLeay();
 my $ssl_ver_text = Net::SSLeay::SSLeay_version(0);
 my $ssl_cflags = Net::SSLeay::SSLeay_version(2);
 my $ssl_built_on = Net::SSLeay::SSLeay_version(3);

 print "$ssl_ver_text\n";
 #printf "SSL version 0x%x %d.%d.%d%s\nCFLAGS=%s\nBUILT_ON=%s\n",
 #    $ssl_ver,
 #    ($ssl_ver >> 28) & 0xff,
 #    ($ssl_ver >> 20) & 0xff,
 #    ($ssl_ver >> 12) & 0xff,
 #    do { my $minor = ($ssl_ver >> 4) & 0xff; $minor ? chr(96+$minor) : '' },
 #    $ssl_cflags,
 #    $ssl_built_on;

 # TODO : openssl may be dynamically linked, so the version reported by
 # Net::SSLeay may not match the real version installed

 if (
    (
        $ssl_ver_text =~ /^OpenSSL 1\.0\.(?:1[a-f]?|2-beta1)(?:-fips)? /
        || ($ssl_ver >= 0x10001000 && $ssl_ver <= 0x1000106f)
        || $ssl_ver == 0x10002001
    )
    && $ssl_cflags !~ / -DOPENSSL_NO_HEARTBEATS /
 ) {
    (my $build_time = $ssl_built_on) =~ s/^[^:]*: *//;
    # the unix time 1396828800 is 2014-04-07 00:00:00
    my $recently_built = parsedate($build_time) > 1396828800;
    if ( $recently_built ) {
        print_color "1;33", "Version number indicates vulnerable,"
            . " but your build is recent so may be patched.";
    } else {
        print_color "1;31", "Vulnerable to heartbleed!";
    }
    exit 1;
 } else {
    print_color "1;32", "Not vulnerable to heartbleed.";
    #print_color "1;33", "Maybe not vulnerable to heartbleed.";
 }
	#!/usr/bin/env perl
	use strict;
	use warnings;
	use Net::SSLeay ();
	use Time::ParseDate;

	sub print_color {
	my ($color, $text) = @_;
	print "\e[${color}m$text\e[m\n";
	}

	my $ssl_ver = Net::SSLeay::SSLeay();
	my $ssl_ver_text = Net::SSLeay::SSLeay_version(0);
	my $ssl_cflags = Net::SSLeay::SSLeay_version(2);
	my $ssl_built_on = Net::SSLeay::SSLeay_version(3);

	print "$ssl_ver_text\n";
	#printf "SSL version 0x%x %d.%d.%d%s\nCFLAGS=%s\nBUILT_ON=%s\n",
	# $ssl_ver,
	# ($ssl_ver >> 28) & 0xff,
	# ($ssl_ver >> 20) & 0xff,
	# ($ssl_ver >> 12) & 0xff,
	# do { my $minor = ($ssl_ver >> 4) & 0xff; $minor ? chr(96+$minor) : '' },
	# $ssl_cflags,
	# $ssl_built_on;

	# TODO : openssl may be dynamically linked, so the version reported by
	# Net::SSLeay may not match the real version installed

	if (
	(
	$ssl_ver_text =~ /^OpenSSL 1\.0\.(?:1[a-f]?\|2-beta1)(?:-fips)? /
	\|\| ($ssl_ver >= 0x10001000 && $ssl_ver <= 0x1000106f)
	\|\| $ssl_ver == 0x10002001
	)
	&& $ssl_cflags !~ / -DOPENSSL_NO_HEARTBEATS /
	) {
	(my $build_time = $ssl_built_on) =~ s/^[^:]: //;
	# the unix time 1396828800 is 2014-04-07 00:00:00
	my $recently_built = parsedate($build_time) > 1396828800;
	if ( $recently_built ) {
	print_color "1;33", "Version number indicates vulnerable,"
	. " but your build is recent so may be patched.";
	} else {
	print_color "1;31", "Vulnerable to heartbleed!";
	}
	exit 1;
	} else {
	print_color "1;32", "Not vulnerable to heartbleed.";
	#print_color "1;33", "Maybe not vulnerable to heartbleed.";
	}