From d55eeae308f6901ba6d0886676bf484eb364ed66 Mon Sep 17 00:00:00 2001
From: Julien Vehent <julien@linuxwall.info>
Date: Wed, 17 Jul 2013 15:06:34 -0400
Subject: [PATCH] Doc + cleanup

---
 CiphersScan.sh | 8 ++++----
 README.md      | 4 ++++
 2 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/CiphersScan.sh b/CiphersScan.sh
index b3e5fb4..a03dc62 100755
--- a/CiphersScan.sh
+++ b/CiphersScan.sh
@@ -2,8 +2,8 @@
 
 DOBENCHMARK=0
 BENCHMARKITER=10
-#OPENSSLBIN="/home/ulfr/Code/openssl/apps/openssl"
-OPENSSLBIN=$(which openssl)
+OPENSSLBIN="/home/ulfr/Code/openssl/apps/openssl"
+#OPENSSLBIN=$(which openssl)
 REQUEST="GET / HTTP/1.1
 Host: $TARGET
 
@@ -22,12 +22,12 @@ verbose() {
 test_cipher_on_target() {
     local sslcommand=$@
     local tmp=$(mktemp)
-    $sslcommand 1>$tmp 2>/dev/null << EOF
+    $sslcommand 1>"$tmp" 2>/dev/null << EOF
 $REQUEST
 EOF
     # Parse the result
     result=$(grep "New, " $tmp|awk '{print $5}')
-    rm $tmp
+    rm "$tmp"
     if [ "$result" == '(NONE)' ]; then
         verbose "handshake failed, server returned ciphersuite '$result'"
         return 1
diff --git a/README.md b/README.md
index ce19d95..d6b254e 100644
--- a/README.md
+++ b/README.md
@@ -6,3 +6,7 @@ Run: ./CipherScan.sh www.google.com:443 -v
 And watch.
 
 Edit the script if you need more (disable benchmarking by setting DOBENCHMARK to 0).
+
+The newer your version of openssl, the better results you'll get. Older versions
+of OpenSSL don't support TLS1.2 ciphers, elliptic curves, etc... Build Your Own!
+