Skip to content

Commit 7792936

Browse files
jampetejampete
committed
Update Collectors.cs
Fixes the issue when there is a client or server key created for the TLS setting but no enabled or DisabledByDefault sub keys or values defined.
1 parent f66e21a commit 7792936

File tree

1 file changed

+8
-2
lines changed

1 file changed

+8
-2
lines changed

SQLCheck/SQLCheck/Collectors.cs

Lines changed: 8 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -860,11 +860,17 @@ public static void CollectTLS(DataSet ds)
860860
TLS["TLSVersion"] = tlsVersion;
861861
defVal = tlsInfo.GetComputerDefault(tlsVersion, cs);
862862
TLS["Defaultvalue"] = defVal;
863-
temp = Registry.GetValue($@"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\{tlsVersion}\{cs}", "Enabled", "");
863+
if (Registry.GetValue($@"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\{tlsVersion}\{cs}", "Enabled", null) == null)
864+
temp = null;
865+
else
866+
temp = Registry.GetValue($@"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\{tlsVersion}\{cs}", "Enabled", "");
864867
if (tlsVersion == "TLS 1.3" && temp != null) isTLS13KeyPresent = true;
865868
enVal = temp == null ? "" : ((temp.ToInt() != 0) ? $"True " : "False") + $" (0x{temp.ToInt().ToString("X8")})" + CheckTLS(tlsVersion, "Enabled", temp.ToInt());
866869
TLS["EnabledValue"] = enVal;
867-
temp = Registry.GetValue($@"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\{tlsVersion}\{cs}", "DisabledByDefault", "");
870+
if (Registry.GetValue($@"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\{tlsVersion}\{cs}", "DisabledByDefault", null) == null)
871+
temp = null;
872+
else
873+
temp = Registry.GetValue($@"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\{tlsVersion}\{cs}", "DisabledByDefault", "");
868874
if (tlsVersion == "TLS 1.3" && temp != null) isTLS13KeyPresent = true;
869875
disVal = temp == null ? "" : ((temp.ToInt() != 0) ? $"True " : "False") + $" (0x{temp.ToInt().ToString("X8")})" + CheckTLS(tlsVersion, "DisabledByDefault", temp.ToInt());
870876
TLS["DisabledByDefaultValue"] = disVal;

0 commit comments

Comments
 (0)