testssl.sh/CHANGELOG.txt


2.0 includes:

* major release, new features:
  * SNI
  * STARTTLS fully supported
  * RC4 check
  * (P)FS check
  * SPDY check
  * color codes make more sense now
  * cipher hexcodes are shown
  * tests ciphers per protocol 
  * HSTS
  * web and application server banner 
  * server prefereences
  * TLS server extensions
  * server key size
  * cipher suite mapping from openssl to RFC 
  * heartbleed check
  * CCS injection check

---------------------
Details:

1.106
- minor fixes

1.105
- NEW: working prototype for CCS injection

1.104
- NEW: everywhere *also* RFC style ciphers -- if the mapping file is found
- unitary calls to display cipher suites

1.103
- NEW: telnet support for STARTTLS (works only with a patched openssl version)
  --> not tested (lack of server)

1.102
- NEW: test for BREACH (experimental)

1.101
- BUGFIX: muted too verbose output of which on CentOS/RHEL
- BUGFIX: muted too verbose output of netcat/nc on CentOS/RHEL+Debian

1.100
- further cleanup
  - starttls now tests allciphers() instead of cipher_per_proto
      (normal use case makes most sense here)
  - ENV J_POSITIV --> SHOW_EACH_C
- finding mapping-rfc.txt is now a bit smarter
- preparations for ChaCha20-Poly1305 (would have provided binaries but
  "openssl s_client -connect" with that ciphersuite fails currently with 
  a handshake error though client and server hello succeeded!)

1.99
- BUGFIX: now really really everywhere testing the IP with supplied name
- locking out openssl < 0.9.8f, new function called "old_fart" ;-)
- FEATURE: displaying PTR record of IP
- FEATURE: displaying further IPv4/IPv6 addresses 
- bit of a cleanup

1.98
- http_header is in total only called once
- better parsing of default protocol (FIXME shouldn't appear anymore)

1.97
- reduced sleep time for server hello and payload reply (heartbleed)

1.96
- NEW: (experimental) heartbleed support with bash sockets (shell only SSL handshake!)
  see also https://testssl.sh/bash-heartbleed.sh

1.95 (2.0rc3)
- changed cmdline options for CRIME and renego vuln to uppercase
- NEW: displays server key size now
- NEW: displays TLS server extensions (might kill old openssl versions)
- brown warning if HSTS < 180 days
- brown warning if SSLv3 is offered as default protocol

1.94
- NEW: prototype of mapping to RFC cipher suite names, needed file mapping-rfc.txt in same dir
  as of now only used for 'testssl.sh -V'
- internal renaming: it was supposed to be "cipherlists" instead of "ciphersuites"
- additional tests for cipherlists DES, 3DES, ADH

1.93
- BUGFIX: removed space in Server banner fixed (at the expense of showing just nothing if Server string is empty)

1.92
- BUGFIX: fixed error of faulty detected empty server string

1.91
- replaced most lcyan to brown (=not really bad but somehow)
- empty server string better displayed
- prefered CBC TLS 1.2 cipher is now brown (lucky13)

1.90
- fix for netweaver banner (server is lowercase)
- no server banner is no disadvantage (color code)
- 1 more blank proto check
- server preference is better displayed

1.89
- reordered! : protocols + cipher come first
- colorized prefered server preference (e.g. CBC+RC4 is light red now, TLSv1.2 green)
- SSLv3 is now light cyan
- NEW: -P|--preference now in help menu
- light cyan is more appropriate than red for HSTS

1.88
- NEW: prototype for protocol and cipher preference
- prototype for session ticket

1.87
- changed just the version string to rc1

1.86
 - NEW: App banner now production, except 2 liners
 - DEBUG: 1 is now true as everywhere else
 - CRIME+Renego prettier
 - last optical polish for RC4, PFS

1.85
 - NEW: appbanner (also 2 lines like asp.net)
 - OSSL_VER_MAJOR/MINOR/APPENDIX
 - less bold because bold headlines as bold should be reserved for emphasize findings
 - tabbed output also for protocols and cipher classes
 - unify neat printing

1.84
 - NEW: deprecating openssl version <0.98
 - displaying a warning >= 0.98 < 1.0
 - NEW: neat print also for all ciphers (-E,-e)

1.83
- BUGFIX: results from unit test: logical error in PFS+RC4 fixed
- headline of -V / PFS+RC4 ciphers unified

1.82
- NEW: output for -V now better (bits seperate, spacing improved)

1.81
- output for RC4+PFS now better (with headline, bits seperate, spacing improved)
- both also sorted by encr. strength .. umm ..err bits!

1.80
- order of finding supplied binary extended (first one wins):
  1. use supplied variable $OPENSSL
  2. use "openssl" in same path as testssl.sh
  3. use "openssl.`uname -m`" in same path as testssl.sh
  4. use anything in system $PATH (return value of "which"

1.79
- STARTTLS options w/o trailing 's' now (easier)
- commented code for CRIME SPDY
- issue a warning for openssl < 0.9.7 ( that version won't work anyway probably)
- NPN protos as a global var
- pretty print with fixed columns: PFS, RC4, allciphers, cipher_per_proto

1.78
- -E, -e now sorted by encryption strength (note: it's only encr key length)
- -V now pretty prints all local ciphers
- -V <pattern> now pretty prints all local ciphers matching pattern (plain string, no regex)
- bugfix: SSLv2 cipher hex codes has 3 bytes!

1.77
- removed legacy code (PROD_REL var)

1.76
- bash was gone!! desaster for Ubuntu, fixed
- starttls+rc4 check: bottom line was wrong
- starttls had too much output (certificate) at first a/v check

1.75
- location is now https://testssl.sh
- be nice: banner, version, help also works for BSD folks (on dash)
- bug in server banner fixed
- sneaky referer and user agent possible

1.74
- Debian 7 fix
- ident obsoleted

1.72
- removed obsolete GREP
- SWURL/SWCONTACT
- output for positive RC4 better

1.71
- workaround for buggy bash (RC4)
- colors improved
  - blue is now reserved for headline
  - magenta for local probs
  - in RC4 removal of SSL protocol provided by openssl

1.70
- DEBUG in http_headers now as expected
- <?xml marker as HTML body understood

1.69
- HTTP 1.1 header
- removed in each cipher the proto openssl is returning
+ NEW: cipher_per_proto

1.68
- header parser for openssl
- HSTS
- server banner string
- vulnerabilities closer+condensed

1.68
- header parser for openssl
- HSTS
- server banner string
- vulnerabilities closer+condensed

1.67
- signal green if no SSLv3
- cipher hex code now in square brackets  


[..]


1.36
* fixed issue while connecting to non-webservers

1.35
* fixed portability issue on Ubuntu

1.34
* ip(v4) address in output, helps to tell different systems apart later on
* local hostname in output

1.31 (Halloween Release)
* bugfix: SSLv2 was kind of borken
* now it works for sure but ssl protocol are kind of ugly

1.30b (25.10.2012)
* bugfix: TLS 1.1/1.2 may lead to false negatives
* bugfix: CMDLINE -a/-e was misleading, now similar to help menu

1.3 (10/13/2012)
* can test now for cipher suites only
* can test now for protocols suites only
* tests for tls v1.1/v1.2 of local openssl supports it
* commandline "all "is rename to "each-cipher"
* banner when it's done

1.21a (10/4/2012)
* tests whether openssl has support for zlib compiled so that it avoids a false negative

1.21 (10/4/2012)
* CRIME support

1.20b
* bugfixed release

1.20a
* code cleanup
* showciphers variable introduced: only show ciphers if this is set (it is by
  default now and there's a comment
* openssl version + path to it in the banner


1.20
* bugfix (ssl in ssl handshake failure is sometimes too much)
* date in output
* autodetection of CVS version removed

1.19
* bugfix

1.18
* Rearragement of arguments: URL comes now always last!
* small code cleanups for readability
* individual cipher test is now with bold headline, not blue
* NOPARANOID flag tells whether medium grade ciphers are ok. NOW they are (=<1.17 was paranoid)

1.17
* SSL tests now for renegotiation vulnerabilty!
* version detection of testssl.sh
* program has a banner
* fixed bug leading to a file named "1"
* comment for 128Bit ciphers

1.16
* major code cleanups
* cmd line options: port is now in first argument!!
* help is more verbose
* check whether on other server side is ssl server listening
* https:// can be now supplied also on the command line
* test all ciphers now
* new cleanup routine
* -a does not do standard test afterward, you need to run testssl a second
  time w/o -a if you want this 

1.12
* tests also medium grade ciphers (which you should NOT use)
* tests now also high grade ciphers which you SHOULD ONLY use
* switch for more verbose output of cipher for those cryptographically interested .
  in rows: SSL version, Key eXchange, Authentication, Encryption and Message Authentication Code
* this is per default enabled (provide otherwise "" as VERB_CLIST)
* as a courtesy I am providing 64+32 Linux binaries for testing 56 Bit ciphers

1.11 
* Hint for howto enable 56 Bit Ciphers 
* possible to specify where openssl is (hardcoded, $ENV, last resort: auto)
* warns if netcat is not there

1.10 
* somewhat first released version
- first try to commit here 2014-07-01 16:28:16 +02:00
			`2.0 includes:`

			`* major release, new features:`
			`* SNI`
			`* STARTTLS fully supported`
			`* RC4 check`
			`* (P)FS check`
			`* SPDY check`
			`* color codes make more sense now`
			`* cipher hexcodes are shown`
			`* tests ciphers per protocol`
			`* HSTS`
			`* web and application server banner`
			`* server prefereences`
			`* TLS server extensions`
			`* server key size`
			`* cipher suite mapping from openssl to RFC`
			`* heartbleed check`
			`* CCS injection check`

			`---------------------`
			`Details:`

			`1.106`
			`- minor fixes`

			`1.105`
			`- NEW: working prototype for CCS injection`

			`1.104`
			`- NEW: everywhere also RFC style ciphers -- if the mapping file is found`
			`- unitary calls to display cipher suites`

			`1.103`
			`- NEW: telnet support for STARTTLS (works only with a patched openssl version)`
			`--> not tested (lack of server)`

			`1.102`
			`- NEW: test for BREACH (experimental)`

			`1.101`
			`- BUGFIX: muted too verbose output of which on CentOS/RHEL`
			`- BUGFIX: muted too verbose output of netcat/nc on CentOS/RHEL+Debian`

			`1.100`
			`- further cleanup`
			`- starttls now tests allciphers() instead of cipher_per_proto`
			`(normal use case makes most sense here)`
			`- ENV J_POSITIV --> SHOW_EACH_C`
			`- finding mapping-rfc.txt is now a bit smarter`
			`- preparations for ChaCha20-Poly1305 (would have provided binaries but`
			`"openssl s_client -connect" with that ciphersuite fails currently with`
			`a handshake error though client and server hello succeeded!)`

			`1.99`
			`- BUGFIX: now really really everywhere testing the IP with supplied name`
			`- locking out openssl < 0.9.8f, new function called "old_fart" ;-)`
			`- FEATURE: displaying PTR record of IP`
			`- FEATURE: displaying further IPv4/IPv6 addresses`
			`- bit of a cleanup`

			`1.98`
			`- http_header is in total only called once`
			`- better parsing of default protocol (FIXME shouldn't appear anymore)`

			`1.97`
			`- reduced sleep time for server hello and payload reply (heartbleed)`

			`1.96`
			`- NEW: (experimental) heartbleed support with bash sockets (shell only SSL handshake!)`
			`see also https://testssl.sh/bash-heartbleed.sh`

			`1.95 (2.0rc3)`
			`- changed cmdline options for CRIME and renego vuln to uppercase`
			`- NEW: displays server key size now`
			`- NEW: displays TLS server extensions (might kill old openssl versions)`
			`- brown warning if HSTS < 180 days`
			`- brown warning if SSLv3 is offered as default protocol`

			`1.94`
			`- NEW: prototype of mapping to RFC cipher suite names, needed file mapping-rfc.txt in same dir`
			`as of now only used for 'testssl.sh -V'`
			`- internal renaming: it was supposed to be "cipherlists" instead of "ciphersuites"`
			`- additional tests for cipherlists DES, 3DES, ADH`

			`1.93`
			`- BUGFIX: removed space in Server banner fixed (at the expense of showing just nothing if Server string is empty)`

			`1.92`
			`- BUGFIX: fixed error of faulty detected empty server string`

			`1.91`
			`- replaced most lcyan to brown (=not really bad but somehow)`
			`- empty server string better displayed`
			`- prefered CBC TLS 1.2 cipher is now brown (lucky13)`

			`1.90`
			`- fix for netweaver banner (server is lowercase)`
			`- no server banner is no disadvantage (color code)`
			`- 1 more blank proto check`
			`- server preference is better displayed`

			`1.89`
			`- reordered! : protocols + cipher come first`
			`- colorized prefered server preference (e.g. CBC+RC4 is light red now, TLSv1.2 green)`
			`- SSLv3 is now light cyan`
			`- NEW: -P\|--preference now in help menu`
			`- light cyan is more appropriate than red for HSTS`

			`1.88`
			`- NEW: prototype for protocol and cipher preference`
			`- prototype for session ticket`

			`1.87`
			`- changed just the version string to rc1`

			`1.86`
			`- NEW: App banner now production, except 2 liners`
			`- DEBUG: 1 is now true as everywhere else`
			`- CRIME+Renego prettier`
			`- last optical polish for RC4, PFS`

			`1.85`
			`- NEW: appbanner (also 2 lines like asp.net)`
			`- OSSL_VER_MAJOR/MINOR/APPENDIX`
			`- less bold because bold headlines as bold should be reserved for emphasize findings`
			`- tabbed output also for protocols and cipher classes`
			`- unify neat printing`

			`1.84`
			`- NEW: deprecating openssl version <0.98`
			`- displaying a warning >= 0.98 < 1.0`
			`- NEW: neat print also for all ciphers (-E,-e)`

			`1.83`
			`- BUGFIX: results from unit test: logical error in PFS+RC4 fixed`
			`- headline of -V / PFS+RC4 ciphers unified`

			`1.82`
			`- NEW: output for -V now better (bits seperate, spacing improved)`

			`1.81`
			`- output for RC4+PFS now better (with headline, bits seperate, spacing improved)`
			`- both also sorted by encr. strength .. umm ..err bits!`

			`1.80`
			`- order of finding supplied binary extended (first one wins):`
			`1. use supplied variable $OPENSSL`
			`2. use "openssl" in same path as testssl.sh`
			3. use "openssl.`uname -m`" in same path as testssl.sh
			`4. use anything in system $PATH (return value of "which"`

			`1.79`
			`- STARTTLS options w/o trailing 's' now (easier)`
			`- commented code for CRIME SPDY`
			`- issue a warning for openssl < 0.9.7 ( that version won't work anyway probably)`
			`- NPN protos as a global var`
			`- pretty print with fixed columns: PFS, RC4, allciphers, cipher_per_proto`

			`1.78`
			`- -E, -e now sorted by encryption strength (note: it's only encr key length)`
			`- -V now pretty prints all local ciphers`
			`- -V <pattern> now pretty prints all local ciphers matching pattern (plain string, no regex)`
			`- bugfix: SSLv2 cipher hex codes has 3 bytes!`

			`1.77`
			`- removed legacy code (PROD_REL var)`

			`1.76`
			`- bash was gone!! desaster for Ubuntu, fixed`
			`- starttls+rc4 check: bottom line was wrong`
			`- starttls had too much output (certificate) at first a/v check`

			`1.75`
			`- location is now https://testssl.sh`
			`- be nice: banner, version, help also works for BSD folks (on dash)`
			`- bug in server banner fixed`
			`- sneaky referer and user agent possible`

			`1.74`
			`- Debian 7 fix`
			`- ident obsoleted`

			`1.72`
			`- removed obsolete GREP`
			`- SWURL/SWCONTACT`
			`- output for positive RC4 better`

			`1.71`
			`- workaround for buggy bash (RC4)`
			`- colors improved`
			`- blue is now reserved for headline`
			`- magenta for local probs`
			`- in RC4 removal of SSL protocol provided by openssl`

			`1.70`
			`- DEBUG in http_headers now as expected`
			`- <?xml marker as HTML body understood`

			`1.69`
			`- HTTP 1.1 header`
			`- removed in each cipher the proto openssl is returning`
			`+ NEW: cipher_per_proto`

			`1.68`
			`- header parser for openssl`
			`- HSTS`
			`- server banner string`
			`- vulnerabilities closer+condensed`

			`1.68`
			`- header parser for openssl`
			`- HSTS`
			`- server banner string`
			`- vulnerabilities closer+condensed`

			`1.67`
			`- signal green if no SSLv3`
			`- cipher hex code now in square brackets`


			`[..]`


			`1.36`
			`* fixed issue while connecting to non-webservers`

			`1.35`
			`* fixed portability issue on Ubuntu`

			`1.34`
			`* ip(v4) address in output, helps to tell different systems apart later on`
			`* local hostname in output`

			`1.31 (Halloween Release)`
			`* bugfix: SSLv2 was kind of borken`
			`* now it works for sure but ssl protocol are kind of ugly`

			`1.30b (25.10.2012)`
			`* bugfix: TLS 1.1/1.2 may lead to false negatives`
			`* bugfix: CMDLINE -a/-e was misleading, now similar to help menu`

			`1.3 (10/13/2012)`
			`* can test now for cipher suites only`
			`* can test now for protocols suites only`
			`* tests for tls v1.1/v1.2 of local openssl supports it`
			`* commandline "all "is rename to "each-cipher"`
			`* banner when it's done`

			`1.21a (10/4/2012)`
			`* tests whether openssl has support for zlib compiled so that it avoids a false negative`

			`1.21 (10/4/2012)`
			`* CRIME support`

			`1.20b`
			`* bugfixed release`

			`1.20a`
			`* code cleanup`
			`* showciphers variable introduced: only show ciphers if this is set (it is by`
			`default now and there's a comment`
			`* openssl version + path to it in the banner`


			`1.20`
			`* bugfix (ssl in ssl handshake failure is sometimes too much)`
			`* date in output`
			`* autodetection of CVS version removed`

			`1.19`
			`* bugfix`

			`1.18`
			`* Rearragement of arguments: URL comes now always last!`
			`* small code cleanups for readability`
			`* individual cipher test is now with bold headline, not blue`
			`* NOPARANOID flag tells whether medium grade ciphers are ok. NOW they are (=<1.17 was paranoid)`

			`1.17`
			`* SSL tests now for renegotiation vulnerabilty!`
			`* version detection of testssl.sh`
			`* program has a banner`
			`* fixed bug leading to a file named "1"`
			`* comment for 128Bit ciphers`

			`1.16`
			`* major code cleanups`
			`* cmd line options: port is now in first argument!!`
			`* help is more verbose`
			`* check whether on other server side is ssl server listening`
			`* https:// can be now supplied also on the command line`
			`* test all ciphers now`
			`* new cleanup routine`
			`* -a does not do standard test afterward, you need to run testssl a second`
			`time w/o -a if you want this`

			`1.12`
			`* tests also medium grade ciphers (which you should NOT use)`
			`* tests now also high grade ciphers which you SHOULD ONLY use`
			`* switch for more verbose output of cipher for those cryptographically interested .`
			`in rows: SSL version, Key eXchange, Authentication, Encryption and Message Authentication Code`
			`* this is per default enabled (provide otherwise "" as VERB_CLIST)`
			`* as a courtesy I am providing 64+32 Linux binaries for testing 56 Bit ciphers`

			`1.11`
			`* Hint for howto enable 56 Bit Ciphers`
			`* possible to specify where openssl is (hardcoded, $ENV, last resort: auto)`
			`* warns if netcat is not there`

			`1.10`
			`* somewhat first released version`