diff --git a/Readme.md b/Readme.md index 51904dc..d36cc62 100644 --- a/Readme.md +++ b/Readme.md @@ -59,7 +59,8 @@ Update notification here or @ [twitter](https://twitter.com/drwetter). * LUCKY13 and SWEET32 checks * LOGJAM: now checking also for known DH parameters * Check for CAA RR -* better formatting of output +* better formatting of output (indentation) +* native HTML support instead going through 'aha' * choice showing the RFC naming scheme only diff --git a/t/100_report_structure.t b/t/100_report_structure.t new file mode 100644 index 0000000..5fdfb47 --- /dev/null +++ b/t/100_report_structure.t @@ -0,0 +1,53 @@ +#!/usr/bin/env perl + +use strict; +use Test::More; +use Data::Dumper; +use JSON; + +my ( + $out, + $json, + $json_pretty, + $found, + $tests +); + +$tests = 0; + +#1 +pass("Running testssl.sh against badssl.com to create a JSON report with severity level equal greater than LOW (may take 2~3 minutes)"); $tests++; +$out = `./testssl.sh -S -e -U --jsonfile tmp.json --severity LOW --color 0 badssl.com`; +$json = json('tmp.json'); +$found = 0; +cmp_ok(@$json,'>',0,"At least 1 finding is expected"); $tests++; +foreach my $f ( @$json ) { + if ( $f->{severity} eq "INFO" ) { + $found = 1; + last; + } +} +is($found,0,"We should not have any finding with INFO level"); $tests++; + +#2 +pass("Running testssl.sh against badssl.com to create a JSON-PRETTY report with severity level equal greater than LOW (may take 2~3 minutes)"); $tests++; +$out = `./testssl.sh -S -e -U --jsonfile-pretty tmp.json --severity LOW --color 0 badssl.com`; +$json_pretty = json('tmp.json'); +$found = 0; +my $vulnerabilities = $json_pretty->{scanResult}->[0]->{vulnerabilities}; +foreach my $f ( @$vulnerabilities ) { + if ( $f->{severity} eq "INFO" ) { + $found = 1; + last; + } +} +is($found,0,"We should not have any finding with INFO level"); $tests++; + +done_testing($tests); + +sub json($) { + my $file = shift; + $file = `cat $file`; + unlink $file; + return from_json($file); +} \ No newline at end of file diff --git a/testssl.sh b/testssl.sh index 850cd53..ae6fede 100755 --- a/testssl.sh +++ b/testssl.sh @@ -957,7 +957,7 @@ fileout() { # ID, SEVERITY, FINDING, CVE, CWE, HINT local cwe="$5" local hint="$6" - if show_finding "$severity"; then + if ( "$do_pretty_json" && [[ "$1" == "service" ]] ) || show_finding "$severity"; then local finding=$(strip_lf "$(newline_to_spaces "$(strip_quote "$3")")") is_json_format && (fileout_json_finding "$1" "$severity" "$finding" "$cve" "$cwe" "$hint")