Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2024-12-31 22:09:44 +01:00
Code Issues Packages Projects Releases Wiki Activity

Amendments + reordering

Browse Source 
add IDN etc. -support and David's work on determine_optimal_* functions
This commit is contained in:
Dirk Wetter 2019-11-02 10:20:57 +01:00 committed by GitHub
parent e909d4cd8c
commit 35f70f2375
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
CHANGELOG.md
View File

@ -19,16 +19,19 @@
* PFS: Display of elliptical curves supported, DH and FFDHE groups (TLS 1.2 + TLS 1.3) * PFS: Display of elliptical curves supported, DH and FFDHE groups (TLS 1.2 + TLS 1.3)
* Check for session resumption (Ticket, ID) * Check for session resumption (Ticket, ID)
* TLS Robustness check (GREASE) * TLS Robustness check (GREASE)
* Server preference distinguishes between TLS 1.3 and lower protocols
* Does a few startup checks which make later tests easier and faster (determine_optimal_\*() )
* Expect-CT Header Detection * Expect-CT Header Detection
* `--phone-out` does certificate revocation checks via OCSP (LDAP+HTTP) and with CRL * `--phone-out` does certificate revocation checks via OCSP (LDAP+HTTP) and with CRL
* `--phone-out` checks whether the private key has been compromised via https://pwnedkeys.com/ * `--phone-out` checks whether the private key has been compromised via https://pwnedkeys.com/
* Fully OpenBSD and LibreSSL support * Fully OpenBSD and LibreSSL support
* Missing SAN warning * Missing SAN warning
* Added support for private CAs * Added support for private CAs
* Man page reviewed
* Better error msg suppression (not fully installed OpenSSL)
* Way better handling of connectivity problems * Way better handling of connectivity problems
* Fixed TCP fragmentation
* Added `--ids-friendly` switch
* Exit codes better: 0 for running without error, 1+n for small errors, >240 for major errors. * Exit codes better: 0 for running without error, 1+n for small errors, >240 for major errors.
* Better error msg suppression (not fully installed OpenSSL)
* Dockerfile and repo @ docker hub with that file (see above) * Dockerfile and repo @ docker hub with that file (see above)
* Java Root CA store added * Java Root CA store added
* Better support for XMPP via STARTTLS & faster * Better support for XMPP via STARTTLS & faster
@ -36,10 +39,9 @@
* Support for NNTP via STARTTLS * Support for NNTP via STARTTLS
* Support for SNI and STARTTLS * Support for SNI and STARTTLS
* More robustness for any STARTTLS protocol (fall back to plaintext while in TLS) * More robustness for any STARTTLS protocol (fall back to plaintext while in TLS)
* Fixed TCP fragmentation
* Added `--ids-friendly` switch
* Major update of client simulations with self-collected data * Major update of client simulations with self-collected data
* IDN/IDN2 and emoji URI support (supposed libidn/idn2 is installed and DNS resolver is recent)
* Man page reviewed
### Features implemented in 2.9.5 ### Features implemented in 2.9.5