Merge remote-tracking branch 'drwetter/2.9dev' into 2.9dev
This commit is contained in:
commit
490818e931
13
CREDITS.md
13
CREDITS.md
|
@ -27,10 +27,19 @@
|
|||
- Detection + output of multiple certificates
|
||||
- several cleanups of server certificate related stuff
|
||||
- several fixes
|
||||
- improved parsing of TLS ServerHello messages
|
||||
- speed improvements when testing all ciphers
|
||||
- completing parsing of TLS ServerHello messages
|
||||
- testssl.sh -e: testing with a mixture of openssl + sockets
|
||||
- finding more TLS extensions via sockets
|
||||
- extensive CN <--> hostname check
|
||||
- seperate check for curves
|
||||
- RFC 7919, key shares extension
|
||||
|
||||
* Thomas Patzke:
|
||||
- Support of supplying timeout value for openssl connect
|
||||
|
||||
* Oleksandr Nosenko
|
||||
- non-flat JSON support
|
||||
- in file output (CSV, JSON flat, JSON non-flat) support of a minimum severity level
|
||||
|
||||
- Christoph Badura
|
||||
- NetBSD fixes
|
||||
|
|
|
@ -50,9 +50,12 @@ Update notification here or @ [twitter](https://twitter.com/drwetter).
|
|||
#### Features implemented in [2.9dev](Readme.md#devel)
|
||||
* Support of supplying timeout value for ``openssl connect`` -- useful for batch/mass scanning
|
||||
* TLS 1.2 protocol check via socket
|
||||
* Further TLS socket improvements (Handshake parsing, robustness)
|
||||
* Further TLS socket improvements (handshake parsing, completeness, robustness)
|
||||
* non-flat JSON support
|
||||
* in file output (CSV, JSON flat, JSON non-flat) support of a minimum severity level (only above supplied level there will be output)
|
||||
* testing 359 default ciphers (``testssl.sh -e``) with a mixture of sockets and openssl. Same speed as with openssl only but addtional ciphers such as post-quantum ciphers, new CHAHA20/POLY1305, CamelliaGCM etc.
|
||||
* finding more TLS extensions via sockets
|
||||
* TLS Supported Groups Registry (RFC 7919), key shares extension
|
||||
|
||||
|
||||
#### Features planned in 2.9dev
|
||||
|
|
|
@ -327,8 +327,8 @@
|
|||
0x00,0x26 - EXP-KRB5-DES-CBC-SHA TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA SSLv3 Kx=KRB5 Au=KRB5 Enc=DES(40) Mac=SHA1 export
|
||||
0x00,0x2A - EXP-KRB5-RC2-CBC-MD5 TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5 SSLv3 Kx=KRB5 Au=KRB5 Enc=RC2(40) Mac=MD5 export
|
||||
0x00,0x29 - EXP-KRB5-DES-CBC-MD5 TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5 SSLv3 Kx=KRB5 Au=KRB5 Enc=DES(40) Mac=MD5 export
|
||||
0x00,0x0B - - TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA SSLv3 Kx=DH/DSS Au=DH Enc=DES(40) Mac=SHA1 export
|
||||
0x00,0x0E - - TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA SSLv3 Kx=DH/RSA Au=DH Enc=DES(40) Mac=SHA1 export
|
||||
0x00,0x0B - EXP-DH-DSS-DES-CBC-SHA TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA SSLv3 Kx=DH/DSS Au=DH Enc=DES(40) Mac=SHA1 export
|
||||
0x00,0x0E - EXP-DH-RSA-DES-CBC-SHA TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA SSLv3 Kx=DH/RSA Au=DH Enc=DES(40) Mac=SHA1 export
|
||||
0x00,0x17 - EXP-ADH-RC4-MD5 TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 SSLv3 Kx=DH(512) Au=None Enc=RC4(40) Mac=MD5 export
|
||||
0x00,0x03 - EXP-RC4-MD5 TLS_RSA_EXPORT_WITH_RC4_40_MD5 SSLv3 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export
|
||||
0x02,0x00,0x80 - EXP-RC4-MD5 SSL_CK_RC4_128_EXPORT40_WITH_MD5 SSLv2 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export
|
||||
|
|
938
testssl.sh
938
testssl.sh
File diff suppressed because it is too large
Load Diff
Loading…
Reference in New Issue