simplify few cert checks messages + hopefullt make Travis work again

t/31_badssl.com.t

@@ -14,7 +14,7 @@ my (
 );
 # OK
 pass("Running testssl.sh against badssl.com to create a baseline (may take 2~3 minutes)"); $tests++;
-my $okout = `./testssl.sh -S -e -U --jsonfile tmp.json --color 0 badssl.com`;
+my $okout = `./testssl.sh -S -e --freak --logjam --drown --rc4 --sweet32 --breach --crime --jsonfile tmp.json --color 0 badssl.com`;
 my $okjson = json('tmp.json');
 unlink 'tmp.json';
 cmp_ok(@$okjson,'>',10,"We have more then 10 findings"); $tests++;
@@ -22,14 +22,14 @@ cmp_ok(@$okjson,'>',10,"We have more then 10 findings"); $tests++;
 # Expiration
 pass("Running testssl against expired.badssl.com"); $tests++;
 $out = `./testssl.sh -S --jsonfile tmp.json --color 0 expired.badssl.com`;
-like($out, qr/Certificate Expiration\s+expired\!/,"The certificate should be expired"); $tests++;
+like($out, qr/Certificate Expiration\s+expired/,"The certificate should be expired"); $tests++;
 $json = json('tmp.json');
 unlink 'tmp.json';
 $found = 0;
 foreach my $f ( @$json ) {
-	if ( $f->{id} eq "expiration" ) {
+	if ( $f->{id} eq "cert_expiration_status" ) {
 		$found = 1;
-		like($f->{finding},qr/^Certificate Expiration.*expired\!/,"Finding reads expired."); $tests++;
+		like($f->{finding},qr/^expired/,"Finding reads expired."); $tests++;
 		is($f->{severity}, "CRITICAL", "Severity should be CRITICAL"); $tests++;
 		last;
     }
@@ -44,9 +44,10 @@ $json = json('tmp.json');
 unlink 'tmp.json';
 $found = 0;
 foreach my $f ( @$json ) {
-	if ( $f->{id} eq "expiration" ) {
+	if ( $f->{id} eq "cert_expiration_status" ) {
 		$found = 1;
-		like($f->{finding},qr/^Certificate Expiration \: \d+/,"Finding doesn't read expired."); $tests++;
+		like($f->{finding},qr/days/,"Finding doesn't read expired."); $tests++;
+# hope they don't come below 60days:
 		is($f->{severity}, "OK", "Severity should be ok"); $tests++;
 		last;
     }
@@ -56,9 +57,9 @@ is($found,1,"We had a finding for this in the JSON output"); $tests++;
 like($out, qr/Chain of trust.*?NOT ok.*\(self signed\)/,"Chain of trust should fail because of self signed"); $tests++;
 $found = 0;
 foreach my $f ( @$json ) {
-	if ( $f->{id} eq "chain_of_trust" ) {
+	if ( $f->{id} eq "cert_chain_of_trust" ) {
 	$found = 1;
-		like($f->{finding},qr/^All certificate trust checks failed/,"Finding says certificate cannot be trusted."); $tests++;
+		like($f->{finding},qr/^.*self signed/,"Finding says certificate cannot be trusted."); $tests++;
 		is($f->{severity}, "CRITICAL", "Severity should be CRITICAL"); $tests++;
 		last;
     }
@@ -68,9 +69,10 @@ is($found,1,"We had a finding for this in the JSON output"); $tests++;
 like($okout, qr/Chain of trust[^\n]*?Ok/,"Chain of trust should be ok"); $tests++;
 $found = 0;
 foreach my $f ( @$okjson ) {
-	if ( $f->{id} eq "chain_of_trust" ) {
+	if ( $f->{id} eq "cert_chain_of_trust" ) {
 		$found = 1;
-		is($f->{finding},"All certificate trust checks passed.","Finding says certificate can be trusted."); $tests++;
+		like($f->{finding},qr/passed/,"Finding says certificate can be trusted."); $tests++;
+		# is($f->{finding},"^.*passed.*","Finding says certificate can be trusted."); $tests++;
 		is($f->{severity}, "OK", "Severity should be OK"); $tests++;
 		last;
     }
@@ -102,9 +104,9 @@ $json = json('tmp.json');
 unlink 'tmp.json';
 $found = 0;
 foreach my $f ( @$json ) {
-	if ( $f->{id} eq "chain_of_trust" ) {
+	if ( $f->{id} eq "cert_chain_of_trust" ) {
 		$found = 1;
-		like($f->{finding},qr/^All certificate trust checks failed.*incomplete/,"Finding says certificate cannot be trusted."); $tests++;
+		like($f->{finding},qr/^.*chain incomplete/,"Finding says certificate cannot be trusted."); $tests++;
 		is($f->{severity}, "CRITICAL", "Severity should be CRITICAL"); $tests++;
 		last;
     }
@@ -121,7 +123,7 @@ is($found,1,"We had a finding for this in the JSON output"); $tests++;
 #unlink 'tmp.json';
 #$found = 0;
 #foreach my $f ( @$json ) {
-#	if ( $f->{id} eq "chain_of_trust" ) {
+#	if ( $f->{id} eq "cert_chain_of_trust" ) {
 #		$found = 1;
 #		like($f->{finding},qr/^All certificate trust checks failed.*incomplete/,"Finding says certificate cannot be trusted."); $tests++;
 #		is($f->{severity}, "CRITICAL", "Severity should be CRITICAL"); $tests++;

testssl.sh

@@ -5788,10 +5788,7 @@ determine_trust() {
           # all stores ok
           pr_done_good "Ok   "; pr_warning "$addtl_warning"
           # we did to stdout the warning above already, so we could stay here with OK:
-          [[ -z "$addtl_warning" ]] && \
-               fileout "${json_prefix}${json_postfix}" "OK" "All certificate trust checks passed" || \
-               fileout "${json_prefix}${json_postfix}" "OK" "All certificate trust checks passed. $addtl_warning"
-          # The "." is otherwise confusing
+          fileout "${json_prefix}${json_postfix}" "OK" "passed. $addtl_warning"
      else
           # at least one failed
           pr_svrty_critical "NOT ok"
@@ -5804,7 +5801,7 @@ determine_trust() {
                else
                     out "$code"
                fi
-               fileout "${json_prefix}${json_postfix}" "CRITICAL" "All certificate trust checks failed: $code. $addtl_warning"
+               fileout "${json_prefix}${json_postfix}" "CRITICAL" "failed $code. $addtl_warning"
           else
                # is one ok and the others not ==> display the culprit store
                if "$some_ok"; then
@@ -5832,7 +5829,7 @@ determine_trust() {
                     [[ "$DEBUG" -eq 0 ]] && tm_out "$spaces"
                     pr_done_good "OK: $ok_was"
                fi
-               fileout "${json_prefix}${json_postfix}" "CRITICAL" "Some certificate trust checks failed : OK : $ok_was  NOT ok: $notok_was $addtl_warning"
+               fileout "${json_prefix}${json_postfix}" "CRITICAL" "Some certificate trust checks failed -> $notok_was $addtl_warning, OK -> $ok_was"
           fi
           [[ -n "$addtl_warning" ]] && out "\n$spaces" && pr_warning "$addtl_warning"
      fi