update to also reflect dcooper16's work

This commit is contained in:
Dirk 2017-05-17 18:56:07 +02:00
parent a3c318655d
commit 83b3be5636
2 changed files with 34 additions and 31 deletions

View File

@ -21,24 +21,25 @@
- JSON and CSV output
- CA pinning
- Client simulations
- CI integration, test cases for it
- CI integration, some test cases for it
* David Cooper
- Detection + output of multiple certificates
- several cleanups of server certificate related stuff
- several fixes
- completing parsing of TLS ServerHello messages
- testssl.sh -e: testing with a mixture of openssl + sockets
- extended parsing of TLS ServerHello messages
- testssl.sh -e/-E: testing with a mixture of openssl + sockets
- finding more TLS extensions via sockets
- extensive CN <--> hostname check
- extensive CN+SAN <--> hostname check
- seperate check for curves
- RFC 7919, key shares extension
- parallel mass testing!
- numerous fixes
* Thomas Patzke:
- Support of supplying timeout value for openssl connect
* Oleksandr Nosenko
- non-flat JSON support
- non-flat JSON support (--json-pretty)
- in file output (CSV, JSON flat, JSON non-flat) support of a minimum severity level
- Christoph Badura
@ -93,15 +94,16 @@
* @nvsofts (NV)
- LibreSSL patch for GOST
* Markus Manzke:
* Markus Manzke
- Fix for HSTS + subdomains
- LibreSSL patch
* Dmitri S
- inspiration & help for Darwin port
* Bug reports:
- Viktor Szépe, Olivier Paroz, Jan H. Terstegge, Lorenz Adena, Jonathon Rossi, Stefan Stidl, Frank Breedijk
Others I forgot to mention which did give me feedback, bug reports and helped one way or another.
##### Last but not least:
@ -109,5 +111,5 @@
* Ivan Ristic/Qualys for the liberal license which made it possible to use the client data
* my family for supporting me doing this work
* My family for supporting me doing this work

View File

@ -56,7 +56,7 @@ Update notification here or @ [twitter](https://twitter.com/drwetter).
* Non-flat JSON support
* File output (CSV, JSON flat, JSON non-flat) supports a minimum severity level (only above supplied level there will be output)
* Native HTML support instead going through 'aha'
* Testing 359 default ciphers (``testssl.sh -e``) with a mixture of sockets and openssl. Same speed as with openssl only but addtional ciphers such as post-quantum ciphers, new CHAHA20/POLY1305, CamelliaGCM etc.
* Testing 359 default ciphers (``testssl.sh -e/-E``) with a mixture of sockets and openssl. Same speed as with openssl only but addtional ciphers such as post-quantum ciphers, new CHAHA20/POLY1305, CamelliaGCM etc.
* LUCKY13 and SWEET32 checks
* Ticketbleed check
* LOGJAM: now checking also for known DH parameters
@ -65,8 +65,9 @@ Update notification here or @ [twitter](https://twitter.com/drwetter).
* Check for session resumption (Ticket, ID)
* Better formatting of output (indentation)
* Choice showing the RFC naming scheme only
* Parallel mass testing
#### Features planned in 2.9dev
#### Further features planned in 2.9dev
https://github.com/drwetter/testssl.sh/issues?q=is%3Aopen+is%3Aissue+milestone%3A2.9dev
@ -89,8 +90,8 @@ Help is needed here.
#### Bug reports
Please file bugs in the issue tracker. Do not forget to provide detailed information,
see https://github.com/drwetter/testssl.sh/wiki/Bug-reporting. (Nobody can read your
thoughts -- yet. And only agencies your screen) ;-)
see https://github.com/drwetter/testssl.sh/wiki/Bug-reporting. Nobody can read your
thoughts -- yet. And only agencies your screen ;-)
----