Merge branch 'master' of github.com:drwetter/testssl.sh
This commit is contained in:
commit
8756151a26
|
@ -5,8 +5,8 @@ testssl.sh is a free Unix command line tool which checks a server's service on
|
|||
any port for the support of TLS/SSL ciphers, protocols as well as some cryptographic flaws.
|
||||
It's designed to provide clear output for a "is this good or bad" decision.
|
||||
|
||||
It is working on every Linux distribution and MacOS X which has OpenSSL, /bin/bash and
|
||||
standard tools like GNU sed and awk installed.
|
||||
It is working on every Linux distribution, MacOS X and Windows (using MSYS2) which has OpenSSL,
|
||||
/bin/bash and standard tools like GNU sed and awk installed.
|
||||
|
||||
On github (here) you will find development versions of the software -- with new features and maybe some bugs. For the stable version and a more thorough description of the software please see http://testssl.sh/ .
|
||||
|
||||
|
|
24
testssl.sh
24
testssl.sh
|
@ -83,7 +83,8 @@ OSSL_VER_APPENDIX="none"
|
|||
NODEIP=""
|
||||
IPS=""
|
||||
|
||||
|
||||
# make sure that temporary files are cleaned up after use
|
||||
trap cleanup QUIT EXIT
|
||||
|
||||
out() {
|
||||
$ECHO "$1"
|
||||
|
@ -1573,7 +1574,7 @@ cleanup () {
|
|||
[ -e $HEADERFILE_BREACH ] && cat $HEADERFILE_BREACH
|
||||
#[ -e $LOGFILE ] && cat $LOGFILE
|
||||
else
|
||||
rm $TMPFILE $HEADERFILE $LOGFILE $GOST_CONF 2>/dev/null
|
||||
rm ${TMPFILE} ${HEADERFILE} ${HEADERFILE_BREACH} ${LOGFILE} ${GOST_CONF} 2>/dev/null
|
||||
fi
|
||||
outln
|
||||
outln
|
||||
|
@ -1803,56 +1804,48 @@ case "$1" in
|
|||
maketempf
|
||||
test_just_one $2
|
||||
ret=$?
|
||||
cleanup
|
||||
exit $ret ;;
|
||||
-t|--starttls)
|
||||
parse_hn_port "$2" "$3" # here comes hostname:port and protocol to signal starttls
|
||||
maketempf
|
||||
starttls "$3" # protocol
|
||||
ret=$?
|
||||
cleanup
|
||||
exit $ret ;;
|
||||
-e|--each-cipher)
|
||||
parse_hn_port "$2"
|
||||
maketempf
|
||||
allciphers
|
||||
ret=$?
|
||||
cleanup
|
||||
exit $ret ;;
|
||||
-E|-ee|--cipher-per-proto)
|
||||
parse_hn_port "$2"
|
||||
maketempf
|
||||
cipher_per_proto
|
||||
ret=$?
|
||||
cleanup
|
||||
exit $ret ;;
|
||||
-p|--protocols)
|
||||
parse_hn_port "$2"
|
||||
maketempf
|
||||
runprotocols ; ret=$?
|
||||
spdy ; ret=`expr $? + $ret`
|
||||
cleanup
|
||||
exit $ret ;;
|
||||
-f|--ciphers)
|
||||
parse_hn_port "$2"
|
||||
maketempf
|
||||
run_std_cipherlists
|
||||
ret=$?
|
||||
cleanup
|
||||
exit $ret ;;
|
||||
-P|--preference)
|
||||
parse_hn_port "$2"
|
||||
maketempf
|
||||
simple_preference
|
||||
ret=$?
|
||||
cleanup
|
||||
exit $ret ;;
|
||||
-y|--spdy|--google)
|
||||
parse_hn_port "$2"
|
||||
maketempf
|
||||
spdy
|
||||
ret=$?
|
||||
cleanup
|
||||
exit $? ;;
|
||||
-B|--heartbleet)
|
||||
parse_hn_port "$2"
|
||||
|
@ -1860,7 +1853,6 @@ case "$1" in
|
|||
outln; blue "--> Testing for heartbleed vulnerability"; outln "\n"
|
||||
heartbleed
|
||||
ret=$?
|
||||
cleanup
|
||||
exit $? ;;
|
||||
-I|--ccs|--ccs_injection)
|
||||
parse_hn_port "$2"
|
||||
|
@ -1868,7 +1860,6 @@ case "$1" in
|
|||
outln; blue "--> Testing for CCS injection vulnerability"; outln "\n"
|
||||
ccs_injection
|
||||
ret=$?
|
||||
cleanup
|
||||
exit $? ;;
|
||||
-R|--renegotiation)
|
||||
parse_hn_port "$2"
|
||||
|
@ -1876,7 +1867,6 @@ case "$1" in
|
|||
outln; blue "--> Testing for Renegotiation vulnerability"; outln "\n"
|
||||
renego
|
||||
ret=$?
|
||||
cleanup
|
||||
exit $? ;;
|
||||
-C|--compression|--crime)
|
||||
parse_hn_port "$2"
|
||||
|
@ -1884,7 +1874,6 @@ case "$1" in
|
|||
outln; blue "--> Testing for CRIME vulnerability"; outln "\n"
|
||||
crime
|
||||
ret=$?
|
||||
cleanup
|
||||
exit $? ;;
|
||||
-T|--breach)
|
||||
parse_hn_port "$2"
|
||||
|
@ -1893,7 +1882,6 @@ case "$1" in
|
|||
breach
|
||||
ret=$?
|
||||
ret=`expr $? + $ret`
|
||||
cleanup
|
||||
exit $ret ;;
|
||||
-0|--poodle)
|
||||
parse_hn_port "$2"
|
||||
|
@ -1902,21 +1890,18 @@ case "$1" in
|
|||
poodle
|
||||
ret=$?
|
||||
ret=`expr $? + $ret`
|
||||
cleanup
|
||||
exit $ret ;;
|
||||
-4|--rc4|--appelbaum)
|
||||
parse_hn_port "$2"
|
||||
maketempf
|
||||
rc4
|
||||
ret=$?
|
||||
cleanup
|
||||
exit $? ;;
|
||||
-s|--pfs|--fs|--nsa)
|
||||
parse_hn_port "$2"
|
||||
maketempf
|
||||
pfs
|
||||
ret=$?
|
||||
cleanup
|
||||
exit $ret ;;
|
||||
-H|--header|--headers)
|
||||
parse_hn_port "$2"
|
||||
|
@ -1927,7 +1912,6 @@ case "$1" in
|
|||
ret=$?
|
||||
serverbanner
|
||||
ret=`expr $? + $ret`
|
||||
cleanup
|
||||
exit $ret ;;
|
||||
*)
|
||||
parse_hn_port "$1"
|
||||
|
@ -1954,8 +1938,6 @@ case "$1" in
|
|||
|
||||
rc4 ; ret=`expr $? + $ret`
|
||||
pfs ; ret=`expr $? + $ret`
|
||||
|
||||
cleanup
|
||||
exit $ret ;;
|
||||
esac
|
||||
|
||||
|
|
Loading…
Reference in New Issue