Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-01-11 11:10:57 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'drwetter/2.9dev' into 2.9dev

Browse Source
This commit is contained in:
AlGreed 2017-03-19 19:07:03 +01:00
commit ac6cde964e
2 changed files with 852 additions and 1375 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
Readme.md
View File

@ -49,19 +49,20 @@ Update notification here or @ [twitter](https://twitter.com/drwetter).
#### Features implemented in [2.9dev](Readme.md#devel) #### Features implemented in [2.9dev](Readme.md#devel)
* Support of supplying timeout value for ``openssl connect`` -- useful for batch/mass scanning * Support of supplying timeout value for ``openssl connect`` -- useful for batch/mass scanning
* TLS 1.2 protocol check via socket * TLS 1.2 protocol check via socket
* Further TLS socket improvements (handshake parsing, completeness, robustness) * Further tests via TLS sockets and improvements (handshake parsing, completeness, robustness)
* non-flat JSON support * Finding more TLS extensions via sockets
* in file output (CSV, JSON flat, JSON non-flat) support of a minimum severity level (only above supplied level there will be output) * Using bash sockets where ever possible
* testing 359 default ciphers (``testssl.sh -e``) with a mixture of sockets and openssl. Same speed as with openssl only but addtional ciphers such as post-quantum ciphers, new CHAHA20/POLY1305, CamelliaGCM etc.
* finding more TLS extensions via sockets
* TLS Supported Groups Registry (RFC 7919), key shares extension * TLS Supported Groups Registry (RFC 7919), key shares extension
* using bash sockets where ever possible * Non-flat JSON support
* File output (CSV, JSON flat, JSON non-flat) supports a minimum severity level (only above supplied level there will be output)
* Native HTML support instead going through 'aha'
* Testing 359 default ciphers (``testssl.sh -e``) with a mixture of sockets and openssl. Same speed as with openssl only but addtional ciphers such as post-quantum ciphers, new CHAHA20/POLY1305, CamelliaGCM etc.
* LUCKY13 and SWEET32 checks * LUCKY13 and SWEET32 checks
* LOGJAM: now checking also for known DH parameters * LOGJAM: now checking also for known DH parameters
* Check for CAA RR * Check for CAA RR
* better formatting of output * Check for OCSP must staple
* choice showing the RFC naming scheme only * Better formatting of output (indentation)
* Choice showing the RFC naming scheme only
#### Features planned in 2.9dev #### Features planned in 2.9dev
@ -73,7 +74,7 @@ Contributions, feedback, bug reports are welcome! For contributions please
note: One patch per feature -- bug fix/improvement. Please test your note: One patch per feature -- bug fix/improvement. Please test your
changes thouroughly as reliability is important for this project. changes thouroughly as reliability is important for this project.
There's [coding guideline](https://github.com/drwetter/testssl.sh/wiki/Coding-Style). There's a [coding guideline](https://github.com/drwetter/testssl.sh/wiki/Coding-Style).
Please file bug reports @ https://github.com/drwetter/testssl.sh/issues. Please file bug reports @ https://github.com/drwetter/testssl.sh/issues.
@ -85,8 +86,9 @@ Help is needed here.
#### Bug reports #### Bug reports
Please file bugs in the issue tracker. Do not forget to provide detailed information, see https://github.com/drwetter/testssl.sh/wiki/Bug-reporting. (Nobody can read your thoughts Please file bugs in the issue tracker. Do not forget to provide detailed information,
-- yet. And only agencies your screen) ;-) see https://github.com/drwetter/testssl.sh/wiki/Bug-reporting. (Nobody can read your
thoughts -- yet. And only agencies your screen) ;-)
---- ----

2159
testssl.sh
View File

File diff suppressed because it is too large Load Diff