Merge branch '3.1dev' into socksend_cleanup

t/08_isHTML_valid.t

@@ -6,6 +6,7 @@
 use strict;
 use Test::More;
 use Data::Dumper;
+use Text::Diff;
 
 my $tests = 0;
 my $prg="./testssl.sh";
@@ -15,7 +16,7 @@ my $html="";
 my $debughtml="";
 my $edited_html="";
 my $check2run="--ip=one --color 0 --htmlfile tmp.html";
-
+my $diff="";
 die "Unable to open $prg" unless -f $prg;
 
 printf "\n%s\n", "Doing HTML output checks";
@@ -47,6 +48,9 @@ $edited_html =~ s/'/'/g;
 cmp_ok($edited_html, "eq", $out, "HTML file matches terminal output");
 $tests++;
 
+$diff = diff \$edited_html, \$out;
+printf "\n%s\n", "$diff";
+
 #2
 printf "\n%s\n", " .. running again $prg against \"$uri\", now with --debug 4 to create HTML output (may take another ~2 minutes)";
 # Redirect stderr to /dev/null in order to avoid some unexplained "date: invalid date" error messages
@@ -72,5 +76,10 @@ $debughtml =~ s/.*DEBUG:.*\n//g;
 cmp_ok($debughtml, "eq", $html, "HTML file created with --debug 4 matches HTML file created without --debug");
 $tests++;
 
+$diff = diff \$debughtml, \$html;
+printf "\n%s\n", "$diff";
+
+
+
 printf "\n";
 done_testing($tests);

t/20_baseline_ipv4_http.t

@@ -1,54 +1,64 @@
 #!/usr/bin/env perl
 
-# Just a functional test, whether there are any problems on the client side
-# Probably we could also inspect the JSON for any problems for
+# baseline test for testssl, screen and JSON output
+
+# This is referred by the documentation.
+
+# We could also inspect the JSON for any problems for
 #    "id"           : "scanProblem"
 #    "finding"      : "Scan interrupted"
 
 use strict;
 use Test::More;
 use Data::Dumper;
-# use JSON;
-# if we need JSON we need to comment this and the lines below in
+use JSON;
 
 my $tests = 0;
 my $prg="./testssl.sh";
-my $check2run ="-p -s -P --pfs -S -h -U -q --ip=one --color 0";
-my $uri="";
+my $check2run="-p -s -P --fs -S -h -U -q --ip=one --color 0";
+my $uri="google.com";
 my $socket_out="";
 my $openssl_out="";
 # Blacklists we use to trigger an error:
 my $socket_regex_bl='(e|E)rror|\.\/testssl\.sh: line |(f|F)atal';
 my $openssl_regex_bl='(e|E)rror|(f|F)atal|\.\/testssl\.sh: line |Oops|s_client connect problem';
+my $json_regex_bl='(id".*:\s"scanProblem"|severity".*:\s"FATAL"|"Scan interrupted")';
 
-# my $socket_json="";
-# my $openssl_json="";
-# $check2run="--jsonfile tmp.json $check2run";
+my $socket_json="";
+my $openssl_json="";
+$check2run="--jsonfile tmp.json $check2run";
 
 die "Unable to open $prg" unless -f $prg;
 
-$uri="google.com";
-
-# unlink "tmp.json";
-printf "\n%s\n", "Baseline unit test IPv4 via sockets --> $uri ...";
-$socket_out = `./testssl.sh $check2run $uri 2>&1`;
-# $socket_json = json('tmp.json');
-unlike($socket_out, qr/$socket_regex_bl/, "");
-$tests++;
-
-# unlink "tmp.json";
-printf "\n%s\n", "Baseline unit test IPv4 via OpenSSL --> $uri ...";
-$openssl_out = `./testssl.sh --ssl-native $check2run $uri 2>&1`;
-# $openssl_json = json('tmp.json');
-# With Google only we encounter an error as they return a 0 char with openssl, so we white list this pattern here:
-$openssl_out =~ s/testssl.*warning: command substitution: ignored null byte in input\n//g;
-unlike($openssl_out, qr/$openssl_regex_bl/, "");
-$tests++;
-
-
-done_testing($tests);
+# Provide proper start conditions
 unlink "tmp.json";
 
+# Title
+printf "\n%s\n", "Baseline unit test IPv4 against \"$uri\"";
+
+#1
+$socket_out = `$prg $check2run $uri 2>&1`;
+$socket_json = json('tmp.json');
+unlink "tmp.json";
+unlike($socket_out, qr/$socket_regex_bl/, "via sockets, terminal output");
+$tests++;
+unlike($socket_json, qr/$json_regex_bl/, "via sockets JSON output");
+$tests++;
+
+#2
+$openssl_out = `$prg --ssl-native $check2run $uri 2>&1`;
+$openssl_json = json('tmp.json');
+unlink "tmp.json";
+# With Google only we somtimes encounter an error as they return a 0 char with openssl, so we white list this pattern here:
+# It should be fixed in the code though so we comment this out
+# $openssl_out =~ s/testssl.*warning: command substitution: ignored null byte in input\n//g;
+unlike($openssl_out, qr/$openssl_regex_bl/, "via OpenSSL");
+$tests++;
+unlike($openssl_json, qr/$json_regex_bl/, "via OpenSSL JSON output");
+$tests++;
+
+done_testing($tests);
+printf "\n";
 
 
 sub json($) {

t/21_baseline_ipv6_http.t.DISABLED

@@ -15,7 +15,7 @@ use Data::Dumper;
 
 my $tests = 0;
 my $prg="./testssl.sh";
-my $check2run ="-p -s -P --pfs -S -h -U -q --ip=one --color 0";
+my $check2run ="-p -s -P --fs -S -h -U -q --ip=one --color 0";
 my $uri="";
 my $socket_out="";
 my $openssl_out="";

t/25_baseline_starttls.t

@@ -17,7 +17,7 @@ use Data::Dumper;
 
 my $tests = 0;
 my $prg="./testssl.sh";
-my $check2run_smtp="--protocols --standard --pfs --server-preference --headers --vulnerable --each-cipher -q --ip=one --color 0";
+my $check2run_smtp="--protocols --standard --fs --server-preference --headers --vulnerable --each-cipher -q --ip=one --color 0";
 my $check2run="-q --ip=one --color 0";
 my $uri="";
 my $socket_out="";
@@ -99,6 +99,13 @@ $openssl_out = `./testssl.sh --ssl-native $check2run -t xmpp $uri 2>&1`;
 unlike($openssl_out, qr/$openssl_regex_bl/, "");
 $tests++;
 
+# $uri="jabber.ccc.de:5269";
+# printf "\n%s\n", "Quick STARTTLS XMPP S2S unit tests via sockets --> $uri ...";
+# $openssl_out = `./testssl.sh --openssl=/usr/bin/openssl -p $check2run -t xmpp-server $uri 2>&1`;
+# # $openssl_json = json('tmp.json');
+# unlike($openssl_out, qr/$openssl_regex_bl/, "");
+# $tests++;
+
 
 $uri="ldap.uni-rostock.de:21";