Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-01-30 12:21:17 +01:00
Code Issues Packages Projects Releases Wiki Activity
4,727 Commits 13 Branches 31 Tags 226 MiB
https_rr
Commit Graph

4727 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dirk Wetter
08accf9abe update to raw_https 
But there's lot of work to do --> push to later
 2025-01-27 23:39:03 +01:00
Dirk Wetter
01682617e5 remove empty line 2025-01-27 22:19:42 +01:00
Dirk Wetter
5af98b67da rename baseline file 2025-01-27 21:37:48 +01:00
Dirk Wetter
256b24ea48 rename + fix baseline file 2025-01-27 21:36:40 +01:00
Dirk Wetter
3a732624c3 Merge branch 'fix_ci_runs' into https_rr 2025-01-27 20:37:10 +01:00
Dirk Wetter
d93549e327 fix match expr 2025-01-27 20:08:11 +01:00
Dirk Wetter
cdf5cf7b97 remove + @ beginning of line 2025-01-27 17:20:39 +01:00
Dirk Wetter
4a71ccb298 update baselein 
... probably need to be done later again when we move the entry to protocols
 2025-01-27 16:57:37 +01:00
Dirk Wetter
096a912567 Merge branch 'fix_ci_runs' into https_rr 2025-01-27 16:47:29 +01:00
Dirk Wetter
ef13122f4f fix typo 2025-01-27 16:39:02 +01:00
Dirk Wetter
b984ae5ea2 minor stuff 2025-01-27 16:37:04 +01:00
Dirk Wetter
8e39d161a8 cleaner code 2025-01-27 16:36:42 +01:00
Dirk Wetter
0640eb9004 Several CI fixes 
- don't output stdin on terminal
- adapt to different google.com ip addresses
- cleaner code
 2025-01-27 16:33:58 +01:00
Dirk Wetter
04c98d93ab
Merge pull request #2628 from testssl/diffing_openssls 
Add unittest for different openssl versions
 2025-01-24 21:38:26 +01:00
Dirk
ce8984706e Finalize unit test 
* pattern search + replace for tls_sockets() vs. openssl
* better error handling for invocations with perl functions system + die
 2025-01-24 20:36:59 +01:00
Dirk
cbaa813a40 Merge branch '3.2' into diffing_openssls 2025-01-24 19:47:40 +01:00
Dirk Wetter
d115b2ebbf
Merge pull request #2635 from testssl/fix_2633 
Fix bug when legacy NPN is tested against a TLS 1.3 host
 2025-01-24 19:44:49 +01:00
Dirk
d9b293f6c7 fix typo 2025-01-24 18:51:11 +01:00
Dirk
43a0099fbc Fix bug when legacy NPN is tested against a TLS 1.3 host 
When testing a TLS 1.3 host s_client_options used TLS 1.3 ciphers to test
for NPN. As that is not implemented we nee dto make sure any other version
is used.

This PR ensures that --after testing whether it's a TLS 1.3-only host
where this test doesn't make any sense in the first place.

Fix for #2633
 2025-01-24 18:46:07 +01:00
Dirk Wetter
5c1232b9dc
Merge pull request #2566 from testssl/bump_version 
Bump version to 3.2rc4
 2025-01-24 15:47:11 +01:00
Dirk
76cdf3166a fix typo 2025-01-24 14:53:52 +01:00
Dirk
bf75a91bc7 Merge branch '3.2' into bump_version 2025-01-24 14:41:21 +01:00
Dirk Wetter
5eeab6484f
Merge pull request #2632 from testssl/Tazmaniac-client-renego-refactoring 
Tazmaniac client renego refactoring
 2025-01-24 14:24:43 +01:00
Dirk
002b91192c fix spelling 2025-01-24 13:50:35 +01:00
Dirk
49db77e63a Conflicts resolved 2025-01-24 13:44:19 +01:00
Dirk Wetter
163d744c13 Add recent and bigger changes 
From today back to 1f37a8406f
 2025-01-24 11:32:41 +01:00
Dirk Wetter
0042b6313e s/drwetter/testssl 
For the remaining occurences. Except dockerhub which needs to be solved.
 2025-01-24 11:15:55 +01:00
Dirk Wetter
69d6a50696 Merge branch '3.2' into bump_version 2025-01-24 11:05:00 +01:00
Dirk Wetter
0539688c06
Merge pull request #2631 from testssl/corydalis10-3.2 
Improve CONTRIBUTING.md
 2025-01-23 17:42:29 +01:00
Dirk
b185b1bea9 Fix typo 2025-01-23 17:41:36 +01:00
Dirk
90f1e59e9f Merge #2618 and doing some overdue amendments 2025-01-23 17:37:32 +01:00
Dirk
8f054c6f12 Merge branch '3.2' of https://github.com/corydalis10/testssl.sh into corydalis10-3.2 2025-01-23 16:49:12 +01:00
Dirk Wetter
9e9334f3c8
Merge pull request #2619 from testssl/co_header 
Add more security headers
 2025-01-23 11:47:34 +01:00
Dirk Wetter
4efe324ef7 Fix round bracket and remove obsolete comment 2025-01-23 10:45:15 +01:00
Hyeonho Kang
fb3921cd1b Edit CONTRIBUTING.md 2025-01-23 13:10:12 +09:00
Dirk Wetter
7d919d494c
Merge pull request #2629 from testssl/misc 
Remove --nsa in help() and add --forward-secrecy instead
 2025-01-22 23:37:28 +01:00
Dirk
d7da22d598 Finalize check 
* use system with @args so that we can query the return value
* code style improved for readability
* diff shows the filtered difference
* ok instead of cmp_ok to show not the whole content of vars
 2025-01-22 23:33:35 +01:00
Dirk
4df0d9e4c3 Re-added the ) to make the action word (why??) 2025-01-22 23:32:39 +01:00
Dirk
207b902109 Merge branch '3.2' into co_header 2025-01-22 22:50:00 +01:00
Dirk
ad912ea332 Fix typo + tags 2025-01-22 20:05:19 +01:00
Dirk
12036fb6c8 Update baseline scan + add/deprecate security headers 2025-01-22 19:54:34 +01:00
Dirk
a1c2dc7c72 Remove --nsa in help() and add --forward-secrecy instead 
Both are possible to use
 2025-01-22 19:19:16 +01:00
Dirk
ba58458909 Restrict tests to those which use openssl 2025-01-22 18:37:48 +01:00
Dirk
37d987684e remove comment sign from testing 2025-01-22 18:25:54 +01:00
Dirk
a499233df2 Add unittest for diffrent openssl versions 
This adds a unit test to compare a run against google with the supplied openssl
version vs /usr/bin/openssl .

This would fix #2626.

It looks like there are still points to clarify
* NPN output is different (bug)
* Newer openssl version claims it's ECDH 253 instead of ECDH 256.
* Newer openssl version claims for 130x cipher it's ECDH 253, via sockets it´s ECDH/MLKEM. This seems a bug (@dcooper)

A todo is also restricing the unit test to the one where openssl is being used. E.g. the ROBOT check and more aren't done with openssl. So there's no value checking this here.
 2025-01-22 18:12:53 +01:00
Dirk Wetter
17f2a5d5b9
Merge pull request #2622 from dcooper16/draft-kwiatkowski-tls-ecdhe-mlkem 
Support draft-kwiatkowski-tls-ecdhe-mlkem
 2025-01-22 11:03:11 +01:00
Dirk Wetter
023fd0278a
Merge pull request #2625 from dcooper16/fix_x5519_and_x448_check 
Fix checks for whether X25519 and X448 are supported
 2025-01-22 11:01:25 +01:00
David Cooper
a85073bf0d
Fix checks for whether X25519 and X448 are supported 
In some cases OpenSSL returns an "unsupported" message rather than a "not found" message if X25519 and X448 are not supported. This commit changes the check for whether X5519 and X448 are supported for checking for either response.
 2025-01-21 09:10:33 -08:00
David Cooper
11d7979f41 Support draft-kwiatkowski-tls-ecdhe-mlkem and draft-tls-westerbaan-xyber768d00 
This commit adds support for the three code points in draft-kwiatkowski-tls-ecdhe-mlkem and the code point 0x6399 from draft-tls-westerbaan-xyber768d00. The group 0x6399 uses a pre-standard version of Kyber and is considered obsolete.
 2025-01-21 09:00:21 -08:00
Dirk Wetter
0c71658457
Merge pull request #2621 from dcooper16/fix2614 
Fix #2614
 2025-01-17 16:47:27 +01:00