Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2026-06-23 16:57:38 +02:00
Code Issues Packages Projects Releases Wiki Activity
5,415 Commits 15 Branches 37 Tags
050a141a71f72c27bbc4c92b20a146d82e5f327e
Commit Graph

5415 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
github-actions[bot] 050a141a71 Auto-generate docs from testssl.1.md [skip ci] 2026-06-20 14:59:08 +00:00
Dirk Wetter a13eb751ec Credit where credits is due 
Amend manyak
 2026-06-20 16:54:30 +02:00
Dirk Wetter 083f0148ca Move --phone-out to 3.3dev 2026-06-20 16:53:36 +02:00
Dirk Wetter fda8d34edd Minor changes to #3060 (HSTS preload) 
- readability: case statements!
- we query the API, not the list
- safe_echo makes echo safer
 2026-06-20 16:46:32 +02:00
Dirk Wetter 2b00b984f9 Merge branch 'revive-hsts-preload' of https://github.com/potato-20/testssl.sh into potato-20-revive-hsts-preload 2026-06-20 16:10:52 +02:00
Dirk Wetter 2a30ddc35e Merge pull request #3069 from testssl/dependabot/github_actions/actions/checkout-7 
Bump actions/checkout from 6 to 7
 2026-06-20 15:56:44 +02:00
dependabot[bot] c93ad06489 Bump actions/checkout from 6 to 7 
Bumps [actions/checkout](https://github.com/actions/checkout) from 6 to 7.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v6...v7)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '7'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-06-19 00:22:25 +00:00
Dirk Wetter 8d0f86eada Merge pull request #3066 from logopk/fix/issuer-cn-linecount 
[Bug] FIXME: issuer_CN error with more than 5 lines in Issuer #3065
 2026-06-18 11:29:47 +02:00
Dirk Wetter 53d0125b44 Merge pull request #3068 from testssl/dependabot/github_actions/actions/checkout-6 
Bump actions/checkout from 4 to 6
 2026-06-18 09:51:44 +02:00
dependabot[bot] 7a5bdd80b9 Bump actions/checkout from 4 to 6 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 6.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v4...v6)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-06-18 00:22:31 +00:00
Peter Kreuser bdeff4d23b [Bug] FIXME: issuer_CN error with more than 5 lines in Issuer #3065 2026-06-17 22:35:32 +02:00
potato-20 391f6a6b2b ui: replace raw API value 'unknown' with 'no entry' in HSTS preload output 2026-06-17 15:10:51 +05:30
potato-20 57fc5850d1 Add HSTS preload list check via the hstspreload.org API (#1248) 
Revives and rebases #1809 by @tosticated (Jim Blankendaal) onto 3.3dev. When --phone-out is set, run_hsts now queries https://hstspreload.org/api/v2/status and reports whether the domain is on the browser HSTS preload list (preloaded/pending/rejected/unknown), cross-referenced with the served header, the same-domain check and the bulk flag.

Addresses the review comments on #1809: the API-response matching uses native bash string matching instead of forking grep, the JSON quoting is handled inside check_hsts_preloadlist_match() so callers pass plain values, and the value arrays use 'local -a'. The output decision table is kept as-is (per maintainer feedback). Adds t/53_hsts_preload.t. Original design and decision table by @tosticated.
 2026-06-17 15:10:51 +05:30
Dirk Wetter 826449115c Merge pull request #3064 from testssl/automate_pandoc 
Automate pandoc
 2026-06-17 11:24:25 +02:00
github-actions[bot] f8c23ab69f Auto-generate docs from testssl.1.md [skip ci] 2026-06-17 09:22:17 +00:00
Dirk Wetter 2dc81417f6 git push 2026-06-17 11:21:31 +02:00
Dirk Wetter 85f80a6487 change template name 2026-06-17 11:12:53 +02:00
Dirk Wetter 1297c88d26 fix syntax error 2026-06-17 11:08:24 +02:00
Dirk Wetter 8fd171783c Correct dir name, autopush gnerated files 2026-06-17 11:05:47 +02:00
Dirk Wetter 4f874b3ebf should better run on PR 2026-06-17 10:51:38 +02:00
Dirk Wetter 1d6045ccd8 Add workflow for pandoc 2026-06-17 10:43:05 +02:00
Dirk Wetter 0359a363ae Change title --> trigger pandoc 2026-06-17 10:41:49 +02:00
Dirk Wetter e0af44a7be Merge pull request #3058 from testssl/debug_hooks 
Provide better debugging means for GH runners
 2026-06-10 14:11:14 +02:00
Dirk 8e25163625 Remove QUIC from runner 2026-06-10 10:03:25 +02:00
Dirk 457f8fd0a0 Provide better debugging means 
This is just to assist debugging of the runners, so that
we can grab in a case needed the screen and stderr .

* there's a script t/03_debug.t.DISABLED which needs to be renamed then
* it utilises IPC::Run3
- also showing the PATH is added for both runners
- Readme amended accordingly
 2026-06-09 13:43:43 +02:00
Dirk Wetter c25a0ad491 Merge pull request #3057 from testssl/drwetter-patch-1 
Hide CI badges for now
 2026-06-09 10:39:41 +02:00
Dirk Wetter 2f591423f2 fix spelling 2026-06-09 10:39:03 +02:00
Dirk Wetter 5205310c0c Remove CI badges 
... as they reflect the PR status and not the current branch

See #2794
 2026-06-09 10:36:24 +02:00
Dirk Wetter e7204bd524 Merge pull request #3056 from testssl/revert-3055-drwetter-patch-1 
Revert "Trying to fix the badge issue"
 2026-06-09 10:32:16 +02:00
Dirk Wetter f634570af7 Revert "Trying to fix the badge issue" 2026-06-09 10:31:37 +02:00
Dirk Wetter fbedfe5f5f Merge pull request #3055 from testssl/drwetter-patch-1 
Trying to fix the badge issue
 2026-06-09 10:19:40 +02:00
Dirk Wetter 01f9b49549 Update unit_tests_ubuntu.yml 
... also for the ubuntu runner
 2026-06-09 10:18:52 +02:00
Dirk Wetter b9dda9312d Trying to fix the badge issue 
... by having the runner only act on 3.3dev. Sounds counter intuitive but I was recommended to try
 2026-06-09 10:16:50 +02:00
Dirk Wetter db014a6289 Merge pull request #3054 from testssl/drwetter-patch-1 
Fix badges, try 2
 2026-06-09 09:58:42 +02:00
Dirk Wetter ea16c81e97 Fix badges, try 2 
* comment in status badges (try)
* stars getting to work again
 2026-06-09 09:57:21 +02:00
Dirk Wetter fe080150cf Merge pull request #3053 from testssl/drwetter-patch-1 
Handle badges, remove 1 bracket
 2026-06-09 09:45:10 +02:00
Dirk Wetter 1bf15f41e1 Handle badges 2026-06-09 09:42:50 +02:00
Dirk Wetter cfde1df489 Merge pull request #3050 from potato-20/add-modern-security-headers 
Report additional modern security headers (INFO)
 2026-06-09 09:22:54 +02:00
Dirk Wetter 8f588813c0 Merge pull request #3049 from potato-20/fix-mx-host-port-2986 
Fix --mx host:port parsing and incorrect no-MX message (#2986)
 2026-06-08 18:33:32 +02:00
Dirk Wetter 654dc18760 Merge pull request #3052 from testssl/mac_runner_update 
Update runner to macos-26 (arm64 as before)
 2026-06-08 17:08:16 +02:00
Dirk Wetter 3c5b733431 Update runneer to macos-26 (arm64 as before) 
... as they were strange failures in the past.

Supported runners: https://docs.github.com/en/actions/reference/runners/github-hosted-runners#single-cpu-runners .
Details: https://github.com/actions/runner-images/blob/main/images/macos/macos-26-arm64-Readme.md
 2026-06-08 16:41:37 +02:00
potato-20 0a7aff701e Report additional modern security headers as INFO 
Adds X-Permitted-Cross-Domain-Policies (already highlighted in emphasize_stuff_in_headers() but never reported), Origin-Agent-Cluster, Document-Policy, Clear-Site-Data, Reporting-Endpoints, Report-To and NEL to run_security_headers(), all presence-only/INFO, matching how COOP/COEP/CORP were added in #2619.
 2026-06-06 16:27:55 +05:30
potato-20 1704bdfa79 Fix --mx host:port parsing and incorrect no-MX message (#2986) 
When a port was appended to the domain (e.g. "--mx example.com:25"), the suffix was passed straight into the MX DNS lookup, so no MX records were found. Strip a trailing :port off the domain before the lookup and use it as the port to test. Also fix the no-MX message, which printed $1 (the run date) instead of the domain, plus a "records(s)" typo.
 2026-06-06 15:48:17 +05:30
Dirk Wetter 7f63e73ec3 Merge pull request #3046 from SteveVaneeckhout/fix-permissions-policy-duplicate 
Fix Permissions-Policy header listed twice in output
 2026-05-30 17:47:56 +02:00
Steve 989870e07b Fix Permissions-Policy header listed twice in output 
run_security_headers() listed "Permissions-Policy" twice in its
header_and_svrty checklist: once as OK (since 2020) and again as INFO
(accidentally added in 12036fb). The loop matched the same header on
both iterations, emitting two entries to JSON (headerResponse) and the
terminal output. Remove the duplicate INFO entry, keeping the intended
OK classification.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
 2026-05-30 12:18:05 +02:00
Dirk Wetter 316b1a8014 Merge pull request #3045 from testssl/add_fs_data_clientsimulation_json 
Add fs data clientsimulation json
 2026-05-29 16:07:24 +02:00
Dirk 209e76541e Using a compariable Linux distro in the firstplace for updating handshake would have been great ;-) 2026-05-29 15:20:17 +02:00
Dirk ec99148700 Fix html output runner 2026-05-29 13:00:58 +02:00
Dirk 1ee1a60a99 var name append_fileout is clearer 2026-05-29 10:53:28 +02:00
Dirk 566e1b1f65 Fix diff complaint raised by ./t/12_diff_opensslversions.t 2026-05-29 10:33:03 +02:00