Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-01-09 02:00:57 +01:00
Code Issues Packages Projects Releases Wiki Activity
102 Commits 17 Branches 30 Tags 212 MiB
05d7047865
Commit Graph

102 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dirk
05d7047865 - BUGFIX: potential stalling in HTTP Header query 
- BUGFIX: HTTP specific vuln. won't be checked if service is not http (we still
check crime and also spdy => gmail has spdy for pop and imap)
- Feature: service detection: HTTP, IMAP, POP, SMTP
- alignment in rDNS output corrected
- minor cleanup / improvements
 2014-11-30 01:30:20 +01:00
Dirk
e2067d1663 - BUGFIX: BSD now has proper heartbleed and ccs injection detection 
- significant code improvement of hex-byte parser <-> socket sender
- BUGFIX: BSD now doesn't put an extra \n if rfc map file is missing
- bumped to 2.1rc3, hoping that'll be the last
 2014-11-27 21:33:33 +01:00
Dirk
ba76dad503 - for colors: double square brackets (might save a fork to "[ or "test" 
- in terms of debugging cleaned up listciphers/std_cipherlists
- in other terms too
 2014-11-25 13:12:24 +01:00
Dirk Wetter
d948039237 Update Readme.md 2014-11-24 16:43:11 +01:00
Dirk Wetter
18cd3a7a21 Merge pull request #37 from yurivict/master 
Fixed errors when COLOR=0 caused 'printf' to break due to leading dashes interpreted as command line options
 2014-11-24 15:16:42 +01:00
Yuri
6829de54c5 Fixed the problem when COLOR=0 caused 'printf' to break due to leading dashes interpreted as command line options. 2014-11-22 12:15:47 -08:00
Dirk Wetter
7649b20a0d Merge pull request #36 from PeterMosmans/bugfix 
Fixed minor redirection typo for 'which' command
 2014-11-22 18:31:09 +01:00
Peter Mosmans
1a3bebeed8 Fixed minor redirection typo for 'which' command 2014-11-22 12:57:36 +10:00
Dirk
00ff1b57a0 - increase first read buffer -- otherwise it's how up at hb reply and lead to false positives 2014-11-20 18:55:51 +01:00
Dirk
80079edf41 color codes for protocols and default ciphers reflect better a rating 
- fix: heartbleed function needed a $TMPFILE for determining the TLS protocol
 - version bumped to 2.1rc2
 2014-11-20 10:46:55 +01:00
Dirk
db17669b99 - fix in cleanup (while debug) 
- wrong cmd line option --> help instread of error
 2014-11-19 22:23:13 +01:00
Dirk
9d5d77c813 - protocol check stream lined: similar now for every protocol 
- NPN/SPDY is not green anymore
 2014-11-19 18:04:43 +01:00
Dirk
ab7074aefd - protocol w/o cipher (only SSLv2 so far) 
- for EVERY protocol now check whether $openssl supports it
- better fail for PFS if there are no local ciphers
 2014-11-19 17:08:59 +01:00
Dirk
9fe6b9a917 @oparoz 2014-11-19 13:26:48 +01:00
Dirk
93c05e9d12 - banner (opensssl version build date, platform) slightly changed 
- even clearer warning upon old openssl version (MacOSX!)
- oparoz hexdump patch
- heartbleed doenst do a precheck anymore --> just sockets as it may lead to false negatives
  if the client was complied with it disabled (FreeBSD)
 2014-11-19 13:22:22 +01:00
Dirk
6a0e41d252 - FreeBSD fixes (getent, printf) 2014-11-18 23:14:17 +01:00
Dirk
30a0f1abf7 - Peter 2014-11-18 20:24:10 +01:00
Dirk
4a5de4fd72 small cleanup 2014-11-18 20:23:17 +01:00
Dirk
6b8b63b4a5 Merge branch 'master' of github.com:drwetter/testssl.sh 2014-11-18 16:40:14 +01:00
Dirk Wetter
3abb5a0650 Merge pull request #30 from PeterMosmans/cleanup 
Make sure that cleanup() function is always called
 2014-11-18 16:39:32 +01:00
Dirk Wetter
68eddd7226 Merge pull request #29 from PeterMosmans/msys 
Added compatilibility with MSYS2 on Windows
 2014-11-18 16:30:18 +01:00
Dirk
b50cba45dc - stripping of leading 0 in testssl.sh needed to be reflected by this file 2014-11-18 11:04:57 +01:00
Dirk
abb57e8bde - prettyprint_local now also can do word pattern matching 
- help improved
- put the stripping of leading 0 into normalize_cipher_code where it belonged
- the latter makes a modified mapping-rfc.txt necessary!
 2014-11-18 11:03:03 +01:00
Dirk
730656bbbb - hexcode in neat list now w/o leading 0 
- help cleaned up and clearer (& removing tabs)
- test_just_one with headline
 2014-11-18 10:29:11 +01:00
Peter Mosmans
52b32faea7 Make sure that cleanup() function is always called 
Added {HEADERFILE_BREACH} to temporary files that should be removed
Removed obsolete cleanup calls
 2014-11-18 14:30:48 +11:00
Peter Mosmans
8efcc5ce29 Added compatilibility with MSYS2 on Windows 2014-11-18 13:30:56 +11:00
Dirk
03cb91da8f - version bumped to 2.1rc1, better layout for chacha (albeit bit ugly), better layout for all ciphers, test_just_one w/ headline 2014-11-18 01:36:29 +01:00
Dirk
513e662c67 - sockread w/ sleep 
- ccs better documented + more verbose during debug
 2014-11-18 00:26:58 +01:00
Dirk Wetter
23a7f0a289 Update CREDITS.md 2014-11-17 18:59:57 +01:00
Dirk
9c35c200b7 next step in color handling: 2=full color, 1: b/w, 0: no ESC codes at all 2014-11-17 18:49:56 +01:00
Dirk
7eafd76fa7 2014-11-17 18:47:39 +01:00
Dirk
ee1f7ceedd - omit the "**" in non colored mode 
- query COLOR properly (env)
 2014-11-17 17:43:59 +01:00
Dirk
b0a4345e6c warning upon "no ssl enabled server" clearer; we check only for return code of s_client. Fails if certificate needed 2014-11-17 17:05:43 +01:00
Dirk
2b009d6ac5 better documentation 2014-11-03 21:45:48 +01:00
Dirk
d956a53628 NEW: first working implementation of "-x <list_of_csv_hexcodes> server" with a catch: none a/v local cipher 2014-11-02 23:37:17 +01:00
Dirk
2a2d962874 TLS_FALLBACK_SCSV 2014-10-30 21:15:30 +01:00
Dirk
a31d96abea TLS_FALLBACK_SCSV 2014-10-30 21:14:50 +01:00
Dirk
d2ff6eaf25 FIX for RUN_DIR, bumped up version to 2.1beta 2014-10-30 21:12:18 +01:00
Dirk
365796007c NEW: HPKP 2014-10-29 21:24:43 +01:00
Dirk
13569a67ac FIX: for FreeBSD and spaces in "Local problem ..." 2014-10-29 20:23:21 +01:00
Dirk
1a2dc2bdc8 FIXED: too much spaces in "Local problem: No .. configured" 2014-10-23 15:52:06 +02:00
Dirk
f7c2f0c196 FIXED: When there is no support in openssl for SSLv2 the error message and the next protocol test get on the same line 2014-10-23 15:40:15 +02:00
Dirk
e6e52cf1fd Merge branch 'master' of github.com:drwetter/testssl.sh 2014-10-17 22:17:04 +02:00
Dirk
52ad39144f be clear that no TLS_FALLBACK_SCSV support yet 2014-10-17 22:16:37 +02:00
Dirk Wetter
ac6d02b5cf forgot the apple users 2014-10-17 14:28:05 +02:00
Dirk Wetter
b901c4e86d better+ c&p 2014-10-16 16:47:54 +02:00
Dirk Wetter
dba5ef1ff8 better c&p 2014-10-16 16:46:01 +02:00
Dirk
9e8cd27e46 POODLE hack 2014-10-15 13:10:06 +02:00
Dirk
3be53fc1ec - FIX for getent line 2014-10-15 11:56:40 +02:00
Dirk
d047a063cf - regression on libressl fix fdor openssl fixed 2014-10-14 16:28:18 +02:00