David Cooper
b264714fd9
Add check of IP address
...
compare_server_name_to_cert() now checks the DNS names and IP addresses in the subjectAltName extension for a match.
2016-06-13 11:09:15 -04:00
David Cooper
0a1c4d565c
Merge branch 'master' into fix_issue_276
2016-06-13 10:59:34 -04:00
Frank Breedijk
701545dbb6
Allow the file output feature and mass_test feature to work together
2016-06-13 15:35:56 +02:00
Dirk Wetter
88fd5c4e19
Merge pull request #381 from PeterMosmans/chachanaming
...
Updated ChaCha20 cipher names
2016-06-13 08:27:28 +02:00
Peter Mosmans
a06c71d915
Updated ChaCha20 cipher names
...
See https://tools.ietf.org/html/draft-ietf-tls-chacha20-poly1305-04 (the latest version as of this writing is 04).
The previous version received the suffix _2013. See https://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-04
2016-06-13 10:34:04 +10:00
Dirk Wetter
1b7653e438
Update Readme.md
2016-06-11 09:08:51 +02:00
David Cooper
b7fe461a6c
Merge branch 'master' into openss2rfc_rfc2openssl
2016-06-10 15:34:00 -04:00
David Cooper
706db7553f
Merge branch 'master' into more_sslv2_sslv3_fixes
2016-06-10 15:30:56 -04:00
David Cooper
76ea57863a
Merge branch 'master' into run_allciphers(),run_cipher_per_proto(),-and-SSLv2
2016-06-10 15:29:00 -04:00
David Cooper
f84ebd99b5
Merge branch 'master' into fix_issue_276
2016-06-10 15:27:46 -04:00
David Cooper
52d6eabdf7
Merge branch 'master' into version_negotiation
...
Conflicts:
testssl.sh
2016-06-10 15:26:29 -04:00
Dirk Wetter
61a049ccf9
Merge pull request #380 from dcooper16/runallciphers128limit
...
run_cipher_per_proto() 128-cipher limit
2016-06-10 20:30:47 +02:00
David Cooper
8c86049848
run_cipher_per_proto() 128-cipher limit
...
Ensure that neither run_allciphers() nor run_cipher_per_proto() sends a ClientHello with 128 or more cipher suites.
2016-06-10 13:45:25 -04:00
David Cooper
b566da94f5
Revised to use arrays
...
Here is a revision that creates a mapping file (similar to mapping.txt, but that mirrors the formatting of "$OPENSSL ciphers -V" and that includes all cipher suites, even ones for which there is no OpenSSL name), loads the contents of the file into arrays, and then uses the arrays to implement openssl2rfc() and rfc2openssl().
2016-06-10 11:11:39 -04:00
David Cooper
b8348c6454
Merge branch 'master' into version_negotiation
2016-06-09 10:21:49 -04:00
David Cooper
bf4134844c
Merge branch 'master' into run_allciphers(),run_cipher_per_proto(),-and-SSLv2
2016-06-09 10:21:09 -04:00
David Cooper
c20d2dfc6f
Merge branch 'master' into more_sslv2_sslv3_fixes
2016-06-09 10:20:20 -04:00
David Cooper
c1624782d5
Merge branch 'master' into openss2rfc_rfc2openssl
2016-06-09 10:18:29 -04:00
David Cooper
189fe662f5
Merge branch 'master' into fix_issue_276
2016-06-09 10:17:49 -04:00
Dirk
adbb1932eb
simplified cipher and protocol retrieval in 'Testing server preferences'
2016-06-09 15:56:53 +02:00
David Cooper
c656015312
Merge branch 'master' into version_negotiation
...
Conflicts:
testssl.sh
2016-06-09 09:34:37 -04:00
David Cooper
d2bded1114
Merge branch 'master' into run_allciphers(),run_cipher_per_proto(),-and-SSLv2
2016-06-09 09:33:05 -04:00
David Cooper
aa9eeaf6af
Merge branch 'master' into more_sslv2_sslv3_fixes
...
Conflicts:
testssl.sh
2016-06-09 09:31:46 -04:00
David Cooper
a46b6791db
Merge branch 'master' into fix_issue_276
2016-06-09 09:29:40 -04:00
Dirk
d561687554
initial commit
2016-06-09 15:06:42 +02:00
Dirk
6b07b89946
- added values to curve448 + 25519
2016-06-09 13:18:55 +02:00
Dirk
5ceace33e0
- FIX #189 with a smart check, introduced global var SERVER_SIZE_LIMIT_BUG
...
- introduced "has_server_protocol()" which can be used to check b4 connecting if protocol is a/v
2016-06-09 11:04:40 +02:00
Dirk
94d5a8df80
hint for new (etxernal) binaries
2016-06-09 00:06:11 +02:00
David Cooper
eb9e2d85a0
Merge branch 'master' into version_negotiation
2016-06-08 13:47:35 -04:00
David Cooper
ce9b277b2c
Merge branch 'master' into run_allciphers(),run_cipher_per_proto(),-and-SSLv2
2016-06-08 13:47:01 -04:00
David Cooper
b5765bfda0
Merge branch 'master' into openss2rfc_rfc2openssl
2016-06-08 13:46:18 -04:00
David Cooper
90fcb3500c
Merge branch 'master' into more_sslv2_sslv3_fixes
2016-06-08 13:45:22 -04:00
David Cooper
a224bb5068
Merge branch 'master' into fix_issue_276
2016-06-08 13:44:16 -04:00
David Cooper
5e3d4d127c
Mask error when no $MAPPING_FILE_RFC
...
Redirect error output to $ERRFILE if $MAPPING_FILE_RFC is missing.
2016-06-08 12:07:23 -04:00
Dirk Wetter
f754d67e74
Merge pull request #377 from dcooper16/curve25519
...
Adding x25519 and x448 to ClientHello
2016-06-08 17:32:28 +02:00
David Cooper
4750c3f0d5
Adding x25519 and x448 to ClientHello
...
This added x25519 and x448 to the list of supported elliptic curves in the ClientHello created by socksend_tls_clienthello().
2016-06-08 11:25:47 -04:00
David Cooper
5edd005df0
Merge branch 'master' into version_negotiation
...
Conflicts:
testssl.sh
2016-06-08 09:52:45 -04:00
David Cooper
130aa350d2
Merge branch 'master' into run_allciphers(),run_cipher_per_proto(),-and-SSLv2
2016-06-08 09:48:18 -04:00
David Cooper
0c146ef7a1
Merge branch 'master' into openss2rfc_rfc2openssl
2016-06-08 09:47:37 -04:00
David Cooper
cbb20bf661
Merge branch 'master' into more_sslv2_sslv3_fixes
2016-06-08 09:46:58 -04:00
David Cooper
eaad4c7dd8
Merge branch 'master' into fix_issue_276
2016-06-08 09:46:25 -04:00
Dirk Wetter
c929fba206
Merge pull request #342 from dcooper16/socksend_tls_clienthello_extensions
...
More extensions in socksend_tls_clienthello()
2016-06-08 10:39:17 +02:00
Dirk
022dbc687a
Merge branch 'master' of github.com:drwetter/testssl.sh
2016-06-07 23:07:17 +02:00
Dirk
d858edca1b
- filled PROTOS_OFFERED w sense
...
- minor fixes for fileout
- introduced "fixme()"
2016-06-07 23:06:58 +02:00
Dirk Wetter
1d051a24e0
Merge pull request #374 from dcooper16/CREDITS
...
Update CREDITS.md
2016-06-07 22:40:56 +02:00
David Cooper
fa866f6458
Update CREDITS.md
2016-06-07 14:23:33 -04:00
David Cooper
253ba29cde
openssl2rfc and rfc2openssl
...
This PR provides implementations of openssl2rfc and rfc2openssl. It also uses openssl2rfc() in run_server_preference() to help determine how to display the "negotiated cipher." I believe that using the RFC names addresses the current FIXME:
FIXME BEAST: We miss some CBC ciphers here, need to work w/ a list"
2016-06-07 14:02:48 -04:00
David Cooper
ec8420144d
Merge branch 'master' into version_negotiation
2016-06-07 10:36:52 -04:00
David Cooper
c13ae4a001
Merge branch 'master' into socksend_tls_clienthello_extensions
2016-06-07 10:35:32 -04:00
David Cooper
c50f2cc796
Merge branch 'master' into run_allciphers(),run_cipher_per_proto(),-and-SSLv2
2016-06-07 10:33:21 -04:00