Thomas Martens
2686f8cdb4
renamed pr_litegreen to pr_done_good
2016-03-01 20:36:41 +01:00
Thomas Martens
207e4e5ce4
renamed pr_red to pr_svrty_critical
2016-03-01 20:31:26 +01:00
Thomas Martens
cad924e707
renamed pr_litered to pr_svrty_high
2016-03-01 20:25:41 +01:00
Thomas Martens
490da0069a
Merge branch 'master' of https://github.com/drwetter/testssl.sh into severity
2016-03-01 20:08:26 +01:00
Dirk Wetter
61ecf051e4
Merge pull request #300 from Dude4Linux/uppercase-severity-codes
...
Consistent case severity codes
2016-02-24 08:35:24 +01:00
Thomas Martens
f90f1a91e4
Merge branch 'master' of https://github.com/drwetter/testssl.sh into severity
2016-02-23 21:04:16 +01:00
John Carver
87218b6b1a
Merge branch 'master' into uppercase-severity-codes
2016-02-23 10:34:32 -06:00
Dirk Wetter
53e76b0545
Update Readme.md
2016-02-23 09:08:11 +01:00
Dirk
20cee1e788
- fix: relative redirect led to fp (https)
2016-02-22 10:44:43 +01:00
Dirk
c70a13d014
- fix #296 (no recent regression as assumed)
2016-02-20 21:46:17 +01:00
Dirk
583584e095
- FIX #297
...
- FIX #243
- reformmated BEAST a bit (was screwed up in ! WIDE mode if too many ciphers
2016-02-20 14:10:04 +01:00
Dirk
71b4c03202
- fix key problem hpkp
2016-02-20 11:07:47 +01:00
John Carver
4be1539a4d
lowercase ok when used with NOT in (NOT ok)
2016-02-18 11:49:47 -06:00
John Carver
291edce0c3
uppercase server sets a cipher order (OK)
2016-02-18 11:41:17 -06:00
John Carver
6858026412
uppercase INFO when outputting status_code
2016-02-18 11:15:31 -06:00
Dirk Wetter
7846fc5fef
Merge pull request #294 from b1gb1t/jsonCorrection
...
Correction of line 3607: new line (\n) corrupted the json format
2016-02-16 12:32:05 +01:00
b1gb1t
2ee021d337
Correction of line 3607: new line (\n) corrupted the json format
2016-02-16 09:54:01 +01:00
Thomas Martens
baff869850
Merge branch 'master' of https://github.com/drwetter/testssl.sh into severity
2016-02-14 12:10:07 +01:00
Dirk Wetter
61c1669687
Merge pull request #292 from dcooper16/multiple_certificates
...
Detect multiple certificates cleanup
2016-02-14 00:08:52 +01:00
Dirk Wetter
79445ebe5b
Merge pull request #293 from SietsevanderMolen/fix-json
...
fix json output
2016-02-12 15:11:45 +01:00
Sietse van der Molen
394f186000
also remove carriage returns, fix for csv
2016-02-12 12:40:31 +01:00
Sietse van der Molen
b2e4df60ca
fix json output
...
use double quotes instead of single quotes
delete newlines from strings
2016-02-12 11:05:36 +01:00
David Cooper
02239be295
Detect multiple certificates cleanup
...
This corrects the indentation within determine_trust() when there are multiple certificates and the output for "Chain of trust (experim.)" takes up more than one lines.
In addition, it fixes the ID field of the JSON output for entries related to the certificate. At the moment, each ID string begins with a blank space. This changes it to remove the space if there is one certificate and to add "Server Certificate #X" at the beginning of each ID if there is more than one certificate.
Perhaps there's a better way than just using, for example, "Server Certificate #1 key_size" as a way to distinguish multiple "key_size" entries in the JSON file. This is just one idea, and it can certainly be changed if those who intend to use the JSON output prefer something else.
2016-02-09 13:35:46 -05:00
AndreiD
8842aeb2b9
Fix #289 - the grep that decides whether a domain is a local address doesn't consider the case when the full domain name is in the hosts file, but followed by .some.other.stuff. This PR addresses this case.
2016-02-08 12:51:54 +01:00
Dirk Wetter
70cd658447
- FIX #283 (regression from 1a8ed3d70a
)
...
- minor output fixes for BEAST
- >4096 bit RSA keys labled in litemangenta now as it could have compatibility probs
- -V 0x.. or -V 0X.. gives at least a warning
2016-02-07 19:13:59 +01:00
Dirk Wetter
b8f2540541
Merge pull request #286 from tjconcept/master
...
fix typo in b93fc824
2016-02-07 08:49:20 +01:00
Thomas Jensen
c48b27a9a9
fix typo in b93fc824
2016-02-07 03:07:30 +01:00
Dirk
b93fc82489
slightly better output for OCSP stapling
2016-02-06 22:31:32 +01:00
Dirk Wetter
c60a39282c
typo
2016-02-06 16:18:46 +01:00
Dirk Wetter
0f4eb221fb
additions, naming of sources
2016-02-06 16:17:01 +01:00
Dirk Wetter
1fe9c95dc0
checkin (for future work)
2016-02-06 15:42:55 +01:00
Dirk Wetter
5491333693
Merge pull request #285 from dcooper16/mapping-rfc
...
Fix typo in etc/mapping-rfc.txt
2016-02-06 10:30:54 +01:00
David Cooper
77379903ed
Fix typo in etc/mapping-rfc.txt
...
Change value for SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA from xFEFE to xFEFF in accordance with http://www-archive.mozilla.org/projects/security/pki/nss/ssl/fips-ssl-ciphersuites.html .
2016-02-05 14:53:19 -05:00
Dirk
39226e05d2
openssl 1.1.0
2016-02-03 17:56:56 +01:00
Dirk
a676742256
Remaining issues solved for OpenSSL 1.1.0 compliance, output corrections, CN/SNI improvements
2016-02-03 17:55:53 +01:00
Dirk
9cf3e21c3d
- swapped sig_algo and server key size
...
- output improvements for unknown sig algos like GOST
2016-02-03 09:55:47 +01:00
Dirk
ea18d2f02c
- fix: discovering the CN for the default host (without SNI)
...
- CN parsing of certificate improved
- CN / subject can be also cyrillic now -- supposed the terminal supports the charset
2016-02-03 00:05:57 +01:00
Dirk Wetter
40d4cbb57f
Update Readme.md
2016-02-01 22:42:49 +01:00
Dirk Wetter
aff08b1ff2
Update CREDITS.md
2016-02-01 22:41:36 +01:00
Dirk
dd65050ee1
- "secret" env switch shows during -e/-E the signature algorithm (see also #276 )
...
- exp. date check corrected esp. for openssl 1.1.0
- warning relaxed for chain of trust
2016-02-01 22:06:27 +01:00
Thomas Martens
b99c5ac30c
Merge branch 'master' of https://github.com/drwetter/testssl.sh
2016-02-01 21:09:31 +01:00
Thomas Martens
52f7de1a4a
Revert "fixed output in ciphertest with --color=1"
...
This reverts commit 7f7b1edd50
.
This is already fixed with c62abaf215
in
upstream.
2016-02-01 21:03:22 +01:00
Dirk Wetter
ff714a673f
Merge pull request #280 from dcooper16/number_of_cert_bundles
...
Number of trusted certificate files in $INSTALL_DIR/etc/*.pem
2016-02-01 21:02:14 +01:00
dcooper16
9f998d8c53
Number of trusted certificate files in $INSTALL_DIR/etc/*.pem
...
The number of .pem files in $INSTALL_DIR/etc is currently hard-coded into determine_trust. This modifies the code so that the number of files can be changed without having to change the code.
2016-02-01 14:11:50 -05:00
Dirk Wetter
f7853f36a0
- added SSL_CERT_FILE=/dev/null
...
- output cleanups in determine_trust()
2016-02-01 17:33:59 +01:00
Dirk Wetter
386234f794
Merge pull request #279 from dcooper16/chain_of_trust_fix
...
Fix chain of trust problem
2016-02-01 17:23:03 +01:00
dcooper16
abffd1b81e
Fix chain of trust problem
...
This should fix issue #278 . I'm not sure whether openssl verify will ever print out more than one error, so to be safe, I wrote the code to handle the possibility that it might; if there is more than one error, it just takes the first and ignores the rest.
2016-02-01 11:17:13 -05:00
Dirk Wetter
2f4e549dab
- missing root certs
2016-02-01 16:27:20 +01:00
Dirk Wetter
8f9b38f7d4
- LF and other corrections for HPKP
...
- output corrections for 2 x HPKP (e.g. scotthelme)
2016-02-01 13:23:28 +01:00
Dirk
0bfe12742e
correct signature keysizes, FIX #249
2016-02-01 10:19:23 +01:00