3493 Commits

This Branch

This Branch

All Branches

Author	SHA1	Message	Date
David Cooper	c0f29f6234	Improve compatibility with OpenSSL 3.0 ... This commit makes the same changes to the 3.0 branch as #1868 makes to the 3.1dev branch.	2021-04-08 12:10:29 -04:00
Dirk Wetter	52ed92ca87	Merge pull request #1866 from drwetter/fix1860_svSE_etc_charset_3.0 ... Ensure certain regex patterns work as expected and aren't localized (3.0)	2021-04-05 14:29:22 +02:00
Dirk	c461702112	Ensure certain regex patterns work as expected and aren't localized (3.0) ... Same as #1865. This PR is trying to address an issue where probably newer bash versions treat regexes differently in other locales. W is with a swedish locale just a variant of V (#1860) see also e.g. https://collation-charts.org/opensolaris/opensolaris.2008.05.sv_SE.UTF-8.html https://www.sqlservercentral.com/forums/topic/order-by-name-not-works#post-1644177	2021-04-05 11:38:17 +02:00
Dirk Wetter	7723a309b5	Merge pull request #1858 from jschauma/3.0 ... add codepoints for RFC7905, ChaCha20-Poly1305	2021-03-25 21:34:04 +01:00
Jan Schaumann	ac71be1040	whitespace alignment	2021-03-25 16:24:52 -04:00
Jan Schaumann	ddb324c81d	add codepoints for RFC7905, ChaCha20-Poly1305	2021-03-25 16:21:45 -04:00
Dirk Wetter	acc9a82a07	Merge pull request #1848 from elfranne/ianaopenssl3.0 ... IANA <-> Openssl mapping issue for 3.0	2021-02-25 17:17:39 +01:00
Elfranne	fe6c866d4e	IANA <-> Openssl mapping issue	2021-02-25 13:56:54 +01:00
Dirk Wetter	bf966a9b2f	Merge pull request #1831 from drwetter/fix_heartbleed_json.1828_3.0 ... Fix file output formatting for heartbleed (3.0)	2021-01-20 10:11:51 +01:00
Dirk	a1777cdd0e	Fix file output formatting for heartbleed ... Quotes were wrong for different results, which lead to some confusion for finding, cve and cwe. Fixes #1828	2021-01-20 09:04:11 +01:00
Dirk Wetter	2627d9db13	Merge pull request #1825 from drwetter/fix_travis_3.0 ... Travis CI didn't run. Trying to fix it (3.0)	2021-01-18 09:15:14 +01:00
Dirk	4ee936dc52	Travis CI didn't run. Trying to fix it	2021-01-13 22:35:34 +01:00
Dirk Wetter	4b800b0ae5	Merge pull request #1822 from drwetter/fix_dot@NODE ... Fixes trailing dot error in URL handling (3.0)	2021-01-13 21:56:48 +01:00
Dirk Wetter	b8e76a3861	Fixes trailing dot error in URL handling ... For DNS queries a trailing dot in the variable $NODE is always fine. For HTTP queries it is not. and causes the https request to fail. Backport from 4f1da9b192911645f6ef0a7b448e1fc3cba90a9a Also: removal of ancient CVS_REL relict in $TEMPDIR/environment.txt	2021-01-13 11:35:31 +01:00
Dirk Wetter	666a2c4edb	Merge pull request #1818 from drwetter/le_issuer_fix1816_3.0 ... Fix issuer check for Let's Encrypt (3.0)	2021-01-07 10:32:12 +01:00
Dirk Wetter	0de00f4322	Fix issuer check for Let's Encrypt (3.0) ... Fixes #1816 for 3.0 by a proper halving of the dates	2021-01-07 10:29:08 +01:00
Dirk Wetter	cb94ffaa13	Merge pull request #1796 from drwetter/no_code_update3.0 ... Trying to save resources for Travis/CI (3.0)	2020-11-28 10:15:13 +01:00
Dirk	98d1bd64bc	Trying to save resources for Travis/CI (3.0) ... See 3b38a5dea3	2020-11-28 10:12:43 +01:00
Dirk Wetter	dc08a120ba	Merge pull request #1793 from drwetter/docker_docu_polish3.0 ... Consolidate docker sections in Readme.md and Dockerfile.md (3.0)	2020-11-27 16:54:26 +01:00
Dirk Wetter	7c835470be	Consolidate docker sections in Readme.md and Dockerfile.md ... see #1791	2020-11-27 16:53:28 +01:00
Dirk Wetter	7dac1a20f7	Merge pull request #1780 from drwetter/fix_1779 ... Fix 1779 3.0.4	2020-11-20 16:27:10 +01:00
Dirk	ca89328ed4	Change version number ... To avoid clashes with distributors it may be is smarter to stick to three numbers and not intoducing another digit. 3.0.4 <-- 3.0.3.1	2020-11-20 11:09:17 +01:00
Dirk	e441357efe	Fix reading SSLv2 socket (3.0 branch) ... This fixes #1779. There was a problem introduced in 3c97412a61f70749c1e0d770bf365aa3c6a8e780 which counted the size of the file name rather than the size of the socket reply.	2020-11-20 11:06:22 +01:00
Dirk	b08b5d8b98	Bump version to 3.0.3 3.0.3	2020-11-19 09:41:12 +01:00
Dirk Wetter	0abaa6d2bf	Merge pull request #1774 from drwetter/ca-update_3.0 ... Update certificate stores (3.0 branch)	2020-11-14 11:11:03 +01:00
Dirk Wetter	2f18dcbd58	Update remaining stores: Apple / Java / Microsoft ... * also ca_hashes.txt * Used Java SDK 15 instead of JRE 8 * Used Windows 10 20H2 * Java Keystore has added 5 certificates (90 --> 95) Updated Readme and make instructions more reproducible Fixes #1772	2020-11-13 22:13:10 +01:00
Dirk Wetter	d536c07b72	Merge pull request #1776 from drwetter/fix_1762_3.0 ... Stop labeling X-XSS-Protection as green (3.0 branch)	2020-11-13 15:24:22 +01:00
Dirk Wetter	99a158d952	Stop labeling X-XSS-Protection as green (3.0 branch) ... * X-XSS-Protection is now labled as a neutral finding as suggested in #1762 * Also it adds colons to header values This a quick fix for the stable version as opposed to #1764 ff. It also changes the color from lite cyan to neutral	2020-11-13 13:57:21 +01:00
Dirk Wetter	a180ec4f80	update Linux.pem + Mozilla.pem	2020-11-11 18:37:56 +01:00
Dirk Wetter	f3abf77ed8	Merge pull request #1761 from keisentraut/fix-1757-3.0 ... fix #1757: manpage: --c has one dash to much (backport 3.0)	2020-10-29 20:28:23 +01:00
Klaus Eisentraut	44fd73bfcd	fix #1757: manpage: --c has one dash to much (backport 3.0)	2020-10-29 20:21:05 +01:00
Dirk Wetter	0cf5a49762	Merge pull request #1759 from drwetter/fix_1754_3.0 ... Fix run_freak() when sslv2 server hello is empty (3.0 branch)	2020-10-28 15:05:51 +01:00
Dirk Wetter	3c97412a61	Address complaint by Travis + RC4 SSLv2 ciphers shortcut ... Despite the fact google doesn't support RC4 ciphers, testssl.sh called sslv2_sockets(). Google answered with a >= TLS alert. Building a sum then failed then in sslv2_sockets(). This fixes sslv2_sockets() and introduces count_chars() as a helper function (tested also under old FreeBSD to make sure it works under MacOSX). Also it adds a shortcut: if we are sure we don't have sslv2 we don't need to test any RC4 SSLv2 ciphers	2020-10-28 11:45:41 +01:00
Dirk	4ddc90d98d	Fix run_freak() when sslv2 server hello is empty (3.0 branch) ... This fixes #1754 by avoiding further string operations if the SSLv2 socket reply is empty as bash 5.1 seems to have a problem with that. The fix is done in sslv2_sockets() . Also sslv2 is not being used in run_freak() if known not to be supported.	2020-10-27 22:48:50 +01:00
Dirk Wetter	cd9b98ca70	Merge pull request #1727 from drwetter/fix_1725_SCIR_3.0 ... Fix Secure Client-Initiated Renegotiation false positive (3.0 branch)	2020-09-16 20:13:33 +02:00
Dirk	08feaf4a0c	Fix Secure Client-Initiated Renegotiation false positive (3.0 branch) ... Server side closed the connection but openssl retrieved a zero exit code. In addition now we look for "closed" and if that was returned from the server we label it as not vulnerable. This fixes #1725. Same fix as for 3.1dev, see #1726	2020-09-16 18:13:47 +02:00
Dirk Wetter	c0581afeeb	Merge pull request #1712 from dcooper16/fix1699_3.0 ... Fix #1699 in 3.0 branch	2020-08-31 17:07:46 +02:00
David Cooper	b7dab55b6c	Fix #1699 in 3.0 branch ... This commit makes the same change as #1711, but in the 3.0 branch.	2020-08-31 10:42:11 -04:00
Dirk	d9866d875a	Revised risk for BREACH --> medium	2020-07-10 19:56:18 +02:00
Dirk Wetter	e1b0f2d55f	Merge pull request #1673 from dcooper16/fix_unrecognized_option_3.0 ... Fix printing of unrecognized option in 3.0 branch	2020-07-07 15:54:11 +02:00
David Cooper	cb5305e42d	Fix printing of unrecognized option in 3.0 branch ... When testssl.sh is called with an unknown option it prints something like: 0: unrecognized option "--option" It should be printing the name of the program rather than "0". This commit fixes that.	2020-07-07 07:39:28 -04:00
Dirk Wetter	2949b95937	Merge pull request #1667 from dcooper16/fix1665_3.0 ... Fix #1665 in 3.0 branch	2020-06-25 20:45:42 +02:00
David Cooper	e2dce19559	Fix #1665 in 3.0 branch ... This commit fixes #1665 by adding the certificate number to the JSON identifier for cert_eTLS.	2020-06-25 13:24:10 -04:00
Dirk Wetter	916d942b00	Merge pull request #1664 from dcooper16/fix1662_3.0 ... Fix #1662 in 3.0 branch	2020-06-25 13:40:41 +02:00
David Cooper	f7ef50b968	Fix #1662 in 3.0 branch ... This commit fixes #1662 in the 3.0 branch by changing the fileout to use the value of $cert_ext_keyusage rather than the string "cert_ext_keyusage".	2020-06-25 07:37:37 -04:00
Dirk Wetter	2cdcf1564b	Merge pull request #1661 from csett86/wireshark-android-7-0-backport ... Add wiresharked Android 7.0 (native) (backport of #1659)	2020-06-25 08:31:17 +02:00
Christoph Settgast	e2a1f9f329	Add wiresharked Android 7.0 (native) ... After being bitten by https://stackoverflow.com/questions/39133437/sslhandshakeexception-handshake-failed-on-android-n-7-0 I add a wiresharked Android 7.0 to reflect that bug in Android 7.0. Backport of 82e939f2bdd1ea977224ecd742ce514578a6fbd7	2020-06-24 21:10:22 +02:00
Dirk Wetter	594f09e858	Merge pull request #1647 from drwetter/fix_mxs_in_get_mx_record ... Fix wrong variable declaraton in get_mx_record()	2020-05-26 09:35:54 +02:00
Dirk	11c03790bf	Fix wrong variable declaraton in get_mx_record() ... mx was declared, mxs used instead. This fixes it by correcting the declaration.	2020-05-25 21:28:44 +02:00
Dirk Wetter	c6ca746954	Merge pull request #1634 from drwetter/dockerfile+ ... Better Dockerfile: doesn't require "git clone"	2020-05-09 12:54:02 +02:00