b1986adea9
Bump docker/build-push-action from 4.2.1 to 5.0.0
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 4.2.1 to 5.0.0.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](https://github.com/docker/build-push-action/compare/v4.2.1...v5.0.0 )
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-09-13 00:36:32 +00:00
f8036fd8a0
Bump docker/setup-qemu-action from 2.2.0 to 3.0.0
...
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action ) from 2.2.0 to 3.0.0.
- [Release notes](https://github.com/docker/setup-qemu-action/releases )
- [Commits](https://github.com/docker/setup-qemu-action/compare/v2.2.0...v3.0.0 )
---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-09-13 00:36:27 +00:00
b7230d4b5d
Merge pull request #2392 from drwetter/dependabot/github_actions/docker/build-push-action-4.2.1
...
Bump docker/build-push-action from 4.1.1 to 4.2.1
2023-09-11 10:21:22 +02:00
66cbce6a7d
Bump docker/build-push-action from 4.1.1 to 4.2.1
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 4.1.1 to 4.2.1.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](https://github.com/docker/build-push-action/compare/v4.1.1...v4.2.1 )
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-09-11 00:04:40 +00:00
0791efbbda
Merge pull request #2390 from dcooper16/no_tls1
...
Support OpenSSL with no TLSv1
2023-09-08 11:24:00 +02:00
06e7205687
Support OpenSSL with no TLSv1
...
RFC 8996, Deprecating TLS 1.0 and TLS 1.1, states that TLS clients MUST NOT send a TLS 1.0 or TLS 1.1 ClientHello and MUST respond to a TLS 1.0 or TLS 1.1 ServerHello with a "protocol_version" alert.
At the moment, all versions of OpenSSL support TLS 1.0, TLS 1.1, and TLS 1.2. However, TLS 1.0 and TLS 1.1 are disabled in LibreSSL 3.8.1 and it is possible to compile OpenSSL without support for these protocols (using the configure options no-tls1, no-tls1_1, and no-tls1_2). This commit adds support for versions of $OPENSSL that do not support TLS 1.0 or TLS 1.1.
2023-09-07 07:26:48 -07:00
eaf6e40463
Merge pull request #2388 from drwetter/dependabot/github_actions/actions/checkout-4
...
Bump actions/checkout from 3 to 4
2023-09-05 13:55:33 +02:00
74e3f967a4
Bump actions/checkout from 3 to 4
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-09-05 00:11:20 +00:00
765b5855cc
Merge pull request #2386 from drwetter/strict_parsing_HSTS
...
Strict parser for HSTS
2023-08-28 19:55:57 +02:00
01ab3acde5
Strict parser for HSTS
...
As suggested in #2381 this parses strictly the value for mag-age
in the HSTS header line. While it is implemented only in run_hsts()
it could be extracted to a separate functioni in the future and used
elsewhere too.
The improvement is more strict and catches e.g. '==' signs and issues
a warning. See https://www.rfc-editor.org/rfc/rfc6797#section-6.1.1 .
Also it is picky regarding quotes now which are only allowed enclosing
the value.
2023-08-28 18:33:41 +02:00
c55207d45c
Merge pull request #2385 from drwetter/hide_fast
...
Hide --fast option in help() and issue a warning when it's used
2023-08-28 18:26:36 +02:00
fc0aeaafcd
Merge pull request #2384 from drwetter/OPENSSL2_HAS_TLS_1_3
...
Introducing variable OPENSSL2_HAS_TLS_1_3
2023-08-28 18:26:20 +02:00
0fcddff1cd
Warn when using --fast
...
... in the terminal only for now.
2023-08-28 16:08:04 +02:00
d19675136a
Deprecating $FAST / --fast
...
As this option shows inconsistencies / wrong results and a fix would require
too much work at this moment this option is being hidden from the help. It
wasn't in the ~/doc .
See #849 , #2382 , #1732 etc.
2023-08-28 15:53:02 +02:00
79577a84eb
Introducing variable OPENSSL2_HAS_TLS_1_3
...
If we run with supplied binary AND /usr/bin/openssl supports TLS 1.3
we now have a variable OPENSSL2_HAS_TLS_1_3 which is set to true.
It can be used for subsequent changes where we need TLS 1.3 for or
where it would be better to use TLS 1.3.
2023-08-28 15:42:17 +02:00
1e7219f344
Merge pull request #2383 from ghen2/grep-3.8
...
Fix another grep-3.8 warning on needlessly escaped exclamation mark.
2023-08-28 14:38:18 +02:00
38a09d342c
Fix another grep-3.8 warning on needlessly escaped exclamation mark.
...
See also #2241 and #2242 .
2023-08-28 13:55:46 +02:00
27c77071eb
Merge pull request #2380 from WtfJoke/removeOutdatedDockerImageRefere
...
Remove reference to outdated docker image
2023-08-12 13:12:35 +02:00
b48033e626
Remove outdated docker image
...
The docker image over at https://quay.io/repository/jumanjiman is not maintained anymore. The current version is 3 years old and has various security vulnerabilities, see https://quay.io/repository/jumanjiman/testssl/manifest/sha256:dea0446320f550acac1dfd1f2c592d43b526b737a3d9406388d636cb477053d6?tab=vulnerabilities .
2023-08-10 10:30:16 +02:00
c888475b2c
Merge pull request #2377 from drwetter/3.1dev_to_3.2_references
...
change references from 3.1dev to 3.2
2023-07-31 17:15:15 +02:00
2067ac8123
Fall back to heise.de
...
.. to scan.
It worked in a few examples locally. Other hosts I tried so far weren't
available anymore (like scanme.nmap.org). In order to reduce the burden
we scan now only during PRs.
2023-07-31 16:34:56 +02:00
15b7f7b403
Stop using deprecated OS
2023-07-31 14:03:57 +02:00
fc14a02035
Changed heise.de to example.com as sometimes we're blocked
2023-07-31 13:44:35 +02:00
9e76b1e9ce
Change content here too
2023-07-31 12:51:29 +02:00
6669af2fc5
remove this one (3.2 see previous commit)
2023-07-31 12:46:50 +02:00
5246194bee
further files which contained 3.1dev
2023-07-31 12:46:04 +02:00
b6143e1fb9
Change references from 3.1dev to 3.2
2023-07-31 12:40:56 +02:00
3c0ae4663f
Merge pull request #2375 from dcooper16/line_endings
...
Fix line endings in etc/curves-mapping.txt
2023-07-03 19:56:22 +02:00
d0e1c4a8e7
Fix line endings in etc/curves-mapping.txt
...
The file etc/curves-mapping.txt currently has CRLF line endings and this seems to cause problems with git since .gitattributes now specifies LF line endings for .txt files. This commit changes the line endings for the file in order to (hopefully) prevent problems with git.
2023-07-03 08:50:23 -07:00
3a80a13d66
Merge pull request #2372 from drwetter/dependabot/github_actions/docker/build-push-action-4.1.1
...
Bump docker/build-push-action from 4.1.0 to 4.1.1
2023-06-15 13:27:40 +02:00
6f7477ea9c
Bump docker/build-push-action from 4.1.0 to 4.1.1
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 4.1.0 to 4.1.1.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](https://github.com/docker/build-push-action/compare/v4.1.0...v4.1.1 )
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-06-14 00:58:02 +00:00
864877df0e
Merge pull request #2370 from drwetter/dependabot/github_actions/docker/setup-qemu-action-2.2.0
...
Bump docker/setup-qemu-action from 2.1.0 to 2.2.0
2023-06-12 10:20:44 +02:00
69549d815f
Merge pull request #2369 from drwetter/dependabot/github_actions/docker/login-action-2.2.0
...
Bump docker/login-action from 2.1.0 to 2.2.0
2023-06-12 10:20:21 +02:00
35590baa5a
Merge pull request #2371 from drwetter/dependabot/github_actions/docker/build-push-action-4.1.0
...
Bump docker/build-push-action from 4.0.0 to 4.1.0
2023-06-12 10:19:54 +02:00
4e391cf799
Bump docker/build-push-action from 4.0.0 to 4.1.0
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 4.0.0 to 4.1.0.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](https://github.com/docker/build-push-action/compare/v4.0.0...v4.1.0 )
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-06-12 01:15:58 +00:00
5c552e7060
Bump docker/setup-qemu-action from 2.1.0 to 2.2.0
...
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action ) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/docker/setup-qemu-action/releases )
- [Commits](https://github.com/docker/setup-qemu-action/compare/v2.1.0...v2.2.0 )
---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-06-08 00:58:14 +00:00
c3f4cee7a7
Bump docker/login-action from 2.1.0 to 2.2.0
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](https://github.com/docker/login-action/compare/v2.1.0...v2.2.0 )
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-06-08 00:58:09 +00:00
7f49af1100
Merge pull request #2367 from drwetter/Improve_ServerHello_ErrorMessage
...
Make clear where the parsing error comes from: SSL or TLS
2023-06-05 12:45:28 +02:00
858f00304c
tiny clarification in debug mode
2023-06-02 16:57:47 +02:00
6e2b9ae1c6
Make clear where the parsing error comes from: SSL or TLS
2023-06-02 16:43:27 +02:00
00b510d08c
Merge pull request #2364 from drwetter/lineending_lf
...
try to fix the line ending problem using .gitattributes .
2023-05-23 18:39:29 +02:00
947b2565e6
Merge pull request #2363 from teki69/patch-1
...
Fix CRL conversion issue when already in PEM format
2023-05-23 18:38:46 +02:00
33211c0cf1
add file types to be interpreted w lf line endings
2023-05-23 16:18:42 +02:00
e6abc5fedc
Try to fix the line ending problem
...
... at github when using the browser for a PR.
It seems that the web interface inserts an additional CR
and doesn't stick to the LF line endings.
Not sure it helps though. It can't hurt though.
2023-05-23 16:12:11 +02:00
eb76fd08cb
Adds a warning when downloaded CRL is PEM format
2023-05-23 11:37:03 +02:00
ebcb5554a8
Fix CRL conversion issue when already in PEM format
...
If downloaded CRL file is already in PEM format, openssl command will fail as it is always trying to convert from a DER-encoded CRL.
This commit is for adding a test of the CRL format prior to running the openssl crl conversion.
Note: as the openssl verify command then assumes that a .pem tmpfile has been generated by the conversion, there would be an issue when the conversion was not needed (i.e. CRL already PEM-encoded) as that .pem would be missing; therefore I also added a copy of the .crl file to a .crl.pem file before the optional conversion.
2023-05-22 17:10:25 +02:00
f71619326d
Merge pull request #2362 from drwetter/fix_2361_dnsminimal
...
Fix misleading output
2023-05-16 10:44:56 +02:00
9b8dc3a07e
Fix misleading output
...
... when instructed to do no DNS queries at all
2023-05-16 09:05:04 +02:00
be987d17a0
Merge pull request #2360 from mum-viadee/run_renego_sni_patch
...
Secure renegotiations tests need servername for servers that use SNI
2023-05-15 15:26:37 +02:00
22a4f52774
Clarify comment, redone
2023-05-15 15:20:54 +02:00
dependabot[bot]
Dirk Wetter
David Cooper
Geert Hendrickx
Manuel
teki69
mum-viadee