Commit Graph

4449 Commits

Author SHA1 Message Date
David Cooper 3420c86e7f Merge branch 'master' into fix_issue_276 2016-06-13 14:55:55 -04:00
Dirk Wetter d4454d009b Merge pull request #383 from dcooper16/printSAN
Printing of subjectAltName extension
2016-06-13 19:32:31 +02:00
David Cooper 1d0c8cb3f8 Printing of subjectAltName extension
Modify the extraction of the subjectAltName extension from certificates in order to address SANs with name forms other than DNS and otherName.
2016-06-13 12:52:19 -04:00
David Cooper b264714fd9 Add check of IP address
compare_server_name_to_cert() now checks the DNS names and IP addresses in the subjectAltName extension for a match.
2016-06-13 11:09:15 -04:00
David Cooper 0a1c4d565c Merge branch 'master' into fix_issue_276 2016-06-13 10:59:34 -04:00
Frank Breedijk 701545dbb6 Allow the file output feature and mass_test feature to work together 2016-06-13 15:35:56 +02:00
Dirk Wetter 88fd5c4e19 Merge pull request #381 from PeterMosmans/chachanaming
Updated ChaCha20 cipher names
2016-06-13 08:27:28 +02:00
Peter Mosmans a06c71d915 Updated ChaCha20 cipher names
See https://tools.ietf.org/html/draft-ietf-tls-chacha20-poly1305-04 (the latest version as of this writing is 04).
The previous version received the suffix _2013. See https://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-04
2016-06-13 10:34:04 +10:00
Dirk Wetter 1b7653e438 Update Readme.md 2016-06-11 09:08:51 +02:00
David Cooper b7fe461a6c Merge branch 'master' into openss2rfc_rfc2openssl 2016-06-10 15:34:00 -04:00
David Cooper 706db7553f Merge branch 'master' into more_sslv2_sslv3_fixes 2016-06-10 15:30:56 -04:00
David Cooper 76ea57863a Merge branch 'master' into run_allciphers(),run_cipher_per_proto(),-and-SSLv2 2016-06-10 15:29:00 -04:00
David Cooper f84ebd99b5 Merge branch 'master' into fix_issue_276 2016-06-10 15:27:46 -04:00
David Cooper 52d6eabdf7 Merge branch 'master' into version_negotiation
Conflicts:
	testssl.sh
2016-06-10 15:26:29 -04:00
Dirk Wetter 61a049ccf9 Merge pull request #380 from dcooper16/runallciphers128limit
run_cipher_per_proto() 128-cipher limit
2016-06-10 20:30:47 +02:00
David Cooper 8c86049848 run_cipher_per_proto() 128-cipher limit
Ensure that neither run_allciphers() nor run_cipher_per_proto() sends a ClientHello with 128 or more cipher suites.
2016-06-10 13:45:25 -04:00
David Cooper b566da94f5 Revised to use arrays
Here is a revision that creates a mapping file (similar to mapping.txt, but that mirrors the formatting of "$OPENSSL ciphers -V" and that includes all cipher suites, even ones for which there is no OpenSSL name), loads the contents of the file into arrays, and then uses the arrays to implement openssl2rfc() and rfc2openssl().
2016-06-10 11:11:39 -04:00
David Cooper b8348c6454 Merge branch 'master' into version_negotiation 2016-06-09 10:21:49 -04:00
David Cooper bf4134844c Merge branch 'master' into run_allciphers(),run_cipher_per_proto(),-and-SSLv2 2016-06-09 10:21:09 -04:00
David Cooper c20d2dfc6f Merge branch 'master' into more_sslv2_sslv3_fixes 2016-06-09 10:20:20 -04:00
David Cooper c1624782d5 Merge branch 'master' into openss2rfc_rfc2openssl 2016-06-09 10:18:29 -04:00
David Cooper 189fe662f5 Merge branch 'master' into fix_issue_276 2016-06-09 10:17:49 -04:00
Dirk adbb1932eb simplified cipher and protocol retrieval in 'Testing server preferences' 2016-06-09 15:56:53 +02:00
David Cooper c656015312 Merge branch 'master' into version_negotiation
Conflicts:
	testssl.sh
2016-06-09 09:34:37 -04:00
David Cooper d2bded1114 Merge branch 'master' into run_allciphers(),run_cipher_per_proto(),-and-SSLv2 2016-06-09 09:33:05 -04:00
David Cooper aa9eeaf6af Merge branch 'master' into more_sslv2_sslv3_fixes
Conflicts:
	testssl.sh
2016-06-09 09:31:46 -04:00
David Cooper a46b6791db Merge branch 'master' into fix_issue_276 2016-06-09 09:29:40 -04:00
Dirk d561687554 initial commit 2016-06-09 15:06:42 +02:00
Dirk 6b07b89946 - added values to curve448 + 25519 2016-06-09 13:18:55 +02:00
Dirk 5ceace33e0 - FIX #189 with a smart check, introduced global var SERVER_SIZE_LIMIT_BUG
- introduced "has_server_protocol()" which can be used to check b4 connecting if protocol is a/v
2016-06-09 11:04:40 +02:00
Dirk 94d5a8df80 hint for new (etxernal) binaries 2016-06-09 00:06:11 +02:00
David Cooper eb9e2d85a0 Merge branch 'master' into version_negotiation 2016-06-08 13:47:35 -04:00
David Cooper ce9b277b2c Merge branch 'master' into run_allciphers(),run_cipher_per_proto(),-and-SSLv2 2016-06-08 13:47:01 -04:00
David Cooper b5765bfda0 Merge branch 'master' into openss2rfc_rfc2openssl 2016-06-08 13:46:18 -04:00
David Cooper 90fcb3500c Merge branch 'master' into more_sslv2_sslv3_fixes 2016-06-08 13:45:22 -04:00
David Cooper a224bb5068 Merge branch 'master' into fix_issue_276 2016-06-08 13:44:16 -04:00
David Cooper 5e3d4d127c Mask error when no $MAPPING_FILE_RFC
Redirect error output to $ERRFILE if $MAPPING_FILE_RFC is missing.
2016-06-08 12:07:23 -04:00
Dirk Wetter f754d67e74 Merge pull request #377 from dcooper16/curve25519
Adding x25519 and x448 to ClientHello
2016-06-08 17:32:28 +02:00
David Cooper 4750c3f0d5 Adding x25519 and x448 to ClientHello
This added x25519 and x448 to the list of supported elliptic curves in the ClientHello created by socksend_tls_clienthello().
2016-06-08 11:25:47 -04:00
David Cooper 5edd005df0 Merge branch 'master' into version_negotiation
Conflicts:
	testssl.sh
2016-06-08 09:52:45 -04:00
David Cooper 130aa350d2 Merge branch 'master' into run_allciphers(),run_cipher_per_proto(),-and-SSLv2 2016-06-08 09:48:18 -04:00
David Cooper 0c146ef7a1 Merge branch 'master' into openss2rfc_rfc2openssl 2016-06-08 09:47:37 -04:00
David Cooper cbb20bf661 Merge branch 'master' into more_sslv2_sslv3_fixes 2016-06-08 09:46:58 -04:00
David Cooper eaad4c7dd8 Merge branch 'master' into fix_issue_276 2016-06-08 09:46:25 -04:00
Dirk Wetter c929fba206 Merge pull request #342 from dcooper16/socksend_tls_clienthello_extensions
More extensions in socksend_tls_clienthello()
2016-06-08 10:39:17 +02:00
Dirk 022dbc687a Merge branch 'master' of github.com:drwetter/testssl.sh 2016-06-07 23:07:17 +02:00
Dirk d858edca1b - filled PROTOS_OFFERED w sense
- minor fixes for fileout
- introduced "fixme()"
2016-06-07 23:06:58 +02:00
Dirk Wetter 1d051a24e0 Merge pull request #374 from dcooper16/CREDITS
Update CREDITS.md
2016-06-07 22:40:56 +02:00
David Cooper fa866f6458 Update CREDITS.md 2016-06-07 14:23:33 -04:00
David Cooper 253ba29cde openssl2rfc and rfc2openssl
This PR provides implementations of openssl2rfc and rfc2openssl. It also uses openssl2rfc() in run_server_preference() to help determine how to display the "negotiated cipher." I believe that using the RFC names addresses the current FIXME:

FIXME BEAST: We miss some CBC ciphers here, need to work w/ a list"
2016-06-07 14:02:48 -04:00