Git
/
testssl.sh
mirror of https://github.com/drwetter/testssl.sh.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
4,409 Commits 14 Branches 30 Tags 208 MiB
Commit Graph

4409 Commits

Author SHA1 Message Date
Dirk Wetter b3c49b584d
Merge pull request #2227 from dcooper16/fix_data_after_finished 
Fix decrypting TLS 1.3 server response
 2022-09-07 10:11:39 +02:00
Dirk Wetter 34f7b4d8a3
Merge pull request #2229 from cancom/feat/overall_grade 
Consistent overall_grade output
 2022-09-07 10:10:12 +02:00
Dirk Wetter 7e885b4b95
Merge pull request #2225 from dcooper16/fix_determine_cert_compression 
Fix determine_cert_compression() and certificate_transparency()
 2022-09-07 10:08:25 +02:00
Benedict Becker 075bdc5fbf
Consistent overall_grade output 2022-09-07 09:38:59 +02:00
David Cooper 0403149b61 Fix determine_cert_compression() and certificate_transparency() 
determine_cert_compression() and certificate_transparency() do not work in debug mode, since tls_sockets() writes debugging messages to stdout. This commit fixes the problem by having determine_cert_compression() and certificate_transparency() return their results using a global variable rather than writing the results to stdout and having having run_server_defaults() catch the output.
 2022-09-06 11:09:18 -07:00
David Cooper 963b606168 Fix decrypting TLS 1.3 server response 
There is at least one server that includes a new session ticket in the same packet as the Finished message. This confuses check_tls_serverhellodone() since the new session ticket is encrypted under the application traffic keys rather than the handshake keys. check_tls_serverhellodone(), being unable to decrypt the new session ticket reports a failure and does not return any of the decrypted data.

This commit fixes the problem by having check_tls_serverhellodone() simply return (or ignore) any data that appears after the Finished message. If such data is returned, then tls_sockets() derives the application traffic keys and decrypts it so that it can be parsed by parse_tls_serverhello().
 2022-09-06 09:58:45 -07:00
Dirk Wetter 814bc8b6f5
Merge pull request #2223 from drwetter/new_binaries 
New openssl binaries
 2022-09-05 14:59:41 +02:00
Dirk d7b5abe8c1 Add Darwin binary from #2224 2022-09-05 14:57:16 +02:00
Dirk 48c7e2d25c New FreeBSD x64 binary 2022-09-01 19:26:10 +02:00
Dirk e285b48fd0 New Linux 32 binary 2022-09-01 19:20:41 +02:00
Dirk 8ab3aba818 Correct link 2022-09-01 19:06:30 +02:00
Dirk 7016c4a815 Add newer Linux 64 bit binaries 
* supporting xmpp-server, see #1575, #1589
* address security bug, see #2179
 2022-09-01 17:22:28 +02:00
Dirk f36e2afa5e Review text, renew some paragraphs 2022-09-01 17:21:00 +02:00
Dirk Wetter 5442981b63
Merge pull request #2222 from drwetter/fix_xmppserver_detection 
Fix xmpp-server detection
 2022-08-31 17:21:59 +02:00
Dirk Wetter 2071feafe3 Fix xmpp-server detection 
See #1575
 2022-08-31 09:09:05 +02:00
Dirk Wetter 0b29be2444
Merge pull request #2220 from ghen2/lmtp 
Send a proper LHLO command with argument (like EHLO), to fix -t lmtp.
 2022-08-28 20:10:01 +02:00
Geert Hendrickx e77dd4a825
Send a proper LHLO command with argument (like EHLO), to fix -t lmtp. 2022-08-27 21:42:33 +02:00
Dirk Wetter b577234e6d
Merge pull request #2217 from drwetter/3.2rc1 
Bump version 3.1dev to first release candidate
 2022-08-22 20:27:03 +02:00
Dirk dd01effcfb Bump version to first release candidate 2022-08-22 16:49:06 +02:00
Dirk Wetter 33f28f881b
Merge pull request #2215 from drwetter/alpine3.16-dockerfile 
Upgrade Alpine version to the latest stable
 2022-08-22 16:37:43 +02:00
Dirk Wetter abb8f82d85
Upgrade Alpine version to the latest stable 
3.16.
 2022-08-22 16:31:59 +02:00
Dirk Wetter 3ac6bd9335
Merge pull request #2210 from dcooper16/fix_cipher_grading 
Fix cipher grading
 2022-08-22 12:09:20 +02:00
Dirk Wetter 85a30a6ded
Merge pull request #2214 from drwetter/minor_typo 
Fix typo...
 2022-08-22 11:56:59 +02:00
Dirk Wetter 349486fb39
Merge pull request #2211 from dcooper16/fix2198 
Fix #2198
 2022-08-22 11:55:33 +02:00
Dirk Wetter ad644e1cec Fix typo... 
Thanks to codespell
 2022-08-22 08:49:04 +02:00
Dirk Wetter 79a4de0513
Merge pull request #2212 from drwetter/dependabot/github_actions/docker/build-push-action-3.1.1 
Bump docker/build-push-action from 3.1.0 to 3.1.1
 2022-08-21 13:23:53 +02:00
dependabot[bot] c35ed29785
Bump docker/build-push-action from 3.1.0 to 3.1.1 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v3.1.0...v3.1.1)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-08-08 00:56:07 +00:00
David Cooper c0aafabfef Fix cipher grading 
This commit fixes the way that ciphers are graded by only calling set_ciph_str_score() from neat_list() if the cipher suite is supported (i.e., if how2show is true).
 2022-08-04 12:29:23 -07:00
David Cooper 4dae3895e4 Fix #2198 
This commit fixes #2198 by ensuring that a comma is added before "service" finding if $FIRST_FINDING is false.
 2022-08-02 17:18:52 -04:00
Dirk Wetter 730c758488
Merge pull request #2206 from drwetter/update_bug_report 
Update bug_report.md
 2022-08-02 13:28:56 +02:00
Dirk Wetter 8e6aa10e22
Merge pull request #2209 from drwetter/drwetter-patch-1 
Update feature_request.md
 2022-08-02 13:28:31 +02:00
Dirk Wetter 78423d3e7d
Update feature_request.md 2022-08-02 13:18:49 +02:00
Dirk Wetter 901f5712f1
Merge pull request #2207 from drwetter/fix_2203_rating 
Address grading bug when --show-each is used
 2022-08-02 13:08:45 +02:00
Dirk Wetter 4f38646523 Address grading bug when --show-each is used 
This fixes #2203. When used -E with -9 and --show-each the grading wasn't
correct as all ciphers printed were included in the grading verdict instead
of just the ones available.
 2022-08-02 10:44:41 +02:00
Dirk Wetter ffd9129f8d
Update bug_report.md 
fix missing char
 2022-08-01 14:15:42 +02:00
Dirk Wetter d929c1d833
Update bug_report.md 2022-08-01 14:14:11 +02:00
Dirk Wetter 4e0309cb99
Merge pull request #2205 from drwetter/dependabot/github_actions/docker/build-push-action-3.1.0 
Bump docker/build-push-action from 3.0.0 to 3.1.0
 2022-08-01 14:00:02 +02:00
dependabot[bot] b10a96d96e
Bump docker/build-push-action from 3.0.0 to 3.1.0 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v3.0.0...v3.1.0)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-07-20 00:25:25 +00:00
Dirk Wetter 88e80d2688
Merge pull request #2201 from drwetter/readme-patch 
Update README.md
 2022-07-02 22:13:06 +02:00
Dirk Wetter 12654b904b
Update README.md 2022-07-02 22:12:56 +02:00
Dirk Wetter 559049fa60
Merge pull request #2200 from drwetter/cert_update 
Update cert stores
 2022-07-02 22:11:24 +02:00
Dirk e217af0324 Remove the expired DST Root CA X3 cert from ... 
Apple / Linux / Microsoft stores
 2022-07-02 16:02:30 +02:00
Dirk d79504ea8a Reference to remove DST Root CA 2022-07-02 16:00:16 +02:00
Dirk 9f4a3b359c add new stores 2022-07-02 15:59:00 +02:00
Dirk fb2b4935ac Java.pem from Oracle jdk-17.0.3.1 2022-07-01 22:01:36 +02:00
Dirk dca2672d88 Apple.pem: picked from Internet (see etc/Readme.md) 2022-07-01 21:55:43 +02:00
Dirk 285eb60d45 add loop for Apple.pem 2022-07-01 21:51:25 +02:00
Dirk f1003d62f8 fine tune instructions for Apple.pem 2022-07-01 21:45:02 +02:00
Dirk 8b580d1448 Update cert store: Linux + Mozilla 2022-07-01 21:32:38 +02:00
Dirk Wetter 153ce87982
Merge pull request #2194 from dcooper16/reorganize_ciphers_by_strength 
Reorganize ciphers_by_strength()
 2022-07-01 21:26:26 +02:00