dependabot[bot]
cf28ee6275
Bump docker/build-push-action from 5.3.0 to 5.4.0
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 5.3.0 to 5.4.0.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](https://github.com/docker/build-push-action/compare/v5.3.0...v5.4.0 )
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-06-11 00:40:49 +00:00
Dirk Wetter
5b75dd7f01
Merge pull request #2498 from drwetter/dependabot/github_actions/docker/login-action-3.2.0
...
Bump docker/login-action from 3.1.0 to 3.2.0
2024-05-29 10:55:01 +02:00
dependabot[bot]
0a05e182dd
Bump docker/login-action from 3.1.0 to 3.2.0
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 3.1.0 to 3.2.0.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](https://github.com/docker/login-action/compare/v3.1.0...v3.2.0 )
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-05-29 00:14:03 +00:00
Dirk Wetter
b22f9cb501
Merge pull request #2497 from drwetter/fix_2496
...
Supply overwrite option to --file/-iL with warnings off
2024-05-26 17:37:44 +02:00
Dirk
ed087197fe
Add docu for #2497
2024-05-24 14:00:59 +02:00
Dirk
0d5bb1cd17
mute codespell
2024-05-24 14:00:39 +02:00
Dirk
5af152d575
Address overwrite option to --file/-iL with warnings off
...
When choosing --file or -iL warnings were set in any case to --batch which
needs e.g. crurrenly an interaction when do bacth scanning. This PR enables
to supply WARNINgs / --warnings =off before so that the intercation is mot
needed.
See also #2496 .
2024-05-24 13:53:09 +02:00
Dirk Wetter
e3b3c358fd
Merge pull request #2492 from drwetter/fix2490_add
...
Add / improve #2490
2024-04-26 16:31:12 +02:00
Dirk
e49747ca14
Add / improve #2490
2024-04-26 16:29:43 +02:00
Dirk Wetter
7eadfd12fb
Merge pull request #2491 from drwetter/fix2490_add
...
Add / improve #2490
2024-04-26 16:11:45 +02:00
Dirk
a3d3133c59
Add / improve #2490
2024-04-26 16:10:03 +02:00
Dirk Wetter
4ca02764fa
Merge pull request #2490 from Blyzz616/3.2
...
Update testssl.sh
2024-04-25 09:55:15 +02:00
Jim
6d2aef5c7d
Update testssl.sh
...
added new line character on line 17366
2024-04-24 15:47:34 -07:00
Dirk Wetter
5581499da5
Merge pull request #2487 from Tazmaniac/renego-fix3
...
[Client Renego] Small important fixes
2024-04-02 11:15:12 +02:00
Emmanuel Fusté
6d80ec189f
Small important fixes:
...
- In case of multiple IP testing, clear ERRFILE bettween runs
- Zero return value with server connection close should be taken into
account in the looping logic case too. Add it.
- Break the wait loop in case of connection close for faster result.
- Ignore "notAfter" in the wait loop for expired certificates.
- Indentation and tab cleanup.
Tested on 57 url with previously suspicious results with success. No
regressions on 50 others.
2024-03-26 12:23:38 +01:00
Dirk Wetter
979a22c126
Merge pull request #2480 from drwetter/dependabot/github_actions/docker/build-push-action-5.3.0
...
Bump docker/build-push-action from 5.2.0 to 5.3.0
2024-03-15 11:48:46 +01:00
dependabot[bot]
8704b455eb
Bump docker/build-push-action from 5.2.0 to 5.3.0
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 5.2.0 to 5.3.0.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](https://github.com/docker/build-push-action/compare/v5.2.0...v5.3.0 )
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-03-15 00:50:35 +00:00
Dirk Wetter
375ddf565c
Merge pull request #2475 from Tazmaniac/renego_timing_fix2
...
Renego timing fix2
2024-03-14 13:57:53 +01:00
Dirk Wetter
16efbd645c
Merge pull request #2476 from akabe1/3.2
...
Fix mtls option location in s_client_options() and code cleanup
2024-03-14 10:13:57 +01:00
Dirk Wetter
db9aa231f0
Merge pull request #2478 from drwetter/dependabot/github_actions/docker/login-action-3.1.0
...
Bump docker/login-action from 3.0.0 to 3.1.0
2024-03-14 09:51:26 +01:00
dependabot[bot]
8ca8ead44c
Bump docker/login-action from 3.0.0 to 3.1.0
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](https://github.com/docker/login-action/compare/v3.0.0...v3.1.0 )
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-03-14 00:47:01 +00:00
Dirk Wetter
ed7bdf1571
Merge pull request #2477 from drwetter/dependabot/github_actions/docker/build-push-action-5.2.0
...
Bump docker/build-push-action from 5.1.0 to 5.2.0
2024-03-12 10:03:11 +01:00
dependabot[bot]
bba7299d12
Bump docker/build-push-action from 5.1.0 to 5.2.0
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 5.1.0 to 5.2.0.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](https://github.com/docker/build-push-action/compare/v5.1.0...v5.2.0 )
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-03-11 00:58:43 +00:00
Maurizio S
a1dae24a20
Fix: modified mtls option location in s_client_options() and code cleanup
2024-03-09 09:21:50 +01:00
Emmanuel Fusté
426bfa6cd5
Fix the cleanup ...
2024-03-06 16:02:19 +01:00
Emmanuel Fusté
2824e347b4
Cleanup bash $(( )) arithmetic usage
2024-03-06 15:44:34 +01:00
Emmanuel Fusté
43e55617bb
errorlog filtering fix
...
Filter out verify and deph lines to not reintrodure timing race
condition.
2024-03-06 14:53:34 +01:00
Emmanuel Fusté
91367caa71
Fix and optimisation
...
There is a race condition if openssl exit during a renego but after
the RENEGOTIATING printing.
In this case we could issue a R before the process exit and be blocked
in the waiting loop.
With the safety guards in place (loop count + timeout) this is harmless
but not optimal.
Fix this by:
- reordering the sleep vs echo to let the process exit and catch the
pipe error more frequently.
- exit the while loop if RENEGOTIATING is not the last log line. We
will catch the pipe error on the next for loop echo.
- correct the k variable initialisation
- correct the for (( ; ; )) variable $ convention usage
- reduce the while loop count limit to 120 to align with the global
timeout
2024-03-06 13:57:21 +01:00
Emmanuel Fusté
35496e5c5f
Clean up watchdog file logic
2024-03-04 19:16:48 +01:00
Emmanuel Fusté
81167dc908
Fixes:
...
- Add safety gards againts infinite sleep loop
- correct the for loop test
- reverse the watchdog file logic for sleep loop. No timing dependance.
2024-03-04 18:48:21 +01:00
Emmanuel Fusté
8627ba518f
Kill the heuristic an count the real number of renegociations
...
The heuristic is too fragile and timing dependant.
- As for the initial TLS negociation, wait for the result of the
renegociation request before sending the next one.
- Remove the result ratio calculation and message as we now reach the
timeout in case of exponential backoff or connection hang.
This commit depend on the fix of the timeout, broken by the zombi fix.
2024-03-01 22:02:00 +01:00
Emmanuel Fusté
2bdbdec5d9
Do not wait on pid you are not a parent.
...
The zombi fix did too much modifications breaking the global time-out
function.
As the wait $pid failed, we no longer create the watchdog file.
Fix by reverting unnecessary changes.
2024-03-01 17:40:43 +01:00
Dirk Wetter
a2fdfb011e
Merge pull request #2474 from drwetter/mtls_beta
...
Polish PR2461 (mTLS) + label as beta
2024-02-28 10:22:11 +01:00
Dirk
55ae9bf248
Polish PR2461 (mTLS) + label as beta
...
also revert #1383
2024-02-27 15:59:16 +01:00
Dirk Wetter
94ef475255
Merge pull request #2461 from akabe1/3.2
...
Add mTLS new feature to support scans with client authentication
2024-02-27 15:47:03 +01:00
Dirk Wetter
f84e8c05f5
Merge pull request #2470 from Tazmaniac/renego_timing_fix
...
Correct client_renego timing bug.
2024-02-21 17:17:51 +01:00
Dirk Wetter
32a279730f
Merge pull request #2472 from Tazmaniac/zombies-fix-3.2
...
Fix subshell killing to avoid zombies
2024-02-20 10:03:19 +01:00
Emmanuel Fusté
af20952b86
Fix subshell killing to avoid zombies
...
Learned from the rest of the code ...
2024-02-19 16:19:23 +01:00
Dirk Wetter
19607d7c2c
Merge pull request #2467 from Tazmaniac/mongodb-detection-fix
...
MongoDB identification fix
2024-02-13 17:15:01 +01:00
Emmanuel Fusté
6277613906
Usual spell fixes.
2024-02-13 15:41:35 +01:00
Emmanuel Fusté
4066766de5
MongoDB identification fix
...
The actual code grep for "MongoDB" keyword in the head of the HTTP
session.
In case of "compressed" HTML, a big page is on one line.
On a IT page, we could encounter the "MongoDB" keyword and
miss-identify the application protocol.
Fixed by matching on a longuer string taken from a live MogoDB
server.
2024-02-13 15:00:19 +01:00
Emmanuel Fusté
faae91edbc
Correct client_renego timing bug.
...
OpenSSL will buffer only the first command till the establishment of the
session.
In case of slow session establishment, we could:
* loose some renego trys missing proper mitigation implementation
* loose some renego trys missing a real vulnerable host if 2/3 of the
tries are lost during session establishment (very slow startup).
Wait for the session to be fully establised before starting the renego
loop.
2024-02-13 14:40:53 +01:00
Dirk Wetter
62b5859d52
Merge pull request #2465 from Odinmylord/3.2
...
Add SNI to ticketbleed check
2024-02-09 09:56:58 +01:00
Odinmylord
eb661dadb8
Add SNI to ticketbleed check
2024-02-08 15:01:12 +01:00
Dirk Wetter
c30e541658
Merge pull request #2463 from janbrasna/fix-docker-md-quotes
...
Fix Dockerfile.md formatting
2024-02-02 20:25:46 +01:00
Jan Brasna
1db2df333f
Fix Dockerfile.md formatting
2024-02-02 19:33:08 +01:00
Dirk Wetter
7ec7f8cf32
Merge pull request #2460 from Tazmaniac/client-renego-regression
...
Fixed regression in printing results
2024-01-22 09:51:11 +01:00
Maurizio S
51ab05e651
Update testssl.1.html
2024-01-20 11:49:56 +01:00
Maurizio S
55ef4c09fe
Update testssl.1.md
2024-01-20 11:49:50 +01:00
Maurizio S
83fb9b5b3a
Update CHANGELOG.md
2024-01-20 11:49:41 +01:00