Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-10-11 05:02:54 +02:00
Code Issues Packages Projects Releases Wiki Activity
5,166 Commits 17 Branches 35 Tags
3353627373b134c47b380d80115740158fa8b595
Commit Graph

54 Commits

Author SHA1 Message Date
Dirk
55980c59c3 Add Android 15 handshake 2025-05-08 17:20:15 +02:00
Dirk
81e4856b79 fix typo 2025-04-16 21:35:27 +02:00
Dirk
4a2228f401 Updating Android handshakes 
- Android 13 and 14 were added. They are the same, see ja3 + ja4 value
- as it turned out Android 11 and 12 have also the same ja3 + ja4 values (retrieved from old pcap files)
- so both will be labeled 11/12 an 13/14
- old pcaps from Android 11/12 showed no ALPN --> corrected
 2025-04-16 21:28:08 +02:00
Dirk
5d9d5276e3 Firefox 137 (Win 11) 2025-04-09 20:28:31 +02:00
Dirk
51fce5feb1 fix ja3/4 for Edge 133 Win 11 23H2 2025-04-09 20:18:24 +02:00
Dirk
b18dd2aa28 Edge 133 Win 11 23H2 2025-04-09 20:14:42 +02:00
Dirk
85232b7bc5 Chromium 137 Win 11 2025-04-09 19:31:35 +02:00
Dirk
84e77d2bb0 Java 21 2025-04-09 17:07:19 +02:00
Dirk
31e2f43eec LibreSSL update 3.3.6 (MacOS) 
.. renaming that to macOS instead "Apple".
 2025-04-09 16:51:26 +02:00
Dirk
4f696f94df Add openssl 3.0.15 (from Debian) 
... and set OpenSSL 3.0.3 (git) as not to list
 2025-04-09 16:39:05 +02:00
Dirk
e4cdca9e63 Add Safari 18.4 @ MacOS 15.4 2025-04-09 15:53:11 +02:00
Dirk
d601f33a37 Merge branch '3.2' into new_Handshakes 2025-04-09 10:59:40 +02:00
David Cooper
3a8038636d OpenSSL 3.5.0 client simulation 
Add OpenSSL 3.5.0 to etc/client-simulation.txt.
 2025-04-08 15:26:41 -07:00
Dirk
45be26db7c Add Java 8u442 handshake 
Also the ja3 and ja4 values were added as retrieved from wireshark.

See also #2430 .
 2025-04-07 19:36:34 +02:00
Dirk Wetter
c92a648391 Add LibreSSL from MacOS 2022-05-31 16:17:47 +02:00
Dirk Wetter
854028166d Including AppleMail 2022-05-31 15:12:16 +02:00
Dirk Wetter
b274e3b858 correct openssl 3.0.3 data which made CI action fail 2022-05-31 14:32:47 +02:00
Dirk Wetter
a21a343c1c disable Java 12 and Safari on OS X 10.12 2022-05-31 12:17:38 +02:00
Dirk Wetter
f90b473b32 Add Thunderbid 91.9 to hanshak simulation 2022-05-31 12:10:11 +02:00
Dirk Wetter
86158f0bdf Firefox 100, Chrom and Edge 101 (Win10) 
- disabled Opera (too old)
- disabled ATS 9 / iOS 9
- reenabled Android 8.1
 2022-05-09 17:49:16 +02:00
Dirk Wetter
22d8cd3adf Go client (1.17) 2022-05-06 10:06:03 +02:00
Dirk Wetter
cf79a19598 Add Android 11+12 2022-05-04 19:12:03 +02:00
Dirk Wetter
28e9ddeebd Teating of FFDHE groups 
* readded to the markdown
* readded to the clientsimulations for Java 12
 2022-05-04 18:29:29 +02:00
Dirk Wetter
415043865a Add Java 17 LTS 
plus

* amend documentation
* remove TLS 1.3 ciphers in ch_ciphers for consistency reasons
 2022-05-04 15:46:36 +02:00
Dirk Wetter
d84492a75e Update openssl 3.0.3 2022-05-04 14:32:04 +02:00
Dirk Wetter
03803cf0c9 Add Safari for macOS 2022-05-03 22:11:31 +02:00
Christoph Settgast
82e939f2bd Add wiresharked Android 7.0 (native) 
After being bitten by https://stackoverflow.com/questions/39133437/sslhandshakeexception-handshake-failed-on-android-n-7-0
I add a wiresharked Android 7.0 to reflect that bug in Android 7.0.
 2020-06-23 15:26:31 +02:00
David Cooper
46c05c6732 Fix client simulation 
replace ciphers with ch_ciphers and sni with ch_sni in client simulation data file.
 2020-01-31 10:52:50 -05:00
Dirk Wetter
eeb1acd749 Android 9 still has 2 signature hash algos: x0201 + x0203 2020-01-22 11:41:42 +01:00
Dirk Wetter
7c66ed47c0 All self retrieved Android handshakes modified to service ANY 2020-01-22 10:58:00 +01:00
Dirk Wetter
a50a660d6c Add Android 10 client simulation 2020-01-22 10:54:50 +01:00
Dirk Wetter
86afeabf8f Merge pull request #1438 from drwetter/update_clienthandshakes 
Update clienthandshakes
 2020-01-16 22:26:21 +01:00
Dirk Wetter
13aa6aa433 Readd TLS 1.0 and TLS 1.1 to openssl 1.1.1d (Debian) 
... see previous commit
 2020-01-14 18:17:44 +01:00
Dirk Wetter
09eda2aa97 Update openssl handshakes 
to 1.1.0l and 1.1.1d. Seems that for the latter TLS 1.0 and 1.1
are disabled now, looking at the supported version extension.
However on the command line an s_client connect works. So
this commit need to be amended.
 2020-01-14 18:02:43 +01:00
Dirk Wetter
56e6fa4bb7 Remove FTP as a "service" from Firefox' client simulation 
... as firefox never supported FTP over TLS or SSL, see

https://bugzilla.mozilla.org/show_bug.cgi?id=85464

In general browsers tend to remove noaways cleartext FTP from
browsers.
 2020-01-13 23:11:59 +01:00
Dirk Wetter
8cc3a5f514 Add firefox 71 
... and
* deprecate openssl 1.0.1
* enable Chrome 74 instead of Chrome 65
 2020-01-13 22:57:10 +01:00
David Cooper
420fa73f5a Fix Safari 13.0 Client Simulation 
The ciphersuites string for Safari 13.0 ends with a colon (':'). which causes OpenSSL to reject the command line when client simulation testing is performed in --ssl-native mode. This PR fixes the problem by removing the trailing colon.
 2020-01-13 10:31:20 -05:00
Dirk Wetter
88ec92d622 Add recent Chrome and Opera handshakes 
Chrome 78 and 79, Opera 65 and 66

Remove FTP from Chrome
 2020-01-13 16:02:39 +01:00
Dirk Wetter
cf8cb541d5 Update Thunderbird simulation to v68.3 2020-01-13 11:35:58 +01:00
Christoph Settgast
23b845c11b Update Safari to 13.0 and macOS to 10.14 
manually wiresharked, now with TLS1.3 for macOS as well.
 2019-10-16 20:36:08 +02:00
Dirk Wetter
7238a0167a Change the platform for Java from Ubuntu to OpenJDK 2019-05-07 19:39:20 +02:00
Christoph Settgast
a17f45b563 Add Safari 12.1 on macOS 10.13.6 
manually wiresharked
 2019-05-06 21:19:46 +02:00
Christoph Settgast
8c8a626b49 Remove erroneous DES-CBC-MD5 from Java 11 and 12 
DES-CBC-MD5 was included by utils/hexstream2cipher.sh,
heres the relevant snippet, line 160:

148: c025 --> 0xc0,0x25 --> ECDH-ECDSA-AES128-SHA256
152: c029 --> 0xc0,0x29 --> ECDH-RSA-AES128-SHA256
156: 0067 --> 0x00,0x67 --> DHE-RSA-AES128-SHA256
160: 0040 --> 0x00,0x40 --> DHE-DSS-AES128-SHA256 DES-CBC-MD5
164: c009 --> 0xc0,0x09 --> ECDHE-ECDSA-AES128-SHA
168: c013 --> 0xc0,0x13 --> ECDHE-RSA-AES128-SHA
172: 002f --> 0x00,0x2f --> AES128-SHA
176: c004 --> 0xc0,0x04 --> ECDH-ECDSA-AES128-SHA

Unfortunately I don't know how to fix utils/hexstream2cipher.sh,
but I have manually removed the erroneous cipher and space from
the client-sim.
 2019-05-06 18:07:43 +02:00
Christoph Settgast
11416790cd Add Java 12 from Ubuntu 19.04 
manually wiresharked, detailed version info:

$ java -version
openjdk version "12.0.1" 2019-04-16
OpenJDK Runtime Environment (build 12.0.1+12-Ubuntu-1)
OpenJDK 64-Bit Server VM (build 12.0.1+12-Ubuntu-1, mixed mode, sharing)
 2019-05-04 22:30:46 +02:00
Christoph Settgast
c4b5f33532 Add Java 11 from Ubuntu 18.04 
manually wiresharked, detailed version info:

$ java -version
openjdk version "11.0.2" 2019-01-15
OpenJDK Runtime Environment (build 11.0.2+9-Ubuntu-3ubuntu118.04.3)
OpenJDK 64-Bit Server VM (build 11.0.2+9-Ubuntu-3ubuntu118.04.3, mixed mode)
 2019-05-04 22:20:53 +02:00
Dirk Wetter
bfd6caa624 Fix error + round brackets 
PR #1260 missed a 'current' line which caused an output problem.

I'd like to add round brackets to the displayed name so that we remember
what comes from wireshark and waht from SSLlabs
 2019-05-04 11:05:57 +02:00
Christoph Settgast
67c0dd106e Add Safari 12.1 from iOS 12.2 
Manually Wiresharked
 2019-05-04 00:58:31 +02:00
Dirk Wetter
79a0345213 Fix typo in handshake simulation with openssl 1.1x 
"protos" contained "-no-ssl3" instead of "-no_ssl3"
which lead to an error message "Oops: openssl s_client connect problem"
-- which wasn't caught by the STARTTLS unit test either :-(
 2019-05-02 09:53:51 +02:00
Dirk
955265afa0 Update to chrome 74 2019-04-25 09:17:23 +02:00
Dirk Wetter
64c2bcc949 Add Thunderbird 60.6.1 to client simulation 2019-04-23 13:37:50 +02:00