Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-09-02 18:18:29 +02:00
Code Issues Packages Projects Releases Wiki Activity
4,607 Commits 15 Branches 34 Tags
34ebe22e48184c4b7849fda430309e530da121cf
Commit Graph

4607 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dirk Wetter
8e51a5c3d7 Merge pull request #2398 from drwetter/dependabot/github_actions/docker/setup-buildx-action-3 
Bump docker/setup-buildx-action from 2 to 3
 2023-09-13 10:31:30 +02:00
Dirk Wetter
44428af875 Merge pull request #2397 from drwetter/dependabot/github_actions/docker/login-action-3.0.0 
Bump docker/login-action from 2.2.0 to 3.0.0
 2023-09-13 10:31:02 +02:00
Dirk Wetter
2e549c1b7d Merge pull request #2396 from drwetter/dependabot/github_actions/docker/metadata-action-5 
Bump docker/metadata-action from 4 to 5
 2023-09-13 10:30:42 +02:00
Dirk Wetter
1d626afabe Merge pull request #2395 from drwetter/dependabot/github_actions/docker/build-push-action-5.0.0 
Bump docker/build-push-action from 4.2.1 to 5.0.0
 2023-09-13 10:30:19 +02:00
Dirk Wetter
13256e1e65 Merge pull request #2394 from drwetter/dependabot/github_actions/docker/setup-qemu-action-3.0.0 
Bump docker/setup-qemu-action from 2.2.0 to 3.0.0
 2023-09-13 10:29:58 +02:00
dependabot[bot]
5868562646 Bump docker/setup-buildx-action from 2 to 3 
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2 to 3.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](https://github.com/docker/setup-buildx-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-13 00:36:49 +00:00
dependabot[bot]
93a8e31497 Bump docker/login-action from 2.2.0 to 3.0.0 
Bumps [docker/login-action](https://github.com/docker/login-action) from 2.2.0 to 3.0.0.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v2.2.0...v3.0.0)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-13 00:36:43 +00:00
dependabot[bot]
1064a3e3e8 Bump docker/metadata-action from 4 to 5 
Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 4 to 5.
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Upgrade guide](https://github.com/docker/metadata-action/blob/master/UPGRADE.md)
- [Commits](https://github.com/docker/metadata-action/compare/v4...v5)

---
updated-dependencies:
- dependency-name: docker/metadata-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-13 00:36:38 +00:00
dependabot[bot]
b1986adea9 Bump docker/build-push-action from 4.2.1 to 5.0.0 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 4.2.1 to 5.0.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v4.2.1...v5.0.0)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-13 00:36:32 +00:00
dependabot[bot]
f8036fd8a0 Bump docker/setup-qemu-action from 2.2.0 to 3.0.0 
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 2.2.0 to 3.0.0.
- [Release notes](https://github.com/docker/setup-qemu-action/releases)
- [Commits](https://github.com/docker/setup-qemu-action/compare/v2.2.0...v3.0.0)

---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-13 00:36:27 +00:00
Dirk Wetter
b7230d4b5d Merge pull request #2392 from drwetter/dependabot/github_actions/docker/build-push-action-4.2.1 
Bump docker/build-push-action from 4.1.1 to 4.2.1
 2023-09-11 10:21:22 +02:00
dependabot[bot]
66cbce6a7d Bump docker/build-push-action from 4.1.1 to 4.2.1 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 4.1.1 to 4.2.1.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v4.1.1...v4.2.1)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-11 00:04:40 +00:00
Dirk Wetter
0791efbbda Merge pull request #2390 from dcooper16/no_tls1 
Support OpenSSL with no TLSv1
 2023-09-08 11:24:00 +02:00
David Cooper
06e7205687 Support OpenSSL with no TLSv1 
RFC 8996, Deprecating TLS 1.0 and TLS 1.1, states that TLS clients MUST NOT send a TLS 1.0 or TLS 1.1 ClientHello and MUST respond to a TLS 1.0 or TLS 1.1 ServerHello with a "protocol_version" alert.

At the moment, all versions of OpenSSL support TLS 1.0, TLS 1.1, and TLS 1.2. However, TLS 1.0 and TLS 1.1 are disabled in LibreSSL 3.8.1 and it is possible to compile OpenSSL without support for these protocols (using the configure options no-tls1, no-tls1_1, and no-tls1_2). This commit adds support for versions of $OPENSSL that do not support TLS 1.0 or TLS 1.1.
 2023-09-07 07:26:48 -07:00
Dirk Wetter
eaf6e40463 Merge pull request #2388 from drwetter/dependabot/github_actions/actions/checkout-4 
Bump actions/checkout from 3 to 4
 2023-09-05 13:55:33 +02:00
dependabot[bot]
74e3f967a4 Bump actions/checkout from 3 to 4 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-05 00:11:20 +00:00
Dirk Wetter
765b5855cc Merge pull request #2386 from drwetter/strict_parsing_HSTS 
Strict parser for HSTS
 2023-08-28 19:55:57 +02:00
Dirk
01ab3acde5 Strict parser for HSTS 
As suggested in #2381 this parses strictly the value for mag-age
in the HSTS header line. While it is implemented only in run_hsts()
it could be extracted to a separate functioni in the future and used
elsewhere too.

The improvement is more strict and catches e.g. '==' signs and issues
a warning. See https://www.rfc-editor.org/rfc/rfc6797#section-6.1.1 .

Also it is picky regarding quotes now which are only allowed enclosing
the value.
 2023-08-28 18:33:41 +02:00
Dirk Wetter
c55207d45c Merge pull request #2385 from drwetter/hide_fast 
Hide --fast option in help() and issue a warning when it's used
 2023-08-28 18:26:36 +02:00
Dirk Wetter
fc0aeaafcd Merge pull request #2384 from drwetter/OPENSSL2_HAS_TLS_1_3 
Introducing variable OPENSSL2_HAS_TLS_1_3
 2023-08-28 18:26:20 +02:00
Dirk
0fcddff1cd Warn when using --fast 
... in the terminal only for now.
 2023-08-28 16:08:04 +02:00
Dirk
d19675136a Deprecating $FAST / --fast 
As this option shows inconsistencies / wrong results and a fix would require
too much work at this moment this option is being hidden from the help. It
wasn't in the ~/doc .

See #849 , #2382, #1732 etc.
 2023-08-28 15:53:02 +02:00
Dirk
79577a84eb Introducing variable OPENSSL2_HAS_TLS_1_3 
If we run with supplied binary AND /usr/bin/openssl supports TLS 1.3
we now have a variable OPENSSL2_HAS_TLS_1_3 which is set to true.

It can be used for subsequent changes where we need TLS 1.3 for or
where it would be better to use TLS 1.3.
 2023-08-28 15:42:17 +02:00
Dirk Wetter
1e7219f344 Merge pull request #2383 from ghen2/grep-3.8 
Fix another grep-3.8 warning on needlessly escaped exclamation mark.
 2023-08-28 14:38:18 +02:00
Geert Hendrickx
38a09d342c Fix another grep-3.8 warning on needlessly escaped exclamation mark. 
See also #2241 and #2242.
 2023-08-28 13:55:46 +02:00
Dirk Wetter
27c77071eb Merge pull request #2380 from WtfJoke/removeOutdatedDockerImageRefere 
Remove reference to outdated docker image
 2023-08-12 13:12:35 +02:00
Manuel
b48033e626 Remove outdated docker image 
The docker image over at https://quay.io/repository/jumanjiman is not maintained anymore.  The current version is 3 years old and has various security vulnerabilities, see https://quay.io/repository/jumanjiman/testssl/manifest/sha256:dea0446320f550acac1dfd1f2c592d43b526b737a3d9406388d636cb477053d6?tab=vulnerabilities.
 2023-08-10 10:30:16 +02:00
Dirk Wetter
c888475b2c Merge pull request #2377 from drwetter/3.1dev_to_3.2_references 
change references from 3.1dev to 3.2
 2023-07-31 17:15:15 +02:00
Dirk
2067ac8123 Fall back to heise.de 
.. to scan.

It worked in a few examples locally. Other hosts I tried so far weren't
available anymore (like scanme.nmap.org). In order to reduce the burden
we scan now only during PRs.
 2023-07-31 16:34:56 +02:00
Dirk
15b7f7b403 Stop using deprecated OS 2023-07-31 14:03:57 +02:00
Dirk
fc14a02035 Changed heise.de to example.com as sometimes we're blocked 2023-07-31 13:44:35 +02:00
Dirk
9e76b1e9ce Change content here too 2023-07-31 12:51:29 +02:00
Dirk
6669af2fc5 remove this one (3.2 see previous commit) 2023-07-31 12:46:50 +02:00
Dirk
5246194bee further files which contained 3.1dev 2023-07-31 12:46:04 +02:00
Dirk
b6143e1fb9 Change references from 3.1dev to 3.2 2023-07-31 12:40:56 +02:00
Dirk Wetter
3c0ae4663f Merge pull request #2375 from dcooper16/line_endings 
Fix line endings in etc/curves-mapping.txt
 2023-07-03 19:56:22 +02:00
David Cooper
d0e1c4a8e7 Fix line endings in etc/curves-mapping.txt 
The file etc/curves-mapping.txt currently has CRLF line endings and this seems to cause problems with git since .gitattributes now specifies LF line endings for .txt files. This commit changes the line endings for the file in order to (hopefully) prevent problems with git.
 2023-07-03 08:50:23 -07:00
Dirk Wetter
3a80a13d66 Merge pull request #2372 from drwetter/dependabot/github_actions/docker/build-push-action-4.1.1 
Bump docker/build-push-action from 4.1.0 to 4.1.1
 2023-06-15 13:27:40 +02:00
dependabot[bot]
6f7477ea9c Bump docker/build-push-action from 4.1.0 to 4.1.1 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 4.1.0 to 4.1.1.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v4.1.0...v4.1.1)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-06-14 00:58:02 +00:00
Dirk Wetter
864877df0e Merge pull request #2370 from drwetter/dependabot/github_actions/docker/setup-qemu-action-2.2.0 
Bump docker/setup-qemu-action from 2.1.0 to 2.2.0
 2023-06-12 10:20:44 +02:00
Dirk Wetter
69549d815f Merge pull request #2369 from drwetter/dependabot/github_actions/docker/login-action-2.2.0 
Bump docker/login-action from 2.1.0 to 2.2.0
 2023-06-12 10:20:21 +02:00
Dirk Wetter
35590baa5a Merge pull request #2371 from drwetter/dependabot/github_actions/docker/build-push-action-4.1.0 
Bump docker/build-push-action from 4.0.0 to 4.1.0
 2023-06-12 10:19:54 +02:00
dependabot[bot]
4e391cf799 Bump docker/build-push-action from 4.0.0 to 4.1.0 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 4.0.0 to 4.1.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v4.0.0...v4.1.0)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-06-12 01:15:58 +00:00
dependabot[bot]
5c552e7060 Bump docker/setup-qemu-action from 2.1.0 to 2.2.0 
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/docker/setup-qemu-action/releases)
- [Commits](https://github.com/docker/setup-qemu-action/compare/v2.1.0...v2.2.0)

---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-06-08 00:58:14 +00:00
dependabot[bot]
c3f4cee7a7 Bump docker/login-action from 2.1.0 to 2.2.0 
Bumps [docker/login-action](https://github.com/docker/login-action) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v2.1.0...v2.2.0)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-06-08 00:58:09 +00:00
Dirk Wetter
7f49af1100 Merge pull request #2367 from drwetter/Improve_ServerHello_ErrorMessage 
Make clear where the parsing error comes from: SSL or TLS
 2023-06-05 12:45:28 +02:00
Dirk
858f00304c tiny clarification in debug mode 2023-06-02 16:57:47 +02:00
Dirk
6e2b9ae1c6 Make clear where the parsing error comes from: SSL or TLS 2023-06-02 16:43:27 +02:00
Dirk Wetter
00b510d08c Merge pull request #2364 from drwetter/lineending_lf 
try to fix the line ending problem using .gitattributes .
 2023-05-23 18:39:29 +02:00
Dirk Wetter
947b2565e6 Merge pull request #2363 from teki69/patch-1 
Fix CRL conversion issue when already in PEM format
 2023-05-23 18:38:46 +02:00