See #1148 and #1805.
As noted in #1148, testssl.sh is not current designed to handle a mass testing file in which CSV, HTML, LOG, and/or JSON file names are provided in the mass testing file. If a child process receives a command line with one of the files, it assumes the same command-line option was provided to the parent so that the output of every test is being written to this one file. If this assumption is wrong, then either the file will not be created at all or it will be malformed since it will be missing header and/or footer information.
This PR partially addresses the problem by introducing new command-line arguments that are for internal use only. These command line arguments allow a child process to distinguish between a CSV, HTML, LOG, or JSON file that it is supposed to create itself versus one that is to be shared by all of the child processes.
There is one major limitation to this PR. The code for handle command-line arguments in the mass testing file is very simple and cannot handle whitespace characters, whether they are enclosed in quotes or are escaped. So, any file names included in the mass testing file cannot have whitespace characters.
Workaround for bug see #1717. In addition: Bring the test closer to a cleaner style,
as the others
Should --ids-firednly could be as well be removed when travis runs faster.
As there is `apk upgrade` and `apk update`, the apk index will already
be existed. `--no-cache` is for `apk` when there is no `apk update`
behavior and it's expected to be no local cache left, not suitable for
the use case here, which wants to upgrade all the package to the latest
when packaging the image.
... in order to be consistent with run_server_preference().
The wide formatting of other tests need some inspection and
off the top off my head are not as perfectly formatted so that
they should not run per default in wide mode.
Often in the past travis was hitting a limit (50min?).
This is a try to make reasonable cuts to the unit tests:
- For STARTTLS some checks with OPenSSL are skipped
- For JSON and HTML outputs --ids-friendly was added assumming we
don't change the output of ticketbleed, CCSI, HeartBleed and ROBOT any more.
- There's also not point to run those checks against badssl
- for the diff check we switch to 'or diag' to display a dfifference
Dirk Wetter
fogs
David Cooper
tosticated
tosticated
Peter Dave Hello
Alexander Troost