Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-01-07 09:10:57 +01:00
Code Issues Packages Projects Releases Wiki Activity
3,307 Commits 15 Branches 30 Tags 212 MiB
3c403a2484
Commit Graph

3307 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dirk Wetter
3c403a2484
Merge pull request #1587 from drwetter/np_fix30 
Negotiated protocol showed no warning for TLS 1.1/1.0
 2020-04-25 11:13:49 +02:00
Dirk Wetter
5c73a23cfe Negotiated protocol showed no warning for TLS 1.1/1.0 
.. whereas the protocol section did that.

This fixes the inconsistency.
 2020-04-25 11:06:35 +02:00
Dirk Wetter
ac53ec2531
Merge pull request #1585 from dcooper16/fix_logjam_ssl_native_3.0 
Fix run_logjam() in --ssl-native mode (3.0 branch)
 2020-04-24 09:42:43 +02:00
David Cooper
8723fc78b1 Fix run_logjam() in --ssl-native mode (3.0 branch) 
This commit fixes the same issue as #1584, but in the 3.0 branch.
 2020-04-23 15:01:50 -04:00
Dirk Wetter
2fcbcbe9d1
Merge pull request #1577 from drwetter/drwetter-patch-1 
Update reference to ZIP file
 2020-04-21 20:30:50 +02:00
Dirk Wetter
11123840a7
Merge pull request #1578 from drwetter/1571_30 
Fix misleading phrasing in run of standard ciphers
 2020-04-21 20:30:38 +02:00
Dirk Wetter
5fdeb32f94
Update reference to ZIP file 
to 3.0.1
 2020-04-21 18:58:27 +02:00
Dirk Wetter
4809c763cc Fix misleading phrasing in run of standard ciphers 
see #1571. Bit size doesn't matter. It only matters to the
user which ciphers they are.
 2020-04-21 18:46:57 +02:00
Dirk Wetter
af86cce011 Better version naming 
bugfix releases for 3.0 are    3.0.x instead of 3.0-1
 2020-04-15 12:35:51 +02:00
Dirk Wetter
27948d80a8
Merge pull request #1564 from drwetter/release.3.0-1 
Preparing bugfix release for 3.0
 2020-04-15 09:28:41 +02:00
Dirk Wetter
3f5735a1a0 make the sneaky user agent sneaky again 2020-04-14 14:14:45 +02:00
Dirk
8b1b9f9f27 Preparing bugfix release for 3.0 
* Bump version
* Removed ancient CVS tag detection code
* ~ backported code doc changes (http --> https and more) from @multiflexi
  see 7eba0fbb41
 2020-04-14 13:18:52 +02:00
Dirk Wetter
e51a90d7e1
Merge pull request #1557 from dcooper16/fix1551_30 
Fix #1551 in 3.0
 2020-04-01 22:28:47 +02:00
David Cooper
267ce87733 Fix #1551 in 3.0 
This commit fixes #1551 in the 3.0 branch by changing get_cipher() to recognize RFC names that begin with SSL_*. It also modifies run_beast() so that it does not get stuck in an infinite loop if get_cipher() doesn't return a valid cipher name.
 2020-04-01 13:36:39 -04:00
Dirk Wetter
ec6b724433
Merge pull request #1547 from dcooper16/display_ciphernames_bug_3.0 
Fix bug in setting DISPLAY_CIPHERNAMES in 3.0
 2020-03-25 18:28:30 +01:00
David Cooper
e1c27d61a6 Fix bug in setting DISPLAY_CIPHERNAMES in 3.0 
This commit fixes the same bug as #1546, but in the 3.0 branch.
 2020-03-25 12:59:54 -04:00
Dirk Wetter
b2252002f4
Merge pull request #1539 from mkauschi/http-basic-auth-backport-patch 
backport patch for the http basic auth bug from PR 1538
 2020-03-18 14:51:36 +01:00
manuel
3d60151028 backport patch for the http basic auth bug from PR 1538 2020-03-18 14:08:50 +01:00
Dirk Wetter
4601670bac
Merge pull request #1534 from drwetter/breach_output3 
Fix output for BEAST when no SSL3 or TLS
 2020-03-07 12:15:55 +01:00
Dirk
3f5aa1b7df Fix output for BEAST when no SSL3 or TLS 
LF added
 2020-03-06 22:09:00 +01:00
Dirk Wetter
1f6ebae401
Merge pull request #1532 from dcooper16/fix_typo_emphasize_stuff_in_headers_3.0 
Fix typo in emphasize_stuff_in_headers()
 2020-03-06 21:28:55 +01:00
David Cooper
dca5a3b860 Fix typo in emphasize_stuff_in_headers() 
This commit fixes the same typo as #1531, but in the 3.0 branch.
 2020-03-06 14:32:43 -05:00
Dirk Wetter
c4d2c2de48
Merge pull request #1529 from dcooper16/percent_printing_3.0 
Fix printing percent characters
 2020-03-06 20:04:45 +01:00
David Cooper
ed5bdffc84
Fix printing percent characters 
This commit makes the same change as #1499, but in the 3.0 branch.
 2020-03-06 12:21:18 -05:00
Dirk Wetter
069baa0b6e
Merge pull request #1522 from drwetter/pwdfix3 
avoid external pwd
 2020-03-06 15:04:18 +01:00
Dirk Wetter
488009d0cd
Merge pull request #1528 from dcooper16/fix_html_3.0 
Fix HTML generation in 3.0
 2020-03-06 14:55:27 +01:00
David Cooper
53f0bec0ba
Fix HTML generation in 3.0 
This commit applies the same changes as #1481, but to the 3.0 branch.
 2020-03-06 08:48:07 -05:00
Dirk Wetter
8e06fcc644 Avoid external "/bin/pwd" 
.. as it may not be available everywhere, see #1521 (NixOS).

This commit replaces all instances from pwd or /bin/pwd by $PWD.
It is a bash internal and the fastest. Also it added some quotes
to PWD a it may contain white spaces in the future (currently
there's a check for it that it won't)
 2020-03-06 13:31:48 +01:00
Dirk Wetter
4fcfb5d8f8 avoid external pwd 
.. as it may not be everywhere available, see #1521 (NixOS).

This commit replaces it by `pwd -P` (-P -> no symbolic link)
 2020-03-03 12:30:12 +01:00
Dirk Wetter
4dbd9a98ba
Merge pull request #1511 from drwetter/rDNS_fixes3 
Fix for non compliant DNS PTR records (backport)
 2020-02-15 15:23:07 +01:00
Dirk
bc9cf9f428 Fix for non compliant DNS PTR records 
This commit addresses two bugs: #1506 and #1508.

First, the variable rDNS can contain multiple lines due to multiple PTR DNS
records, though this is not recommended.  In those cases the multiple PTR DNS
were concatenated on the screen, without any blank.

Secondly - depending on the name server entries and on the output of the DNS
binaries used it can contain non-printable characters or characters which are
printable but later on interpreted on the output device (\032 was mentioned
in #1506) which on the screen was interpreted as octal 32 (decimal 26 = ▒,
try echo "\032"), so basically a terminal escape sequence was smuggled
from the DNS server to the screen of the users. In JSON pretty output we
had also this escape sequence which was fine for jsonlint but caused jq
to hiccup.

Fix: we use a loop to check for each FQDN returned. There we remove chars which
under those circumstances can show up. The blacklist is taken from RFC 1912
("Allowable characters in a label for a host name are only ASCII, letters, digits,
and the `-' character").
 2020-02-15 13:56:25 +01:00
Dirk Wetter
7d38f3c365
Merge pull request #1494 from dcooper16/fix_typos_3.0 
Fix typos
 2020-02-04 17:56:58 +01:00
David Cooper
8c29891ec8
Fix typos 
Same as #1492, but for 3.0.
 2020-02-04 11:35:14 -05:00
Dirk Wetter
20daaa667c
Merge pull request #1493 from drwetter/dotasurl_fix_3.0 
Fix URL when hostname with trailing dot supplied
 2020-02-04 17:17:57 +01:00
Dirk Wetter
f11b9023d6 Fix URL when hostname with trailing dot supplied 
Hostnames can contain a trailing dot (and sometimes they should).
If they are supplied to testssl.sh however they will be also interpreted
as a URL PATH when the servive is HTTP.

This commit fixes that.

See also #1490
 2020-02-04 16:32:34 +01:00
Dirk Wetter
0252316637
Merge pull request #1485 from drwetter/fix_ids_friendly 
Fix --ids-friendly
 2020-01-31 08:46:37 +01:00
Dirk Wetter
c4920f61e4 rename query_globals() --> count_do_variables() 
.. and fix one problem instroduced with last patch (testssl.sh
din't work correclty if only an URI was supplied)
 2020-01-30 22:25:10 +01:00
Dirk Wetter
073d383f76 Fix switch --ids-friendly 
This switch had no effect. There was probably a regression
problem as it worked before.

Besides fixing that the large case statement in parse_cmd_line()
was simplified, in a sense that banner and help functions were
moved to a separate case statement.
 2020-01-30 21:49:56 +01:00
Dirk Wetter
b0b084dcda
Merge pull request #1442 from drwetter/bump_version 
bump version to final
 2020-01-23 18:08:23 +01:00
Dirk Wetter
a11a060acb
Merge pull request #1456 from drwetter/changes_etc 
Update attributions and changes for release
 2020-01-23 18:05:50 +01:00
Dirk Wetter
a9e5bcc30c
Merge pull request #1470 from drwetter/1xmsg_squash 
Squash the last futile -msg for $OPENSSL
 2020-01-23 11:03:46 +01:00
Dirk
ace4098693 Squash the last futile -msg for $OPENSSL 
... see also https://github.com/drwetter/testssl.sh/pull/1468#discussion_r369786007
 2020-01-23 09:46:33 +01:00
Dirk Wetter
631755ceb1
Merge pull request #1464 from drwetter/further_handshakes 
Further handshakes / minor changes
 2020-01-22 22:30:16 +01:00
Dirk Wetter
fa4f1e4366
Merge pull request #1468 from nosnilmot/fix-xmpp-starttls 
Fix XMPP starttls
 2020-01-22 21:09:51 +01:00
Dirk
5083e950d2 Move debugging remainders detection to t/00_testssl_help.t 2020-01-22 21:04:23 +01:00
Dirk Wetter
ec722e0e9c
Merge pull request #1469 from dcooper16/simplify_draft_tls13_version_determination 
Simplify code to determine draft TLS 1.3 version
 2020-01-22 20:39:10 +01:00
Dirk Wetter
f7ab5a0821
Move quotes... 
as David suggested.
 2020-01-22 20:34:00 +01:00
David Cooper
43d83b27d4
Simplify code to determine draft TLS 1.3 version 
This PR simplifies the code for determining which draft version of TLS 1.3 a server is offering by making use of a simple regular expression and $BASH_REMATCH rather than looping through every possible draft version.
 2020-01-22 13:48:27 -05:00
Stu Tomlinson
0deea8000c Fix XMPP starttls 
'-xmpphost' option required in combination with '-starttls xmpp' was missing
in determine_optimal_proto()

Also tweaked a couple of log messages
 2020-01-22 18:10:58 +00:00
Dirk Wetter
7619e430f2
Merge pull request #1466 from dcooper16/fix_run_ssl_poodle 
Fix run_ssl_poodle()
 2020-01-22 18:05:08 +01:00