Commit Graph

2606 Commits

Author SHA1 Message Date
David Cooper a1d4eac64d Don't read tls_data.txt inside function
I was doing some testing on my extended_tls_sockets branch and discovered that it was not fully working since the `TLS13_KEY_SHARES` array was empty. According to https://lists.gnu.org/archive/html/bug-bash/2012-06/msg00068.html, there is an issue when trying to initialize a global array inside a function. (The current code initializes `TLS12_CIPHER`, `TLS_CIPHER`, and `TLS13_KEY_SHARES` within `get_install_dir()`, since tls_data.txt is read in that function.) In fact, according to http://stackoverflow.com/questions/10806357/associative-arrays-are-local-by-default, in order to initialize a global variable in a function, one needs to provide the `-g` option, which was only added in Bash 4.2.

This PR seems to fix the problem by moving the reading of tls_data.txt to the main body of the code rather than reading it within the `get_install_dir()` function.
2017-04-10 17:07:46 -04:00
David Cooper 43a4358442 Merge branch '2.9dev' into openssl_location 2017-04-10 09:00:06 -04:00
Dirk 5054cc33f3 rename *test_just_one as @AlGreed suggestted in #703 2017-04-10 14:45:39 +02:00
Dirk 0bbbd5217a swapped -f and -s
-f is now forward secrecy
    -s is standard cipher lists
2017-04-08 09:14:56 +02:00
David Cooper 25977d5537 Merge branch '2.9dev' into openssl_location 2017-04-07 09:41:40 -04:00
Dirk 55713e4929 use per default a lf before the first fatal message 2017-04-07 10:26:41 +02:00
Dirk c75a2cd838 In addition to #701 add quotes for correcting cmdline parsing -- especially for supplied filenames/arguments
(HTML,CSV,JOSN,PROXY).

Also strip off leading http:// | https://  for --proxy
2017-04-07 09:49:44 +02:00
Dirk Wetter dc629202bb Merge pull request #701 from dcooper16/wordsplitting_filenames
Handle word splitting of log file names.
2017-04-07 08:54:07 +02:00
Dirk Wetter 9c13d2a3a2 Merge pull request #700 from dcooper16/fix_696
Fix #696
2017-04-07 08:52:38 +02:00
Dirk Wetter 46ca4b272d Merge pull request #699 from dcooper16/fix_695
Fix #695
2017-04-07 08:38:52 +02:00
David Cooper 381ad3de32 Handle word splitting of log file names.
This PR fixes a problem that occurs if log file names include spaces.
2017-04-06 11:26:03 -04:00
David Cooper 3a9c49c989 Fix #696
If I understand correctly how `run_hpkp()` should be displaying the list of Backups, the problem shown in the photo attached to #696 occurred because the dangling SPKIs should have been printed on the next line. This PR fixes this by changing the code that prints out the "good" backups to include a newline after printing the CA's name.

Another problem this PR fixes is that `tm_italic()` is being called instead of `pr_italic()`, meaning that the italicized text is being printed to the terminal, but is not being included in the HTML output.

Finally, this PR fixes errors in the definitions of `tmln_italic()` and `prln_italic()`. `tmln_italic()` calls `outln()` and `prln_italic()` calls `tmln_out()` instead of the reverse.
2017-04-06 10:54:20 -04:00
David Cooper ce620ac7d0 Fix #695
This PR fixes issue #695 by changing the call to `out_row_aligned_max_width()` so that the length of the flag is considered in determining the length of the first line of the output.
2017-04-06 10:37:45 -04:00
David Cooper 69530d77cf Merge branch '2.9dev' into openssl_location 2017-04-06 09:12:43 -04:00
Dirk e2f5d5c3cf updated comments 2017-04-06 11:33:54 +02:00
Dirk 3351f8832c mute the error message using bash3, see #697 (2.9dev) 2017-04-06 11:23:57 +02:00
Dirk Wetter c188408f8e Merge pull request #698 from dcooper16/mass_testing_parallel
Mass testing in parallel
2017-04-06 10:25:38 +02:00
Dirk 8a2967c62e make use of swapped out tls data file
(main() sill needs a bit of work)
2017-04-06 09:47:09 +02:00
David Cooper c04d254a43 Mass testing in parallel
This PR modifies `run_mass_testing_parallel()` so that it may be used in place of  `run_mass_testing()`.
2017-04-05 16:58:57 -04:00
David Cooper b98ef7cd8e Merge branch '2.9dev' into openssl_location 2017-04-05 15:01:06 -04:00
Dirk 61d42b022c fix missing space in banner and suppress empty version string 2017-04-05 20:39:35 +02:00
Dirk ec55cdea14 "post-fix" for #697 (2.9dev) 2017-04-05 20:20:00 +02:00
David Cooper dabe72542f Merge branch '2.9dev' into openssl_location 2017-04-05 12:41:50 -04:00
Dirk bfb0f4bc7d FIX #697 in 2.9dev (bash hiccup @ tolower) 2017-04-05 17:28:06 +02:00
Dirk b1ce11d76e in addition to #694: using the predefined variable 2017-04-05 14:48:35 +02:00
Dirk 6b0f389225 fix #694 (CSP and HTTP header friends were cut off @ last colon)
introduced strip_leading_space() / strip_trailing_space()
2017-04-05 14:42:55 +02:00
David Cooper 2d73d06474 Merge branch '2.9dev' into openssl_location 2017-04-04 15:49:40 -04:00
Dirk 7549f10c79 added explanation for #692 2017-04-04 20:23:28 +02:00
Dirk Wetter c593f06f6d Merge pull request #692 from dcooper16/fix_html
Fix HTML
2017-04-04 20:18:05 +02:00
David Cooper 1b4c1cc40c Update testssl.sh
This PR fixes two issues with HTML generation that were introduced by a commit on March 31, 2016, "[count_ciphers is now un-sed'ed, minor improvements](a480e5f699)."

The first is that in `std_cipherlists()`, `[[ $DEBUG -ge 1 ]] && outln " -- $1" || outln` was changed to `[[ $DEBUG -ge 1 ]] && outln " -- $1" || outln`. The result being that in the HTML output, all of the tests from `run_std_cipherlists()` appear on the same line. This PR changes the line to:
```
          [[ $DEBUG -ge 1 ]] && tm_out " -- $1"
          outln
``
so that the line break is added to the HTML output, but the debugging information is not.

The second problem is that the commit on March 31 moved the call in main to `html_header()` until after the calls to `get_install_dir()`, `find_openssl_binary()`, `mybanner()`, `check4openssl_oldfarts()`, and `check_bsd_mount()`. The problem is that each of these functions may call an output function that will call `html_out()`.

If `html_out()` is called before `html_header()` and the command line contains `--htmlfile <htmlfile>`, then "htmlfile" will be written to before `html_header()` is called and then `html_header()` will warn that "htmlfile" already exists and then exit the program.

If `html_out()` is called before `html_header()` and the command line contains `--html`, then anything send to `html_out()` before `html_header()` is called (such as the banner) will not appear in the HTML file.
2017-04-04 13:25:31 -04:00
David Cooper 1ca898190d Merge branch '2.9dev' into openssl_location 2017-04-04 08:54:18 -04:00
Dirk 8213e2436c addressed #691 for 2.9dev 2017-04-04 09:54:47 +02:00
David Cooper a26a53ccef Merge branch '2.9dev' into openssl_location 2017-04-03 09:00:47 -04:00
Dirk 498dda94ce using get_san_dns_from_cert() 2017-04-01 10:38:04 +02:00
David Cooper 32418e39db Merge branch '2.9dev' into openssl_location 2017-03-31 12:02:22 -04:00
Dirk 6b601e22c7 adding Referrer-Policy header (FIX #604)
introduced get_san_dns_from_cert()

added two stub function get_session_ticket_lifetime_from_serverhello
2017-03-31 17:04:04 +02:00
David Cooper e03d89107b Merge branch '2.9dev' into openssl_location 2017-03-31 09:36:26 -04:00
Dirk Wetter 75c794546d Merge pull request #689 from dcooper16/run_server_defaults_cleanup
Cleanup variable definitions in run_server_defaults()
2017-03-31 12:53:46 +02:00
Dirk a480e5f699 count_ciphers is now un-sed'ed, minor improvements 2017-03-31 12:24:25 +02:00
Dirk Wetter 10ac0ffed4 Merge pull request #687 from dcooper16/child_mass_testing_env_variable
Child mass testing env variable
2017-03-31 08:44:15 +02:00
David Cooper 9f93d9d578 Move insertion of commas to a separate file
Create a separate function to insert the comma separators between findings for different tests within mass testing.
2017-03-30 12:48:25 -04:00
David Cooper d8a7037000 Add missing comma
I did some testing with http://jsonlint.com/ and discovered a missing comma when massing testing is being performed and a single JSON file is being created.
2017-03-30 12:37:41 -04:00
David Cooper 73a24cba27 Correct indentation in run_server_defaults()
This second commit doesn't make any changes to the code, it just corrects the indentation.
2017-03-30 10:27:08 -04:00
David Cooper ba2a75b093 Cleanup variable definitions in run_server_defaults()
In `run_server_defaults()` the variable `success` is defined twice, once an an ordinary variable and once as an array. The PR removes the incorrect definition. It also removes the definitions of some variables that are no longer used and reorganizes the definitions so that each line has only one variable type.

I also noticed a typo later in `run_server_defaults()` and corrected it.
2017-03-30 10:08:26 -04:00
Christian Dresen 2211a23bf0 Added Dockerfile.md, modified Dockerfile: pull with depth=1, default-cmd: --help 2017-03-30 14:41:46 +02:00
Christian Dresen c366f09043 Removed unused lines from Dockerfile for testssl.sh 2017-03-30 13:35:48 +02:00
Christian Dresen db32b1fbea Added Dockerfile for testssl.sh 2017-03-30 13:18:46 +02:00
David Cooper 603f03e79a Remove tmp.json files after use
Remove tmp.json files after use so that testssl.sh doesn't complain that they already exist.
2017-03-29 11:43:03 -04:00
David Cooper 1723374511 Remove tmp.file files after use
Remove tmp.json files are use so that testssl.sh doesn't complain that they already exist.
2017-03-29 11:42:09 -04:00
David Cooper e7c0ca13f6 Remove tmp.json files after use
Remove tmp.json files are use so that testssl.sh doesn't complain that they already exist.
2017-03-29 11:41:23 -04:00