Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-07-18 03:31:58 +02:00
Code Issues Packages Projects Releases Wiki Activity
1,204 Commits 16 Branches 34 Tags
43b35b8cc29eaa7aa4ea0172726393bf9e9e2b68
Commit Graph

1204 Commits

Author SHA1 Message Date
David Cooper
43b35b8cc2 Curve X25519 fixes 
This PR fixes two issues related to curve X25519.

First, while OpenSSL 1.1.0 supports curve X25519, it is not included in the output of `$OPENSSL ecparam -list_curves`. I tried several versions of OpenSSL (and one version of LibreSSL), and every version output either "Error with command" or "unknown option" in response to `$OPENSSL s_client -curves $curve` if it either did not support the `-curves` option or did not support `$curve`. (When the `-curve` option was supported with `$curve`, a "connect" error was output.)

The second issue is that the "Server Temp Key" line in the output of `s_client` is different for curve X25519. For other elliptic curves, the output is
```
Server Temp Key: ECDH, P-256, 256 bits
```
For X25519 it is:
```
Server Temp Key: X25519, 253 bits
```
So, `read_dhbits_from_file()` needs to allow for `$what_dh` being "X25519" rather than "ECDH" and `run_pfs()` needs to allow for the possibility that the curve name will be the first field rather than the second.
 2016-11-08 10:10:14 -05:00
Dirk
4f99d9d658 update 2016-11-07 21:03:45 +01:00
Dirk
65c03a99ba update 2016-11-05 15:02:00 +01:00
Dirk
72ac0734d1 tolower 2016-11-05 14:55:30 +01:00
Dirk
f18a398ce3 handle better missing ca_hashes.txt 2016-11-04 08:39:14 +01:00
Dirk Wetter
63ec369f34 output polish 2016-10-29 15:37:30 +02:00
Dirk Wetter
df2704dc20 Merge pull request from Sousaphone/master 
Apple ATS9 client simulation
 2016-10-28 21:31:39 +02:00
Dirk
99300a0059 bump version 2016-10-27 22:02:35 +02:00
Dirk
00a5d19276 Merge branch 'master' of github.com:drwetter/testssl.sh 2016-10-27 22:00:19 +02:00
Dirk
337e66fc61 Merge branch 'CA_pinning' 2016-10-27 21:59:42 +02:00
Dirk
1613bb214e Merge branch 'master' into CA_pinning 
Conflicts:
	testssl.sh
 2016-10-27 21:59:10 +02:00
Dirk Wetter
bfad620bf5 Update Readme.md 2016-10-21 22:16:19 +02:00
Thomas Alexander Frederiksen
217f2fb91a Apple ATS9 client test 2016-10-19 10:54:37 +02:00
Dirk
5e5edd5c89 FIX 2016-10-15 22:55:24 +02:00
Dirk Wetter
6abca0c598 Merge pull request from mailsvb/minor_display_fix_ssl3_offer 
remove additional pr_off at the end of sslv2 check
 2016-10-14 22:07:19 +02:00
mailsvb
4ce4d922ac remove additional pr_off at the end of sslv2 check 2016-10-12 22:32:35 +02:00
Dirk
d32dbdaff3 Updating MS store, sill small, still not automated/cumbersome not sure if ok 2016-10-12 21:15:37 +02:00
Dirk
6723622024 - do not do HTTP2+SPDY checks if non-STARTTLS but also non-HTTP 
- ASSUMING_HTTP --> ASSUME_HTTP
- minor cleanups
 2016-10-11 22:30:30 +02:00
Dirk Wetter
d59c581700 Update Readme.md 2016-10-11 12:17:33 +02:00
Dirk
77f98e73e2 medium only for "Secure Client-Initiated Renegotiation" != HTTP 2016-10-10 23:27:34 +02:00
Dirk Wetter
51912944ec Merge pull request from mailsvb/CA_BUNDLES_PATH 
fix usage of CA_BUNDLES_PATH env for local ca_bundles
 2016-10-09 10:22:22 +02:00
mailsvb
5a967302dc fix usage of CA_BUNDLES_PATH env for local ca_bundles 2016-10-08 22:50:44 +02:00
Dirk
1c5eb17729 (saving work): major cleanups for output readability and code 2016-10-06 18:53:25 +02:00
Dirk
bd64fb4214 minor putput cleanup for headers 2016-10-03 21:17:29 +02:00
Dirk Wetter
f9d44484af Merge branch 'master' of github.com:drwetter/testssl.sh 2016-10-03 21:01:54 +02:00
Dirk Wetter
9fe87223cc fix anchor 2016-10-03 20:48:32 +02:00
Dirk Wetter
248351eef5 Update Readme.md 2016-10-03 20:29:50 +02:00
Dirk Wetter
bf1d3933bf Update Readme.md 2016-10-03 20:28:44 +02:00
Dirk
878ab519c0 update 2016-10-03 20:21:38 +02:00
Dirk Wetter
19b63aa8a9 duplicate headers fixed, #FIX 488, outstanding: proper treatment of simulatenous Public-Key-Pins|Public-Key-Pins-Report-Only 2016-10-03 18:52:48 +02:00
Dirk
e2023f51ac evaluate env TESTSSL_INSTALL_DIR and CA_BUNDLES_PATH for CA bundles and/or RFC/IANA mapping, FIX , 2016-10-02 18:15:13 +02:00
Dirk
eb1f6e05bb update, thanks to Niko78, see 2016-10-02 10:04:25 +02:00
Dirk
fd6e2c0682 cleanup of 2016-10-01 22:25:14 +02:00
Dirk
09c19b4654 FIX , clear warning if >=1 HSTS headers are present 2016-10-01 10:04:33 +02:00
Dirk
fd83509ae5 update 2016-09-29 23:23:44 +02:00
Dirk
5115055895 update 2016-09-29 21:44:54 +02:00
Dirk
15f9315cd0 fix last build 2016-09-29 21:27:24 +02:00
Dirk
a5adb2f3ec fixing last T CI run 2016-09-29 21:20:13 +02:00
Dirk
68697b822e fixing last run, hopfully 2016-09-29 21:19:09 +02:00
Dirk
05a0e555a7 - save 1x sed in count_lines/words 2016-09-29 20:59:13 +02:00
Dirk
d786a94a8c output + code polishing, phrasing. lf still has space for improvements 2016-09-28 20:32:01 +02:00
Dirk Wetter
b238fab3c1 Merge pull request from dcooper16/remove_sockread 
Replace sockread() with sockread_serverhello()
 2016-09-27 22:34:17 +02:00
Dirk Wetter
144e2c20cf Update Readme.md 2016-09-27 00:08:01 +02:00
Dirk Wetter
092badc55a Update Readme.md 2016-09-27 00:01:13 +02:00
Dirk Wetter
e59efb0313 Merge branch 'master' of github.com:drwetter/testssl.sh 2016-09-26 23:48:08 +02:00
Dirk Wetter
556d637069 updated 2016-09-26 23:47:39 +02:00
Dirk Wetter
76e9a58223 Delete openssl.Linux.armv7l 2016-09-26 23:31:21 +02:00
Dirk Wetter
9a4211e867 Delete openssl.Darwin.i386 2016-09-26 23:30:55 +02:00
David Cooper
6ded937b14 Merge branch 'master' into remove_sockread 2016-09-26 17:02:53 -04:00
Dirk Wetter
7e729d26cd Darwin 64bit binary, see https://gist.github.com/jpluimers/9257ba6e27afea1b98376d9d4411c88c 2016-09-26 22:52:26 +02:00