Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2026-05-25 10:38:43 +02:00
Code Issues Packages Projects Releases Wiki Activity
3,484 Commits 16 Branches 37 Tags
468ade51635524e420e670ef412e75aa93c4a428
Commit Graph

3484 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dirk a1777cdd0e Fix file output formatting for heartbleed 
Quotes were wrong for different results, which lead to some confusion
for finding, cve and cwe.

Fixes #1828
 2021-01-20 09:04:11 +01:00
Dirk Wetter 2627d9db13 Merge pull request #1825 from drwetter/fix_travis_3.0 
Travis CI didn't run. Trying to fix it (3.0)
 2021-01-18 09:15:14 +01:00
Dirk 4ee936dc52 Travis CI didn't run. Trying to fix it 2021-01-13 22:35:34 +01:00
Dirk Wetter 4b800b0ae5 Merge pull request #1822 from drwetter/fix_dot@NODE 
Fixes trailing dot error in URL handling (3.0)
 2021-01-13 21:56:48 +01:00
Dirk Wetter b8e76a3861 Fixes trailing dot error in URL handling 
For DNS queries a trailing dot in the variable $NODE is always fine. For
HTTP queries it is not. and causes the https request to fail.

Backport from 4f1da9b192

Also: removal of ancient CVS_REL relict in $TEMPDIR/environment.txt
 2021-01-13 11:35:31 +01:00
Dirk Wetter 666a2c4edb Merge pull request #1818 from drwetter/le_issuer_fix1816_3.0 
Fix issuer check for Let's Encrypt (3.0)
 2021-01-07 10:32:12 +01:00
Dirk Wetter 0de00f4322 Fix issuer check for Let's Encrypt (3.0) 
Fixes #1816 for 3.0 by a proper halving of the dates
 2021-01-07 10:29:08 +01:00
Dirk Wetter cb94ffaa13 Merge pull request #1796 from drwetter/no_code_update3.0 
Trying to save resources for Travis/CI (3.0)
 2020-11-28 10:15:13 +01:00
Dirk 98d1bd64bc Trying to save resources for Travis/CI (3.0) 
See https://github.com/google/EarlGrey/pull/383/files/3b38a5dea36a88aba42a42931e77a7c5429a1837
 2020-11-28 10:12:43 +01:00
Dirk Wetter dc08a120ba Merge pull request #1793 from drwetter/docker_docu_polish3.0 
Consolidate docker sections in Readme.md and Dockerfile.md (3.0)
 2020-11-27 16:54:26 +01:00
Dirk Wetter 7c835470be Consolidate docker sections in Readme.md and Dockerfile.md 
see #1791
 2020-11-27 16:53:28 +01:00
Dirk Wetter 7dac1a20f7 Merge pull request #1780 from drwetter/fix_1779 
Fix 1779
3.0.4 		2020-11-20 16:27:10 +01:00
Dirk ca89328ed4 Change version number 
To avoid clashes with distributors it may be is smarter to stick
to three numbers and not intoducing another digit.

3.0.4 <-- 3.0.3.1
 2020-11-20 11:09:17 +01:00
Dirk e441357efe Fix reading SSLv2 socket (3.0 branch) 
This fixes #1779. There was a problem introduced in
3c97412a61 which counted
the size of the file name rather than the size of the
socket reply.
 2020-11-20 11:06:22 +01:00
Dirk b08b5d8b98 Bump version to 3.0.3 3.0.3 2020-11-19 09:41:12 +01:00
Dirk Wetter 0abaa6d2bf Merge pull request #1774 from drwetter/ca-update_3.0 
Update certificate stores (3.0 branch)
 2020-11-14 11:11:03 +01:00
Dirk Wetter 2f18dcbd58 Update remaining stores: Apple / Java / Microsoft 
* also ca_hashes.txt

* Used Java SDK 15 instead of JRE 8
* Used Windows 10 20H2
* Java Keystore has added 5 certificates (90 --> 95)

Updated Readme and make instructions more reproducible

Fixes #1772
 2020-11-13 22:13:10 +01:00
Dirk Wetter d536c07b72 Merge pull request #1776 from drwetter/fix_1762_3.0 
Stop labeling X-XSS-Protection as green (3.0 branch)
 2020-11-13 15:24:22 +01:00
Dirk Wetter 99a158d952 Stop labeling X-XSS-Protection as green (3.0 branch) 
* X-XSS-Protection is now labled as a neutral finding as suggested in #1762
* Also it adds colons to header values

This a quick fix for the stable version as opposed to #1764 ff.
It also changes the color from lite cyan to neutral
 2020-11-13 13:57:21 +01:00
Dirk Wetter a180ec4f80 update Linux.pem + Mozilla.pem 2020-11-11 18:37:56 +01:00
Dirk Wetter f3abf77ed8 Merge pull request #1761 from keisentraut/fix-1757-3.0 
fix #1757: manpage: --c has one dash to much (backport 3.0)
 2020-10-29 20:28:23 +01:00
Klaus Eisentraut 44fd73bfcd fix #1757: manpage: --c has one dash to much (backport 3.0) 2020-10-29 20:21:05 +01:00
Dirk Wetter 0cf5a49762 Merge pull request #1759 from drwetter/fix_1754_3.0 
Fix run_freak() when sslv2 server hello is empty (3.0 branch)
 2020-10-28 15:05:51 +01:00
Dirk Wetter 3c97412a61 Address complaint by Travis + RC4 SSLv2 ciphers shortcut 
Despite the fact google doesn't support RC4 ciphers, testssl.sh called
sslv2_sockets(). Google answered with a >= TLS alert. Building a sum then
failed then in sslv2_sockets().

This fixes sslv2_sockets() and introduces count_chars() as a helper function
(tested also under old FreeBSD to make sure it works under MacOSX).

Also it adds a shortcut: if we are sure we don't have sslv2 we don't need
to test any RC4 SSLv2 ciphers
 2020-10-28 11:45:41 +01:00
Dirk 4ddc90d98d Fix run_freak() when sslv2 server hello is empty (3.0 branch) 
This fixes #1754 by avoiding further string operations if the SSLv2 socket reply is empty as bash 5.1 seems to have a problem with that. The fix is done in sslv2_sockets() .

Also sslv2 is not being used in run_freak() if known not to be supported.
 2020-10-27 22:48:50 +01:00
Dirk Wetter cd9b98ca70 Merge pull request #1727 from drwetter/fix_1725_SCIR_3.0 
Fix Secure Client-Initiated Renegotiation false positive (3.0 branch)
 2020-09-16 20:13:33 +02:00
Dirk 08feaf4a0c Fix Secure Client-Initiated Renegotiation false positive (3.0 branch) 
Server side closed the connection but openssl retrieved
a zero exit code. In addition now we look for "closed"
and if that was returned from the server we label it
as not vulnerable.

This fixes #1725.

Same fix as for 3.1dev, see #1726
 2020-09-16 18:13:47 +02:00
Dirk Wetter c0581afeeb Merge pull request #1712 from dcooper16/fix1699_3.0 
Fix #1699 in 3.0 branch
 2020-08-31 17:07:46 +02:00
David Cooper b7dab55b6c Fix #1699 in 3.0 branch 
This commit makes the same change as #1711, but in the 3.0 branch.
 2020-08-31 10:42:11 -04:00
Dirk d9866d875a Revised risk for BREACH --> medium 2020-07-10 19:56:18 +02:00
Dirk Wetter e1b0f2d55f Merge pull request #1673 from dcooper16/fix_unrecognized_option_3.0 
Fix printing of unrecognized option in 3.0 branch
 2020-07-07 15:54:11 +02:00
David Cooper cb5305e42d Fix printing of unrecognized option in 3.0 branch 
When testssl.sh is called with an unknown option it prints something like:

     0: unrecognized option "--option"

It should be printing the name of the program rather than "0". This commit fixes that.
 2020-07-07 07:39:28 -04:00
Dirk Wetter 2949b95937 Merge pull request #1667 from dcooper16/fix1665_3.0 
Fix #1665 in 3.0 branch
 2020-06-25 20:45:42 +02:00
David Cooper e2dce19559 Fix #1665 in 3.0 branch 
This commit fixes #1665 by adding the certificate number to the JSON identifier for cert_eTLS.
 2020-06-25 13:24:10 -04:00
Dirk Wetter 916d942b00 Merge pull request #1664 from dcooper16/fix1662_3.0 
Fix #1662 in 3.0 branch
 2020-06-25 13:40:41 +02:00
David Cooper f7ef50b968 Fix #1662 in 3.0 branch 
This commit fixes #1662 in the 3.0 branch by changing the fileout to use the value of $cert_ext_keyusage rather than the string "cert_ext_keyusage".
 2020-06-25 07:37:37 -04:00
Dirk Wetter 2cdcf1564b Merge pull request #1661 from csett86/wireshark-android-7-0-backport 
Add wiresharked Android 7.0 (native) (backport of #1659)
 2020-06-25 08:31:17 +02:00
Christoph Settgast e2a1f9f329 Add wiresharked Android 7.0 (native) 
After being bitten by https://stackoverflow.com/questions/39133437/sslhandshakeexception-handshake-failed-on-android-n-7-0
I add a wiresharked Android 7.0 to reflect that bug in Android 7.0.

Backport of 82e939f2bd
 2020-06-24 21:10:22 +02:00
Dirk Wetter 594f09e858 Merge pull request #1647 from drwetter/fix_mxs_in_get_mx_record 
Fix wrong variable declaraton in get_mx_record()
 2020-05-26 09:35:54 +02:00
Dirk 11c03790bf Fix wrong variable declaraton in get_mx_record() 
mx was declared, mxs used instead. This fixes
it by correcting the declaration.
 2020-05-25 21:28:44 +02:00
Dirk Wetter c6ca746954 Merge pull request #1634 from drwetter/dockerfile+ 
Better Dockerfile: doesn't require "git clone"
 2020-05-09 12:54:02 +02:00
Dirk e5bb789dd3 Better Dockerfile: doesn't require "git clone" 
.. see also #1559.

It "mkdirs" the needed etc and bin directories first, then copies
stuff over. It also reduces a few layers.

Also it corrects a mistake in the Readme.md (docker exec --> run)
 2020-05-09 12:48:11 +02:00
Dirk Wetter 747b1e20ac Merge pull request #1633 from unit193/3.0 
Fix a couple typos.
 2020-05-09 12:20:03 +02:00
Unit 193 f1a53a5b3a Fix a couple typos. 
enviroment → environment
ususally → usually
 2020-05-09 05:42:41 -04:00
Dirk Wetter 4e887e3ee4 Merge pull request #1628 from drwetter/bump_version302 
Bump version to 3.0.2
3.0.2 		2020-05-08 11:44:48 +02:00
Dirk Wetter eb1398c04c Merge pull request #1627 from drwetter/dockerhub_workaround 
Provide the correct branch to Dockerhub builds
 2020-05-08 11:36:36 +02:00
Dirk f16ed46e76 Provide the correct branch to Dockerhub builds 
... and at the same time allow correct local builds --
the default branch is 3.1dev at the moment.

It still clones the repo from github which isn't
needed. A pure copy command would be the best. However
it might cause other problems.

See also #1559
 2020-05-08 11:32:39 +02:00
Dirk Wetter e628c16155 Merge pull request #1626 from drwetter/revert-1625-dockerfile_fixtest 
Revert "Try to fix builds by Dockerhub"
 2020-05-08 10:30:42 +02:00
Dirk Wetter 1edb6159be Revert "Try to fix builds by Dockerhub" 2020-05-08 10:21:24 +02:00
Dirk Wetter 003f35d273 Merge pull request #1625 from drwetter/dockerfile_fixtest 
Try to fix builds by Dockerhub
 2020-05-07 20:44:31 +02:00