- FIX regression: capitalized/all lowercase headers weren't detected
- if socksend is blocked (IDS) output looks better and is reported as test didn't succeed
- no secure cookie or Httponly will be marked as brown
- tput color yellow is now brown
- logic of some ENV variables changed (attention!)
- included some ENV as long options (not in the help yet)
- decentralized http check for breach
- if openssl is not executable it bails out better now
- help function now exits
Note that due to the refactoring of some status messages, the output will be slightly different (more verbose) than previous versions
Moved specific status messages to http_header()
Moved specific status messages to breach()
Moved specific status messages to ccs_injection()
Moved specific status messages to heartbleed()
Moved specific status messages to renego()
Moved specific status messages to crime()
Moved specific status messages to tls_poodle()
Moved specific status messages to freak()
Moved specific status messages to beast()
Added some more documentation for functions
Fixed typos in help
Created new function main:
This is the main function of testssl.sh
Refactored major part of the original main function
Created new function startup:
Parses the startup options
Created new function intialize_globals:
Initializes all used global variables
Created new function scanning_defaults:
Sets default scanning options when only one parameter (URI) is given
TODO: Refactor more/duplicate parts of functions
Note: For the new functions, fixed spaces (4) are used instead of tabs
- FIX for SNI output as it doensn';t make sense for non HTTP servives
- lines for RC4 and PFS shortenedA
- display all MX records to test before testing
- removed LOCERR, added CCS_MAX_WAITSOCK, HEARTBLEED_MAX_WAITSOCK
Dirk
Peter Mosmans
Mark Felder
Mark Felder