Dirk Wetter
4f38646523
Address grading bug when --show-each is used
...
This fixes #2203 . When used -E with -9 and --show-each the grading wasn't
correct as all ciphers printed were included in the grading verdict instead
of just the ones available.
2022-08-02 10:44:41 +02:00
Dirk Wetter
88e80d2688
Merge pull request #2201 from drwetter/readme-patch
...
Update README.md
2022-07-02 22:13:06 +02:00
Dirk Wetter
12654b904b
Update README.md
2022-07-02 22:12:56 +02:00
Dirk Wetter
559049fa60
Merge pull request #2200 from drwetter/cert_update
...
Update cert stores
2022-07-02 22:11:24 +02:00
Dirk
e217af0324
Remove the expired DST Root CA X3 cert from ...
...
Apple / Linux / Microsoft stores
2022-07-02 16:02:30 +02:00
Dirk
d79504ea8a
Reference to remove DST Root CA
2022-07-02 16:00:16 +02:00
Dirk
9f4a3b359c
add new stores
2022-07-02 15:59:00 +02:00
Dirk
fb2b4935ac
Java.pem from Oracle jdk-17.0.3.1
2022-07-01 22:01:36 +02:00
Dirk
dca2672d88
Apple.pem: picked from Internet (see etc/Readme.md)
2022-07-01 21:55:43 +02:00
Dirk
285eb60d45
add loop for Apple.pem
2022-07-01 21:51:25 +02:00
Dirk
f1003d62f8
fine tune instructions for Apple.pem
2022-07-01 21:45:02 +02:00
Dirk
8b580d1448
Update cert store: Linux + Mozilla
2022-07-01 21:32:38 +02:00
Dirk Wetter
153ce87982
Merge pull request #2194 from dcooper16/reorganize_ciphers_by_strength
...
Reorganize ciphers_by_strength()
2022-07-01 21:26:26 +02:00
David Cooper
564dd63efc
Reorganize ciphers_by_strength()
...
This commit modifies ciphers_by_strength() and run_server_preference() so that the message indicating that ciphers are listed by strength is not printed until the list of supported ciphers has been determined. This is in support of #1311 , as it will allow the message to be modified based on the set of supported ciphers.
This commit also modifies both ciphers_by_strength() and cipher_pref_check() so that the order in which ciphers are listed (by strength or server preference) is not printed if the server does not support the protocol.
2022-06-06 15:48:34 -04:00
Dirk Wetter
13298ffd19
Merge pull request #2193 from drwetter/moregitignore
...
More .gitignore files
2022-06-01 09:47:12 +02:00
Dirk Wetter
6959d3c9a5
few amendments to ignore files
2022-05-31 20:39:47 +02:00
Dirk Wetter
8438f99856
Merge pull request #2169 from drwetter/update_clients1
...
Update client simulations
2022-05-31 17:00:37 +02:00
Dirk Wetter
c92a648391
Add LibreSSL from MacOS
2022-05-31 16:17:47 +02:00
Dirk Wetter
854028166d
Including AppleMail
2022-05-31 15:12:16 +02:00
Dirk Wetter
b274e3b858
correct openssl 3.0.3 data which made CI action fail
2022-05-31 14:32:47 +02:00
Dirk Wetter
6536eaddb6
remove Java 12 and OSX 10 in baseline file
2022-05-31 14:09:19 +02:00
Dirk Wetter
a21a343c1c
disable Java 12 and Safari on OS X 10.12
2022-05-31 12:17:38 +02:00
Dirk Wetter
09432f0346
minor fix: italic markdown
2022-05-31 12:10:36 +02:00
Dirk Wetter
f90b473b32
Add Thunderbid 91.9 to hanshak simulation
2022-05-31 12:10:11 +02:00
Dirk Wetter
6023acd58c
Merge branch '3.1dev' into update_clients1
2022-05-31 12:09:23 +02:00
Dirk Wetter
acc063e078
Merge pull request #2181 from dcooper16/continue_server_pref_on_error
...
Continue run_server_preference() on error
2022-05-31 11:37:08 +02:00
Dirk Wetter
e6f6bcaaa7
Merge pull request #2191 from drwetter/pr2189
...
Fix CRIME test
2022-05-30 14:58:48 +02:00
Dirk Wetter
dfbb9f8122
Fix Actions
...
this one works locally...
2022-05-30 13:37:07 +02:00
Dirk Wetter
8d817e1dcf
PR to merge #2189
...
added: changes in CI so that it goes through
2022-05-25 18:46:08 +02:00
Dirk Wetter
f3fe2ac401
Merge branch 'EliteTK-fix-crime-tls1.3' into pr2189
2022-05-25 18:45:13 +02:00
Tomasz Kramkowski
fc0cc67d47
Make run_crime use $jsonID instead of repeating
...
This also seems more consistent across the code.
2022-05-23 13:57:31 +01:00
Tomasz Kramkowski
326a65e7ad
Fix CRIME test on servers only supporting TLS 1.3
...
As jsonID is not set by run_crime, make the fileout invocation for
servers supporting only TLS 1.3 use the literal "CRIME_TLS" instead.
Previously running testssl with CSV or JSON output would produce an item
with the wrong ID.
2022-05-23 13:53:38 +01:00
David Cooper
706262095b
Continue run_server_preference() on error
...
Currently run_server_preference() will stop if it cannot determine whether the server enforces a cipher preference order.
This commit changes run_server_preference() so it will continue running even if this case, so that the list of ciphers supported with each TLS protocol is provided. Since it is not known whether the server enforces a cipher order, the list of supported ciphers is ordered by strength.
2022-05-16 09:28:02 -04:00
Dirk Wetter
d931eb470c
Merge pull request #2186 from drwetter/censys_fix_2127
...
Fix censys link in DROWN section
2022-05-14 13:57:46 +02:00
Dirk
04463784a8
Fix censys link in DROWN section
...
See #2127 . the line seems very long though.
Note: this was previously commited as #2184 but as there were two mistakes
and one other thing which could be improved I decided to make a hard reset.
Apologize if it caused inconvenience.
2022-05-14 12:06:09 +02:00
Dirk
1eb8347174
Update comparion/diff file for CI
...
... for the time being
2022-05-10 13:08:44 +02:00
Dirk Wetter
b89574e5c7
Merge pull request #2180 from dcooper16/ossl_ffdhe
...
Check for OpenSSL support for ffdhe groups
2022-05-10 07:47:56 +02:00
Dirk Wetter
86158f0bdf
Firefox 100, Chrom and Edge 101 (Win10)
...
- disabled Opera (too old)
- disabled ATS 9 / iOS 9
- reenabled Android 8.1
2022-05-09 17:49:16 +02:00
David Cooper
66c3e35dba
Check for OpenSSL support for ffdhe groups
...
OpenSSL 3.0.0 and later supports specifying the FFDHE groups from RFC 7919 in the "-groups" (or "-curves") option of s_client.
This commit modifies find_openssl_binary() to check whether $OPENSSL supports this. This information is then used by run_client_simulation(), if client simulation testing is being performed using $OPENSSL. If the "curves" for a client include FFDHE groups, then they will be included in the simulated ClientHello.
2022-05-09 09:46:40 -04:00
Dirk Wetter
6bd80b3baa
Merge branch '3.1dev' into update_clients1
2022-05-06 10:32:01 +02:00
Dirk Wetter
22d8cd3adf
Go client (1.17)
2022-05-06 10:06:03 +02:00
Dirk Wetter
ff23a2ba22
Merge pull request #2177 from drwetter/dependabot/github_actions/docker/setup-buildx-action-2
...
Bump docker/setup-buildx-action from 1 to 2
2022-05-06 08:17:49 +02:00
Dirk Wetter
4935679f50
Merge pull request #2176 from drwetter/dependabot/github_actions/docker/metadata-action-4
...
Bump docker/metadata-action from 3 to 4
2022-05-06 08:17:33 +02:00
Dirk Wetter
f1ce1a21bb
Merge pull request #2175 from drwetter/dependabot/github_actions/docker/setup-qemu-action-2.0.0
...
Bump docker/setup-qemu-action from 1.2.0 to 2.0.0
2022-05-06 08:17:09 +02:00
Dirk Wetter
acfbaf8408
Merge pull request #2174 from drwetter/dependabot/github_actions/docker/login-action-2.0.0
...
Bump docker/login-action from 1.14.1 to 2.0.0
2022-05-06 08:16:42 +02:00
Dirk Wetter
c332d03323
Merge pull request #2173 from drwetter/dependabot/github_actions/docker/build-push-action-3.0.0
...
Bump docker/build-push-action from 2.10.0 to 3.0.0
2022-05-06 08:15:59 +02:00
dependabot[bot]
f434dd963d
Bump docker/setup-buildx-action from 1 to 2
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 1 to 2.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](https://github.com/docker/setup-buildx-action/compare/v1...v2 )
---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-05-06 00:31:01 +00:00
dependabot[bot]
d40591bf00
Bump docker/metadata-action from 3 to 4
...
Bumps [docker/metadata-action](https://github.com/docker/metadata-action ) from 3 to 4.
- [Release notes](https://github.com/docker/metadata-action/releases )
- [Upgrade guide](https://github.com/docker/metadata-action/blob/master/UPGRADE.md )
- [Commits](https://github.com/docker/metadata-action/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: docker/metadata-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-05-06 00:30:56 +00:00
dependabot[bot]
44ae7c1604
Bump docker/setup-qemu-action from 1.2.0 to 2.0.0
...
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action ) from 1.2.0 to 2.0.0.
- [Release notes](https://github.com/docker/setup-qemu-action/releases )
- [Commits](https://github.com/docker/setup-qemu-action/compare/v1.2.0...v2.0.0 )
---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-05-06 00:30:52 +00:00
dependabot[bot]
172115501a
Bump docker/login-action from 1.14.1 to 2.0.0
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 1.14.1 to 2.0.0.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](https://github.com/docker/login-action/compare/v1.14.1...v2.0.0 )
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-05-06 00:30:49 +00:00