b40c0b7178
- RELEASE: final 2.2
...
- change of cmd line order for STARTTLS
- help more clear
2014-12-08 10:32:51 +01:00
b3efb3c4b0
- BUGFIX: potential stalling in HTTP Header query
...
- BUGFIX: HTTP specific vuln. won't be checked if service is not http (we still
check crime and also spdy => gmail has spdy for pop and imap)
- Feature: service detection: HTTP, IMAP, POP, SMTP
- alignment in rDNS output corrected
- minor cleanup / improvements
2014-11-30 01:30:20 +01:00
27f06f8d50
- BUGFIX: BSD now has proper heartbleed and ccs injection detection
...
- significant code improvement of hex-byte parser <-> socket sender
- BUGFIX: BSD now doesn't put an extra \n if rfc map file is missing
- bumped to 2.1rc3, hoping that'll be the last
2014-11-27 21:33:33 +01:00
c034cd8a95
- for colors: double square brackets (might save a fork to "[ or "test"
...
- in terms of debugging cleaned up listciphers/std_cipherlists
- in other terms too
2014-11-25 13:12:24 +01:00
5228986b25
Update Readme.md
2014-11-24 16:43:11 +01:00
b242876597
Merge pull request #37 from yurivict/master
...
Fixed errors when COLOR=0 caused 'printf' to break due to leading dashes interpreted as command line options
2014-11-24 15:16:42 +01:00
19f936bece
Fixed the problem when COLOR=0 caused 'printf' to break due to leading dashes interpreted as command line options.
2014-11-22 12:15:47 -08:00
7cf2030c20
Merge pull request #36 from PeterMosmans/bugfix
...
Fixed minor redirection typo for 'which' command
2014-11-22 18:31:09 +01:00
c3ab016164
Fixed minor redirection typo for 'which' command
2014-11-22 12:57:36 +10:00
4c3cc0df8e
- increase first read buffer -- otherwise it's how up at hb reply and lead to false positives
2014-11-20 18:55:51 +01:00
d4265742b1
color codes for protocols and default ciphers reflect better a rating
...
- fix: heartbleed function needed a $TMPFILE for determining the TLS protocol
- version bumped to 2.1rc2
2014-11-20 10:46:55 +01:00
5dd4a8f3fa
- fix in cleanup (while debug)
...
- wrong cmd line option --> help instread of error
2014-11-19 22:23:13 +01:00
05877dca93
- protocol check stream lined: similar now for every protocol
...
- NPN/SPDY is not green anymore
2014-11-19 18:04:43 +01:00
d77b667489
- protocol w/o cipher (only SSLv2 so far)
...
- for EVERY protocol now check whether $openssl supports it
- better fail for PFS if there are no local ciphers
2014-11-19 17:08:59 +01:00
52ef1fe684
@oparoz
2014-11-19 13:26:48 +01:00
99e472ac01
- banner (opensssl version build date, platform) slightly changed
...
- even clearer warning upon old openssl version (MacOSX!)
- oparoz hexdump patch
- heartbleed doenst do a precheck anymore --> just sockets as it may lead to false negatives
if the client was complied with it disabled (FreeBSD)
2014-11-19 13:22:22 +01:00
f2c44803ed
- FreeBSD fixes (getent, printf)
2014-11-18 23:14:17 +01:00
59bdf48823
- Peter
2014-11-18 20:24:10 +01:00
41a480abb4
small cleanup
2014-11-18 20:23:17 +01:00
8756151a26
Merge branch 'master' of github.com:drwetter/testssl.sh
2014-11-18 16:40:14 +01:00
3d6eda97de
Merge pull request #30 from PeterMosmans/cleanup
...
Make sure that cleanup() function is always called
2014-11-18 16:39:32 +01:00
f067944f2a
Merge pull request #29 from PeterMosmans/msys
...
Added compatilibility with MSYS2 on Windows
2014-11-18 16:30:18 +01:00
7b45311c30
- stripping of leading 0 in testssl.sh needed to be reflected by this file
2014-11-18 11:04:57 +01:00
049a945abc
- prettyprint_local now also can do word pattern matching
...
- help improved
- put the stripping of leading 0 into normalize_cipher_code where it belonged
- the latter makes a modified mapping-rfc.txt necessary!
2014-11-18 11:03:03 +01:00
f45d85617b
- hexcode in neat list now w/o leading 0
...
- help cleaned up and clearer (& removing tabs)
- test_just_one with headline
2014-11-18 10:29:11 +01:00
de0b4313b8
Make sure that cleanup() function is always called
...
Added {HEADERFILE_BREACH} to temporary files that should be removed
Removed obsolete cleanup calls
2014-11-18 14:30:48 +11:00
15f23f1fec
Added compatilibility with MSYS2 on Windows
2014-11-18 13:30:56 +11:00
cf8fa2c3f3
- version bumped to 2.1rc1, better layout for chacha (albeit bit ugly), better layout for all ciphers, test_just_one w/ headline
2014-11-18 01:36:29 +01:00
16279267ea
- sockread w/ sleep
...
- ccs better documented + more verbose during debug
2014-11-18 00:26:58 +01:00
2e6c0a45cd
Update CREDITS.md
2014-11-17 18:59:57 +01:00
7414b5b310
next step in color handling: 2=full color, 1: b/w, 0: no ESC codes at all
2014-11-17 18:49:56 +01:00
eee56b4bd4
2014-11-17 18:47:39 +01:00
fc4c2e5446
- omit the "**" in non colored mode
...
- query COLOR properly (env)
2014-11-17 17:43:59 +01:00
a7bbc6c39a
warning upon "no ssl enabled server" clearer; we check only for return code of s_client. Fails if certificate needed
2014-11-17 17:05:43 +01:00
b2cd4bfd4c
better documentation
2014-11-03 21:45:48 +01:00
481af083a3
NEW: first working implementation of "-x <list_of_csv_hexcodes> server" with a catch: none a/v local cipher
2014-11-02 23:37:17 +01:00
a2cd77c4ee
TLS_FALLBACK_SCSV
2014-10-30 21:15:30 +01:00
3b783323d5
TLS_FALLBACK_SCSV
2014-10-30 21:14:50 +01:00
5984e86f81
FIX for RUN_DIR, bumped up version to 2.1beta
2014-10-30 21:12:18 +01:00
f56f81090a
NEW: HPKP
2014-10-29 21:24:43 +01:00
b49b1451c4
FIX: for FreeBSD and spaces in "Local problem ..."
2014-10-29 20:23:21 +01:00
ef5bf00094
FIXED: too much spaces in "Local problem: No .. configured"
2014-10-23 15:52:06 +02:00
6737cd230c
FIXED: When there is no support in openssl for SSLv2 the error message and the next protocol test get on the same line
2014-10-23 15:40:15 +02:00
abef156191
Merge branch 'master' of github.com:drwetter/testssl.sh
2014-10-17 22:17:04 +02:00
1720fed5fe
be clear that no TLS_FALLBACK_SCSV support yet
2014-10-17 22:16:37 +02:00
cfc8ed1117
forgot the apple users
2014-10-17 14:28:05 +02:00
4b6d83415b
better+ c&p
2014-10-16 16:47:54 +02:00
9714c93ee0
better c&p
2014-10-16 16:46:01 +02:00
86e0141f72
POODLE hack
2014-10-15 13:10:06 +02:00
192867554e
- FIX for getent line
2014-10-15 11:56:40 +02:00
Dirk
Yuri
Peter Mosmans
Dirk