5521063620
Merge pull request #1602 from dcooper16/improve_libressl_302_compat_30branch
...
Improve compatibility with LibreSSL 3.0.2 and earlier
2020-05-01 20:44:16 +02:00
25d0d4242b
Improve compatibility with LibreSSL 3.0.2 and earlier
...
This commit makes the same changes as #1598 , but for the 3.0 branch.
2020-05-01 14:41:05 -04:00
ef535b6282
Merge pull request #1596 from dcooper16/ticketbleed_no_tls1_3_30branch
...
Ticketbleed and TLS 1.3
2020-04-30 13:52:27 +02:00
7419e0da9c
Ticketbleed and TLS 1.3
...
This commit makes the same changes as #1595 , but for the 3.0 branch.
2020-04-30 07:43:20 -04:00
3d6d1ac9d7
Merge pull request #1594 from dcooper16/ossl30_compat_for_30branch
...
Improve compatibility with OpenSSL 3.0
2020-04-29 16:14:01 +02:00
2b8901e0c3
Improve compatibility with OpenSSL 3.0
...
This commit makes the same changes to the 3.0 branch as #1586 makes to the 3.1dev branch.
2020-04-29 08:50:09 -04:00
09fe651b36
Merge pull request #1592 from drwetter/1590_readme
...
Relax the possible GPL license contradiction
2020-04-28 10:03:40 +02:00
126e501143
Relax the possible GPL license contradiction
...
... see also #1590
2020-04-28 10:02:03 +02:00
3c403a2484
Merge pull request #1587 from drwetter/np_fix30
...
Negotiated protocol showed no warning for TLS 1.1/1.0
2020-04-25 11:13:49 +02:00
5c73a23cfe
Negotiated protocol showed no warning for TLS 1.1/1.0
...
.. whereas the protocol section did that.
This fixes the inconsistency.
2020-04-25 11:06:35 +02:00
ac53ec2531
Merge pull request #1585 from dcooper16/fix_logjam_ssl_native_3.0
...
Fix run_logjam() in --ssl-native mode (3.0 branch)
2020-04-24 09:42:43 +02:00
8723fc78b1
Fix run_logjam() in --ssl-native mode (3.0 branch)
...
This commit fixes the same issue as #1584 , but in the 3.0 branch.
2020-04-23 15:01:50 -04:00
2fcbcbe9d1
Merge pull request #1577 from drwetter/drwetter-patch-1
...
Update reference to ZIP file
2020-04-21 20:30:50 +02:00
11123840a7
Merge pull request #1578 from drwetter/1571_30
...
Fix misleading phrasing in run of standard ciphers
2020-04-21 20:30:38 +02:00
5fdeb32f94
Update reference to ZIP file
...
to 3.0.1
2020-04-21 18:58:27 +02:00
4809c763cc
Fix misleading phrasing in run of standard ciphers
...
see #1571 . Bit size doesn't matter. It only matters to the
user which ciphers they are.
2020-04-21 18:46:57 +02:00
af86cce011
Better version naming
...
bugfix releases for 3.0 are 3.0.x instead of 3.0-1
2020-04-15 12:35:51 +02:00
27948d80a8
Merge pull request #1564 from drwetter/release.3.0-1
...
Preparing bugfix release for 3.0
2020-04-15 09:28:41 +02:00
3f5735a1a0
make the sneaky user agent sneaky again
2020-04-14 14:14:45 +02:00
8b1b9f9f27
Preparing bugfix release for 3.0
...
* Bump version
* Removed ancient CVS tag detection code
* ~ backported code doc changes (http --> https and more) from @multiflexi
see 7eba0fbb41
2020-04-14 13:18:52 +02:00
e51a90d7e1
Merge pull request #1557 from dcooper16/fix1551_30
...
Fix #1551 in 3.0
2020-04-01 22:28:47 +02:00
267ce87733
Fix #1551 in 3.0
...
This commit fixes #1551 in the 3.0 branch by changing get_cipher() to recognize RFC names that begin with SSL_*. It also modifies run_beast() so that it does not get stuck in an infinite loop if get_cipher() doesn't return a valid cipher name.
2020-04-01 13:36:39 -04:00
ec6b724433
Merge pull request #1547 from dcooper16/display_ciphernames_bug_3.0
...
Fix bug in setting DISPLAY_CIPHERNAMES in 3.0
2020-03-25 18:28:30 +01:00
e1c27d61a6
Fix bug in setting DISPLAY_CIPHERNAMES in 3.0
...
This commit fixes the same bug as #1546 , but in the 3.0 branch.
2020-03-25 12:59:54 -04:00
b2252002f4
Merge pull request #1539 from mkauschi/http-basic-auth-backport-patch
...
backport patch for the http basic auth bug from PR 1538
2020-03-18 14:51:36 +01:00
3d60151028
backport patch for the http basic auth bug from PR 1538
2020-03-18 14:08:50 +01:00
4601670bac
Merge pull request #1534 from drwetter/breach_output3
...
Fix output for BEAST when no SSL3 or TLS
2020-03-07 12:15:55 +01:00
3f5aa1b7df
Fix output for BEAST when no SSL3 or TLS
...
LF added
2020-03-06 22:09:00 +01:00
1f6ebae401
Merge pull request #1532 from dcooper16/fix_typo_emphasize_stuff_in_headers_3.0
...
Fix typo in emphasize_stuff_in_headers()
2020-03-06 21:28:55 +01:00
dca5a3b860
Fix typo in emphasize_stuff_in_headers()
...
This commit fixes the same typo as #1531 , but in the 3.0 branch.
2020-03-06 14:32:43 -05:00
c4d2c2de48
Merge pull request #1529 from dcooper16/percent_printing_3.0
...
Fix printing percent characters
2020-03-06 20:04:45 +01:00
ed5bdffc84
Fix printing percent characters
...
This commit makes the same change as #1499 , but in the 3.0 branch.
2020-03-06 12:21:18 -05:00
069baa0b6e
Merge pull request #1522 from drwetter/pwdfix3
...
avoid external pwd
2020-03-06 15:04:18 +01:00
488009d0cd
Merge pull request #1528 from dcooper16/fix_html_3.0
...
Fix HTML generation in 3.0
2020-03-06 14:55:27 +01:00
53f0bec0ba
Fix HTML generation in 3.0
...
This commit applies the same changes as #1481 , but to the 3.0 branch.
2020-03-06 08:48:07 -05:00
8e06fcc644
Avoid external "/bin/pwd"
...
.. as it may not be available everywhere, see #1521 (NixOS).
This commit replaces all instances from pwd or /bin/pwd by $PWD.
It is a bash internal and the fastest. Also it added some quotes
to PWD a it may contain white spaces in the future (currently
there's a check for it that it won't)
2020-03-06 13:31:48 +01:00
4fcfb5d8f8
avoid external pwd
...
.. as it may not be everywhere available, see #1521 (NixOS).
This commit replaces it by `pwd -P` (-P -> no symbolic link)
2020-03-03 12:30:12 +01:00
4dbd9a98ba
Merge pull request #1511 from drwetter/rDNS_fixes3
...
Fix for non compliant DNS PTR records (backport)
2020-02-15 15:23:07 +01:00
bc9cf9f428
Fix for non compliant DNS PTR records
...
This commit addresses two bugs: #1506 and #1508 .
First, the variable rDNS can contain multiple lines due to multiple PTR DNS
records, though this is not recommended. In those cases the multiple PTR DNS
were concatenated on the screen, without any blank.
Secondly - depending on the name server entries and on the output of the DNS
binaries used it can contain non-printable characters or characters which are
printable but later on interpreted on the output device (\032 was mentioned
in #1506 ) which on the screen was interpreted as octal 32 (decimal 26 = ▒,
try echo "\032"), so basically a terminal escape sequence was smuggled
from the DNS server to the screen of the users. In JSON pretty output we
had also this escape sequence which was fine for jsonlint but caused jq
to hiccup.
Fix: we use a loop to check for each FQDN returned. There we remove chars which
under those circumstances can show up. The blacklist is taken from RFC 1912
("Allowable characters in a label for a host name are only ASCII, letters, digits,
and the `-' character").
2020-02-15 13:56:25 +01:00
7d38f3c365
Merge pull request #1494 from dcooper16/fix_typos_3.0
...
Fix typos
2020-02-04 17:56:58 +01:00
8c29891ec8
Fix typos
...
Same as #1492 , but for 3.0.
2020-02-04 11:35:14 -05:00
20daaa667c
Merge pull request #1493 from drwetter/dotasurl_fix_3.0
...
Fix URL when hostname with trailing dot supplied
2020-02-04 17:17:57 +01:00
f11b9023d6
Fix URL when hostname with trailing dot supplied
...
Hostnames can contain a trailing dot (and sometimes they should).
If they are supplied to testssl.sh however they will be also interpreted
as a URL PATH when the servive is HTTP.
This commit fixes that.
See also #1490
2020-02-04 16:32:34 +01:00
0252316637
Merge pull request #1485 from drwetter/fix_ids_friendly
...
Fix --ids-friendly
2020-01-31 08:46:37 +01:00
c4920f61e4
rename query_globals() --> count_do_variables()
...
.. and fix one problem instroduced with last patch (testssl.sh
din't work correclty if only an URI was supplied)
2020-01-30 22:25:10 +01:00
073d383f76
Fix switch --ids-friendly
...
This switch had no effect. There was probably a regression
problem as it worked before.
Besides fixing that the large case statement in parse_cmd_line()
was simplified, in a sense that banner and help functions were
moved to a separate case statement.
2020-01-30 21:49:56 +01:00
b0b084dcda
Merge pull request #1442 from drwetter/bump_version
...
bump version to final
2020-01-23 18:08:23 +01:00
a11a060acb
Merge pull request #1456 from drwetter/changes_etc
...
Update attributions and changes for release
2020-01-23 18:05:50 +01:00
a9e5bcc30c
Merge pull request #1470 from drwetter/1xmsg_squash
...
Squash the last futile -msg for $OPENSSL
2020-01-23 11:03:46 +01:00
ace4098693
Squash the last futile -msg for $OPENSSL
...
... see also https://github.com/drwetter/testssl.sh/pull/1468#discussion_r369786007
2020-01-23 09:46:33 +01:00
