David Cooper
77379903ed
Fix typo in etc/mapping-rfc.txt
...
Change value for SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA from xFEFE to xFEFF in accordance with http://www-archive.mozilla.org/projects/security/pki/nss/ssl/fips-ssl-ciphersuites.html .
2016-02-05 14:53:19 -05:00
Dirk
39226e05d2
openssl 1.1.0
2016-02-03 17:56:56 +01:00
Dirk
a676742256
Remaining issues solved for OpenSSL 1.1.0 compliance, output corrections, CN/SNI improvements
2016-02-03 17:55:53 +01:00
Dirk
9cf3e21c3d
- swapped sig_algo and server key size
...
- output improvements for unknown sig algos like GOST
2016-02-03 09:55:47 +01:00
Dirk
ea18d2f02c
- fix: discovering the CN for the default host (without SNI)
...
- CN parsing of certificate improved
- CN / subject can be also cyrillic now -- supposed the terminal supports the charset
2016-02-03 00:05:57 +01:00
Dirk Wetter
40d4cbb57f
Update Readme.md
2016-02-01 22:42:49 +01:00
Dirk Wetter
aff08b1ff2
Update CREDITS.md
2016-02-01 22:41:36 +01:00
Dirk
dd65050ee1
- "secret" env switch shows during -e/-E the signature algorithm (see also #276 )
...
- exp. date check corrected esp. for openssl 1.1.0
- warning relaxed for chain of trust
2016-02-01 22:06:27 +01:00
Thomas Martens
b99c5ac30c
Merge branch 'master' of https://github.com/drwetter/testssl.sh
2016-02-01 21:09:31 +01:00
Thomas Martens
52f7de1a4a
Revert "fixed output in ciphertest with --color=1"
...
This reverts commit 7f7b1edd50
.
This is already fixed with c62abaf215
in
upstream.
2016-02-01 21:03:22 +01:00
Dirk Wetter
ff714a673f
Merge pull request #280 from dcooper16/number_of_cert_bundles
...
Number of trusted certificate files in $INSTALL_DIR/etc/*.pem
2016-02-01 21:02:14 +01:00
dcooper16
9f998d8c53
Number of trusted certificate files in $INSTALL_DIR/etc/*.pem
...
The number of .pem files in $INSTALL_DIR/etc is currently hard-coded into determine_trust. This modifies the code so that the number of files can be changed without having to change the code.
2016-02-01 14:11:50 -05:00
Dirk Wetter
f7853f36a0
- added SSL_CERT_FILE=/dev/null
...
- output cleanups in determine_trust()
2016-02-01 17:33:59 +01:00
Dirk Wetter
386234f794
Merge pull request #279 from dcooper16/chain_of_trust_fix
...
Fix chain of trust problem
2016-02-01 17:23:03 +01:00
dcooper16
abffd1b81e
Fix chain of trust problem
...
This should fix issue #278 . I'm not sure whether openssl verify will ever print out more than one error, so to be safe, I wrote the code to handle the possibility that it might; if there is more than one error, it just takes the first and ignores the rest.
2016-02-01 11:17:13 -05:00
Dirk Wetter
2f4e549dab
- missing root certs
2016-02-01 16:27:20 +01:00
Dirk Wetter
8f9b38f7d4
- LF and other corrections for HPKP
...
- output corrections for 2 x HPKP (e.g. scotthelme)
2016-02-01 13:23:28 +01:00
Dirk
0bfe12742e
correct signature keysizes, FIX #249
2016-02-01 10:19:23 +01:00
Dirk
c62abaf215
fix colored output in wide mode ( FIX #277 )
2016-01-31 23:53:13 +01:00
Thomas Martens
7f7b1edd50
fixed output in ciphertest with --color=1
...
With --color=1 the output in the ciphertest missed some spaces between the
KeyExch. and Encryption columns. This is a result of the pr_off() function.
This commit add an additional check in neat_list() and insert the missing
spaces.
2016-01-31 22:40:39 +01:00
Dirk
5ae9bb8c13
- typo in IPv4 header
...
- fixed recognition of XML,HTML to separate header
- fixed -V <pattern
2016-01-31 21:02:18 +01:00
Dirk
1726d3b41c
minor change of color
2016-01-31 11:04:59 +01:00
Dirk
5e051c351a
credit the cleanups of dcooper16 also
2016-01-31 10:55:45 +01:00
Dirk
49bc6592b8
multiple certs
2016-01-31 10:55:21 +01:00
Dirk
f7baa560c2
- typos, etc
2016-01-31 10:54:45 +01:00
Dirk
c564e305a7
- FIX #273
2016-01-31 01:55:23 +01:00
Dirk
fc346a35fe
- indentation reverted to old value if in only one certificate
...
- minor cleanups in the output
2016-01-30 23:59:29 +01:00
Dirk
5178e0db37
dcooper16 for the multiple certs thing
2016-01-30 23:57:00 +01:00
Dirk Wetter
8437bce546
Merge pull request #275 from dcooper16/multiplecerts
...
Detect multiple server certificates
2016-01-30 23:49:10 +01:00
dcooper16
2bf9c5d81e
Detect multiple certificates
...
Modifies --server-defaults to handle cases in which the server has more than one certificate (e.g., one with an RSA key and one with an ECC key).
2016-01-28 17:06:34 -05:00
Dirk
495b9cda9b
- several fixes/improvements for new JSON/CSV file feature #268
...
* no color code in files
* rc4 ciphers were missing
* NODE was missing
* calling of NODEIP/PORT was not neccessary
* default naming of files similar to $LOGFILE
2016-01-23 23:33:17 +01:00
Dirk Wetter
447b6f6012
Update Readme.md
2016-01-23 21:28:37 +01:00
Dirk
8a2fe5915a
- /usr/bin/printf --> printf
2016-01-23 20:33:46 +01:00
Dirk
a8d08bbf92
update
2016-01-23 19:25:45 +01:00
Dirk
1a8ed3d70a
- JSON/CSV from #268 , labeled it experimental
...
- fixes partly #31
- several fixes to it (backticks, single sq brackets, renaming funcs, removed lf in JSON, ...)
2016-01-23 19:18:33 +01:00
Dirk
51e197c549
Merge branch 'master' of github.com:drwetter/testssl.sh
2016-01-23 13:34:04 +01:00
Dirk Wetter
477f6eb053
Merge pull request #270 from thecky/master
...
added colorblind option
2016-01-23 09:35:52 +01:00
Thomas Martens
b16ab6a021
added colorblind option
...
if colorblind option is set swap green and blue in the output
2016-01-22 20:40:08 +01:00
Dirk
9880bd6a49
- added 0xc072-0xc079, 0xc033-0xc03B
2016-01-20 15:04:12 +01:00
Dirk
a1ef935903
20 CCM cipher added
2016-01-20 14:17:38 +01:00
Dirk Wetter
3579cf2953
Merge pull request #267 from thecky/master
...
added --mapping=no-rfc
2016-01-20 12:32:19 +01:00
Thomas Martens
8bae1bc1ed
added --mapping=no-rfc
...
don't display the RFC ciphername in the cipher checks.
2016-01-19 21:55:06 +01:00
Dirk
b97788ba73
typo fixed
2016-01-15 17:30:47 +01:00
Dirk
0d767dad8f
- mentioning where the client data comes from
2016-01-15 17:05:43 +01:00
Dirk
5257c2f38a
- inline license clarifications
...
(separate file needed later)
2016-01-15 17:04:16 +01:00
Dirk
a9643b6d1e
- hooks for rfc/non-rfc
...
- FIX for beast: no CBC cipher at all is now displayed
- minor cosmetic stuff
2016-01-15 16:37:47 +01:00
Dirk
edd689b53e
client check
2016-01-15 16:27:18 +01:00
Dirk
2871aaaee3
- optical cleanups for #265
...
- don't do browser tests for non-HTTP services
2016-01-15 15:53:03 +01:00
Dirk
e68fcc9dad
- remove duplicates
2016-01-15 15:15:29 +01:00
Dirk Wetter
8b22e1be19
Merge pull request #265 from seccubus/feature/client-sims
...
Feature/client sims
2016-01-15 14:07:13 +01:00