Dirk Wetter
2abad4c258
Update Readme.md
2015-11-05 08:37:48 +01:00
Dirk Wetter
eeceece212
add '-bugs' so that buggy F5s can be better tested
2015-11-03 23:30:52 +01:00
Dirk Wetter
50c5f0b93d
add '-bugs' so that buggy F5s can be better tested
2015-11-03 23:29:53 +01:00
Dirk
e390345629
typo
2015-11-03 19:51:45 +01:00
Dirk
c272878c73
- warning session tickets -> PFS
2015-11-03 19:51:05 +01:00
Dirk Wetter
3a28349e22
Update Readme.md
2015-11-03 13:15:19 +01:00
Dirk
8ff39c5028
- client based authentication, FIX #215
...
- SSL Session ID support test
2015-11-03 13:13:10 +01:00
Dirk
0463471c40
- fixing side effect from #225
...
- other minor output corrections
2015-11-03 10:30:59 +01:00
Dirk
84e6be3547
- revert part of #225
...
- clarify name of bool var for type of tput
2015-11-02 10:49:40 +01:00
Dirk Wetter
8b54609c3d
Merge pull request #225 from Harinus/master
...
Fix: tput: No value for $TERM and no -T specified
2015-11-02 10:40:59 +01:00
Dirk Wetter
2b49f9204d
Update CREDITS.md
2015-11-01 19:40:20 +01:00
Dirk Wetter
1097beab12
Merge pull request #227 from lainegholson/master
...
Add support for .local domains with avahi
2015-11-01 19:37:28 +01:00
Laine Gholson
8c173764bd
Use 'awk' instead of 'sed -E'
2015-11-01 10:40:44 -06:00
Laine Gholson
686dd511a6
Add support for .local domains with avahi
2015-10-31 20:01:52 -05:00
Martin Hoffmann
6a8d4870ab
Missing space ;)
...
Whoops... edited this from the github webpage..
2015-10-30 09:56:48 +01:00
Martin Hoffmann
9bfeac19bc
Fix: tput: No value for $TERM and no -T specified
...
Avoid "tput: No value for $TERM and no -T specified" when running from CGI or similar by checking for interactive shell
2015-10-30 09:46:35 +01:00
Dirk Wetter
84ad7d9b69
client auth + Peter
2015-10-26 09:56:33 +01:00
Dirk Wetter
0009107947
Merge pull request #224 from PeterMosmans/cygwin-2
...
Added check for availability oftput (Fixes #222 )
2015-10-25 13:37:20 +01:00
Peter Mosmans
62af7be5a1
Added check for availability oftput ( Fixes #222 )
...
Slight change due to drwetter's comment
2015-10-25 22:31:44 +10:00
Dirk Wetter
5fd6e28f09
Merge pull request #221 from wlovins/master
...
Changed wording for easier readability.
2015-10-16 16:02:07 +02:00
William Lovins
4095dc53be
Changed wording for easier readability.
2015-10-16 14:40:06 +01:00
Dirk
7bf1319c93
- FIX #218 for exim and friends
2015-10-15 15:14:37 +02:00
Dirk
eb49132682
- changed headline for each sub test from blue to underline+bold
...
- save determine_service log
2015-10-15 14:15:07 +02:00
Dirk
78fab8addb
- FIX #213 , wording
2015-10-13 22:25:01 +02:00
Dirk
d4dbf1138c
- FIX #214
2015-10-13 08:31:54 +02:00
Dirk Wetter
2b14455c55
client auth added
2015-10-11 23:41:05 +02:00
Dirk
1a1f007ef9
- banner f'up reversed
2015-10-11 23:34:53 +02:00
Dirk
8c0786d147
- switched on clientauth functionality (missed b4)
2015-10-11 23:23:35 +02:00
Dirk
b9bfd48871
- client based auth (see sclient_connect_successful() works now, see #206 )
...
- careful regression tests for this, point open: speed
- test for more TLS extensions
- heartbleed() does now before a check whether heartbeat is available to save time
- breach simplyfied (and doesn't have to be killed in seldom cases)
- tmpfiles are only being erased after exit not after each function
- user agent is testssl -- unless --sneaky is chosen
- global host vars are now being resetted to prevent side effects
- tls version in record layer is now always 1
- used ERRFILE wherever possible
- smaller code cleanups
2015-10-11 23:07:16 +02:00
Dirk Wetter
379bc9464a
Update Readme.md
2015-10-11 11:47:10 +02:00
Dirk Wetter
4eacc75f2d
Merge pull request #209 from jumanjiman/docker_readme
...
Readme: add link(s) to external contrib, such as docker images
2015-10-11 10:03:19 +02:00
Dirk Wetter
0600e39b45
- fix screw up of rDNS display for those few folks having only IPv4 ;-)
2015-10-06 12:30:29 +02:00
Dirk
a3a15aa11e
Merge branch 'master' of github.com:drwetter/testssl.sh
2015-10-05 09:59:22 +02:00
Dirk
f8d6a2fb6d
- IPv6 formatting fixed, see #11 (points 3,4,5)
...
5 cannot be done automagically, see issue
2015-10-05 09:56:21 +02:00
Dirk Wetter
fc46a61733
Update Readme.md
2015-10-05 09:22:02 +02:00
Dirk Wetter
8b917e6625
Update Readme.md
2015-10-05 09:19:11 +02:00
Dirk
a0d634f94a
- ouput corrections for BEAST
2015-10-04 12:32:29 +02:00
Dirk
41bc2fb70c
- regression wrt what_dh
2015-10-03 00:14:52 +02:00
Paul Morgan
2fe8fc95fa
Readme: add link(s) to external contrib, such as docker images
2015-10-01 21:39:09 -04:00
Dirk Wetter
5d230edb3a
Merge branch 'master' of github.com:drwetter/testssl.sh
2015-10-01 13:29:25 +02:00
Dirk Wetter
f3cef41053
- some speed improvements (sed, tr --> bash internal s'n'r)
...
- revamped BEAST a bit: availablity of higher protocols lead now to yellow color, see #208
- Fixed error in BEAST (no higher protos led to no message)
- made BEAST it faster: one check for protocol ssl3+tls1 upfront, see #208
2015-10-01 13:27:14 +02:00
Dirk Wetter
8648398094
Update CREDITS.md
2015-10-01 13:19:15 +02:00
Dirk Wetter
fd256a74b1
Merge pull request #207 from typingArtist/beast
...
Fix CBC cipher selection for BEAST detection
2015-10-01 11:51:16 +02:00
typingArtist
2ca6c2b0dc
improved variable naming, scope and worked around length limitation of cipher list, as suggested by @drwetter
2015-09-30 14:54:39 +02:00
typingArtist
449aada392
fix CBC cipher selection
...
CBC cipher selection is not so easy using the openssl tool alone. Selecting the cipher based on the string CBC occuring in it would be right if it’s
about the RFC name of the cipher but not so with the openssl naming. Since CBC ciphers are not going to be continued anyway, I think it’s safe to take
a static list. However, it’s easy to extract it from the cipher list in openssl-rfc.mapping.html, but we certainly don’t want to require that file to
be shipped all the time.
2015-09-30 12:44:27 +02:00
Dirk
1c1eaa53d8
- fix for renamed http_header function
2015-09-29 18:47:49 +02:00
Dirk
cac49cb1f1
- "--file" implicitly does "--warnings=batch"
...
- "--file" works now fine with equal sign
- fixed load balancer issue where header request stalled and testssl.sh consequently too
- http_date needed to be changed too because of that
- needed to estimate then the http_date when request was killed (HAD_SLEPT)
will Mr. Spock like this??
- fixed load balancer issue where header request for breach test stalled and thus an error was displayed
- code improvements
2015-09-28 22:54:00 +02:00
Dirk Wetter
251e09bb4e
IPv6
2015-09-26 23:00:41 +02:00
Dirk
feaef680aa
- IPv6 #11 is 80% working (whohoo!). Needed is an openssl capable IPv6 and HAS_IPv6=true in the environment
...
- FIX #191
2015-09-26 22:44:33 +02:00
Dirk Wetter
cc81642ee3
- #FIX 202 (EV detection from TERENA/Digicert)
2015-09-25 14:35:42 +02:00