Dirk
a41a04b36e
- updated to 1.0.2 stable from pm
...
- still bug: https://github.com/drwetter/testssl.sh/issues/38
2015-02-05 09:33:36 +01:00
Dirk Wetter
e0429cc3fe
Update Readme.md
...
new stable 1.0.2 branch, also with 4 more ciphers
2015-02-05 09:22:01 +01:00
Dirk
f30d7568e7
- checking protoype of tls sockets but not called/working yet
...
- small fixes $DEBUG
2015-02-04 09:48:34 +01:00
Dirk
1b8d96f1d8
- NEW: certificate fingerprints + serial
2015-02-03 23:46:47 +01:00
Dirk
d2b833b2fa
- TLS 1.0/1.1 is not green anymore, only TLS 1.2 is the real one!
...
- no bold for 3DES and medium
- nslookup for MSYS2 etc. having no hosts (and fixing error message if host doesn't exist)
2015-02-03 23:20:59 +01:00
Dirk
188e7f9095
Merge branch 'master' of github.com:drwetter/testssl.sh
2015-01-30 16:27:27 +01:00
Dirk
4f1ca24bd2
FIX: experiration threshold < 30 days
2015-01-30 16:26:55 +01:00
Dirk Wetter
0ea64faa12
Update Readme.md
2015-01-30 10:35:07 +01:00
Dirk
85bc14c946
- FIX: STARTTLS is the criteria for using bash sslv2 or not, not the service
2015-01-29 23:24:49 +01:00
Dirk
16c804d4ca
FIX: BEAST (supports higher protocols only when CBC ciphers detected)
...
- FIX: URL in app banner
- cosmetic issue: display also if one cookie was issue the number 1
2015-01-29 23:20:58 +01:00
Dirk
89012a7a42
* NEW: protocol check SSLv2 in bash sockets per default (HTTP)
...
(fallback to openssl with SSL_NATIVE=1)
2015-01-29 10:46:16 +01:00
Dirk
b2e8e0175a
@nvsofts for LibreSSL patch
2015-01-29 09:34:32 +01:00
Dirk
5e864c28b4
* NEW: emphasize any numbers in http header output
...
* internal renaming of color functions ( --> pr_*)
* new color switches (tput)
* $COLOR is treated as integer not string
* for some issues color adjusted accordingly (red --> brown/yellow)
2015-01-29 09:33:35 +01:00
Dirk
3abaad5eb1
Merge branch 'master' of github.com:drwetter/testssl.sh
2015-01-28 15:31:13 +01:00
Dirk Wetter
c01576c2d4
Merge pull request #53 from gitter-badger/gitter-badge
...
Add a Gitter chat badge to Readme.md
2015-01-28 09:28:50 +01:00
Dirk Wetter
5163d10a66
Merge pull request #54 from nvsofts/fix_libressl_gost
...
Fix GOST handling in LibreSSL
2015-01-28 09:24:32 +01:00
NV
e3a66f5a70
Fix GOST handling in LibreSSL
2015-01-28 14:17:27 +09:00
The Gitter Badger
cf038a3cfe
Added Gitter badge
2015-01-27 22:45:51 +00:00
Dirk Wetter
dedb95b122
Update Readme.md
2015-01-26 12:37:00 +01:00
Dirk
d35e2f95b8
fix for wrong # of HttpOnly cookie
2015-01-23 15:09:35 +01:00
Dirk
84caf9ffd1
fix for double line and double application banner
2015-01-23 12:17:27 +01:00
Dirk
f3eb84c078
Merge branch 'master' of github.com:drwetter/testssl.sh
2015-01-23 12:02:12 +01:00
Dirk
baadfd0492
BREACH is not labeled as experimental anymore as it works reliably
...
- so is heartbleed
- FIX: shopt is removed in rc4 as most of the bash shells segfault here (bug!)
- not tested anymore for HTTP within starttls, instead displaying here a line
2015-01-23 12:01:32 +01:00
Dirk
6c6511ddb2
- VERBOSE -eq 1 is now DEBUG -eq 2 (VERBOSE completely removed)
...
- DEBUG has now four modes 1: just keep files 2: VERBOSE -eq 1 3: head hexdumps and other stuff, 4: full debugging
- env and internal stuff $TEMPDIR
2015-01-21 12:53:00 +01:00
Dirk Wetter
d825bd85f7
Update Readme.md
2015-01-20 22:13:15 +01:00
Dirk
82764845f2
Merge branch 'master' of github.com:drwetter/testssl.sh
2015-01-20 22:10:22 +01:00
Dirk
d5924eedc4
- BEAST finally works
...
- handling of spaces in output
- different ciphers
- FIX: setopt also for RC4 (proper handling of ret value)
2015-01-20 21:59:21 +01:00
Dirk
28330dc6fc
first prototype BEAST | FIX: maketempf in initialize_engine | FIX: exit statements in main w/ more meaning/shorter
2015-01-20 21:51:49 +01:00
Dirk Wetter
1032c3756a
Update Readme.md
2015-01-16 17:18:38 +01:00
Dirk Wetter
b0c6062cb7
Update Readme.md
2015-01-16 17:16:22 +01:00
Dirk
5853202efd
fine tuning on banner
2015-01-15 20:29:46 +01:00
Dirk
4c6f0d9a50
- FIX: grep -a if we hit binary content with http_header (also if otherwise specified)
...
- NEW: can specify URL (used for header matters and breach)
- FIX: better handling of >1 cookies
2015-01-14 12:23:53 +01:00
Dirk
3d81a7b5ec
* NEW: cookie flags (experimental) [URL is missing]
...
* FIX: 30x handling for http_header (hint for final URL if stalled)
* FIX: proper display of app-banners if >1
2015-01-14 09:48:44 +01:00
Dirk
44d8f67998
SNI is not anymore 2do (removed misleading comment)
2015-01-12 23:28:38 +01:00
Dirk
84204a80a3
debugging more fine grained
2015-01-12 23:15:26 +01:00
Dirk
ac6a67a299
now with SNI!
2015-01-12 22:56:15 +01:00
Dirk
f0747dd2fc
now checker fo SSLv3 to TLSV1.2
...
(SNI missing for now)
2015-01-10 22:08:11 +01:00
Dirk
cedeff2b42
typo in tempdir led to missing gost cipher
2015-01-08 14:16:22 +01:00
Dirk
446f7bf152
working prototype for SSLv2 client hello + parsing server hello in bash
2015-01-07 23:57:16 +01:00
Dirk
62f20a6cd2
Merge branch 'master' of https://github.com/drwetter/testssl.sh
2015-01-07 23:30:24 +01:00
Dirk
5044412f39
- moved utils to separate dir
2015-01-07 23:29:05 +01:00
Dirk
decade9986
safer batch processing if port isn't available
2015-01-07 23:16:45 +01:00
Dirk
aa546b520e
Merge remote-tracking branch 'origin/revert-48-master'
2015-01-07 23:09:57 +01:00
Dirk
8a3e0267ba
safer bacth processing if port isn't available
2015-01-06 16:25:19 +01:00
Dirk Wetter
2556377398
Revert "Change question logic on non-SSL port"
2015-01-06 16:10:21 +01:00
Dirk Wetter
e816e4877a
Merge pull request #48 from lwindolf/master
...
Change question logic on non-SSL port
2015-01-06 16:01:07 +01:00
Lars Windolf
d1ab23c146
Change question logic on non-SSL port
...
Idea is to bail out per default (with WARNINGS=off) this makes batch processing possible
as often testssl.sh hangs for minutes or endless on non-SSL ports.
2015-01-03 11:41:35 +01:00
Dirk
eae1b2810f
- check for CN wrt SNI / no SNI
...
- fix different responses for CACert
2014-12-23 09:59:03 +01:00
Dirk
4aa674d138
- Negotiated cipher per proto
...
- nr_ciphers of used openssl version in banner
- spdy_pre check
- -testversion_new --> -testversion
2014-12-21 23:22:50 +01:00
Dirk
a570d907e9
- Cipher order check! (also for starttls)
...
- includes a remark 4 default_cipher (limited sense as client will pick)
- selfsigned certs: error!
- number of local ciphers in check with allciphers
2014-12-21 00:47:23 +01:00