b941443049
- the vanilla binaries are needless
2015-07-16 23:05:44 +02:00
54290b220a
- Provide Darwin binaries and paths thereto
...
- provide also other static bins in $PWD/bin
2015-07-16 23:01:10 +02:00
b157a26632
* EV certificate detection
...
* SSLv2 + STARTTLS protocol check always uses sockets now
* STARTTLS protocol now returns over sockets the TLS time (if available)
* few LibreSSL output oddities fixes
* output corrections for STARTTLS
* additional path for binaries (we change the path soon but leave both in the code for now)
2015-07-16 17:58:03 +02:00
f44954ae0e
- clarify licenses for openssl
2015-07-16 17:49:17 +02:00
4c033bc0cc
* header flags added
2015-07-14 20:44:04 +02:00
2e40c2bde6
* misleading warning for DH bits for Negotiated cipher omitted if no DH or EC and OPENSSL <= 1.0.1
2015-07-14 19:58:04 +02:00
32325d0643
* fix for scanning an IP address only
...
* server_preference: cipher adjusted
* some [[ and ]] in loops, hoping to speed up processing a bit
* cosmetic stuff
2015-07-14 17:13:58 +02:00
2ae8f2d6e3
fix regression: port 25 is the one for --mx
2015-07-14 12:35:26 +02:00
0b1c0dca46
FIX #132 (see also discussions in #133
2015-07-13 23:41:49 +02:00
dfc37bc892
workaround / FIX #134 (OPENSSL_CONF destroyed lookup via host/dig/nslookup
2015-07-13 23:24:23 +02:00
f95326cf21
* Liferay in header will be marked in yellow
...
* more tries to find openssl binaries (also those in git)
2015-07-12 18:46:27 +02:00
3cf891bd5e
* FIX #131 (EC certificate key size was critized)
...
* FIX: if request w/o SNI didn't succeed it resulted in an ugly openssl error message
* FIX #51 (we try to initialize GOST engine before showing the banner)
2015-07-10 10:23:10 +02:00
f1d8471a3d
* heartbleed and ccs check enabled per default for STARTTLS
...
* performance improvements for sockets+STARTTLS (still only enabled via EXPERIMENTAL=yes)
2015-07-08 21:30:31 +02:00
ba09b84648
reflect progress on STARTTLS+sockets
2015-07-08 11:35:29 +02:00
d3b8f8e0a2
cosmetic corrections (output)
2015-07-08 11:34:45 +02:00
5944c35075
* EXPERIMETAL=yes is used, testssl.sh uses for protocols, heartbleed, ccs sockets also for STARTTLS!
...
* it's slow though (to be improved)
* renamed vars for proxy
* cleanups
2015-07-07 22:59:31 +02:00
fef9afe288
* protocol checks work now!
...
* generic jabber support now!
* jabber domain support
2015-07-06 22:04:07 +02:00
d1442d8ca9
don't need it
2015-07-06 22:03:41 +02:00
1983658f9c
Update Readme.md
2015-07-06 20:49:58 +02:00
179d8700d1
* NEW: xmpphost support
...
* FIX for regression (80e26a75ef
2015-07-06 20:42:43 +02:00
016b488ae3
New set of binaries with a built date and "my" patch https://github.com/PeterMosmans/openssl/pull/23
2015-07-06 20:37:57 +02:00
e614887cb8
renamed files
2015-07-06 20:33:43 +02:00
942ceb04d9
FIX "built on: reproducible build, date unspecified" problem
2015-07-06 20:33:05 +02:00
0e1a7002b9
FIX "built on: reproducible build, date unspecified" problem
2015-07-06 20:22:45 +02:00
c08baa94b3
* CHANGE: some tuning variable are now booleans (see help)
...
* help() to reflect this
* cleanups
2015-07-06 10:10:46 +02:00
80e26a75ef
* Warning if LibreSSL is used #126
...
* FIX for screwed up output for fixed ciphers (FREAK, LOGJAM), see also #126
* GOST support now doesn't complain if MY confif file aleady exists (minor fix)
2015-07-02 16:39:41 +02:00
1186bf4229
- try to interpret server protocol (SMTP, FTP,...) handshake
2015-07-01 19:50:38 +02:00
39a0da31e5
- echo host:port
2015-07-01 19:48:33 +02:00
d44cff9a81
Merge branch 'master' of github.com:drwetter/testssl.sh
2015-07-01 18:51:18 +02:00
c2f8e23441
Rename ccs-injection.sh to ccs-injection.bash
2015-07-01 18:50:45 +02:00
21119d6d01
works also for nntp,ftp,imap,pop,xmpp +starttls now
2015-07-01 13:01:16 +02:00
83dc3f707f
- works now also for SMTP+STARTTLS
2015-07-01 10:16:01 +02:00
bfdc95f3dc
Rename bash-heartbleed.changelog.txt to heartbleed.bash.changelog.txt
2015-07-01 10:12:03 +02:00
4363229a01
Rename bash-heartbleed.sh to heartbleed.bash
2015-07-01 10:11:20 +02:00
0bd46058a1
Update Readme.md
2015-06-29 23:46:39 +02:00
31431a62cf
Update Readme.md
2015-06-29 23:37:18 +02:00
b797ebaba2
Merge branch 'master' of github.com:drwetter/testssl.sh
2015-06-29 23:35:05 +02:00
24cdfded56
see #124 (John more to the top though)
2015-06-29 23:31:51 +02:00
5acfc93d79
* couple of checks for new proxy option from John Newbigin #124
...
* minor cleanups for #124
2015-06-29 23:28:37 +02:00
ddd680ac93
* merge #124 from jnewbigin
...
* fix my run time error
2015-06-29 22:29:15 +02:00
15a672b521
* assertion vs. condition fixed
2015-06-29 10:41:56 +02:00
b2ebd7640d
Update Readme.md
2015-06-28 14:05:25 +02:00
93f5b8216d
* FIX #125
...
* beautified some code / function names
2015-06-28 13:52:42 +02:00
5d78c9421f
* first tls_low_byte is now always 01 in TLS 1.0 --> TLS 1.2 (see openssl)
...
* removing TLS 1.2 check from sockets as IIS has a problem with it
2015-06-24 11:08:09 +02:00
e121f944e9
* FIX: added missed downgrade (ret=2) in socket protcol check
...
* resorted helper functions to top
* cleanups (ok, renamed some functions)
2015-06-23 21:54:47 +02:00
b575710634
* FIX in --ip=one
...
* straighthen help()
* FIX ret value for no response in parse_tls_serverhello
2015-06-23 12:58:40 +02:00
ae8f998f8f
* help corrected, -e is standard
2015-06-23 07:56:56 +02:00
a6c5a2af0d
* handshake works now with SNI
2015-06-22 23:19:08 +02:00
d3c793e6bc
* help without <> now and |
...
* socket SNI issue: As it turns out Apache 2.2/2.4 is not behaving according to https://tools.ietf.org/html/rfc6066#section-3
.
2015-06-22 18:32:40 +02:00
58a6f501b5
- better addressed no clear fallback repsonses, see #121
2015-06-20 19:36:11 +02:00
Dirk Wetter