Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-10-31 13:55:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
4,238 Commits 17 Branches 35 Tags
5c889bde0fd29113e567f77d133eb76021c88a90
Commit Graph

4238 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
David Cooper
5c889bde0f Include cipher order information in file output on a per protocol basis 
This commit fileout() calls to ciphers_by_strength() and cipher_pref_check() to indicate whether or not the server enforces a cipher order for a protocol version.
 2022-10-20 12:49:22 -07:00
David Cooper
045778b2d8 Fix #1311 
This commit fixes #1311 by only rating the lack of a server-enforced ciper order negatively if there is a difference in the quality rating of the ciphers offered for a particular protocol.
 2022-10-19 10:03:53 -07:00
Dirk Wetter
8d9b11be40 Merge pull request #2257 from drwetter/drwetter-patch-1 
Fix typo
 2022-10-19 14:09:48 +02:00
Dirk Wetter
ea67c4f4a8 Fix typo 
See #2256
 2022-10-19 14:06:26 +02:00
Dirk Wetter
73fa3e5aef Merge pull request #2251 from drwetter/dependabot/github_actions/docker/setup-qemu-action-2.1.0 
Bump docker/setup-qemu-action from 2.0.0 to 2.1.0
 2022-10-13 09:37:40 +02:00
Dirk Wetter
f823c0528e Merge pull request #2252 from drwetter/dependabot/github_actions/docker/build-push-action-3.2.0 
Bump docker/build-push-action from 3.1.1 to 3.2.0
 2022-10-13 09:37:23 +02:00
Dirk Wetter
fa412b1a33 Merge pull request #2250 from drwetter/dependabot/github_actions/docker/login-action-2.1.0 
Bump docker/login-action from 2.0.0 to 2.1.0
 2022-10-13 09:37:06 +02:00
dependabot[bot]
681fd6e8d7 Bump docker/build-push-action from 3.1.1 to 3.2.0 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 3.1.1 to 3.2.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v3.1.1...v3.2.0)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-10-13 00:12:49 +00:00
dependabot[bot]
e735c022b0 Bump docker/setup-qemu-action from 2.0.0 to 2.1.0 
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 2.0.0 to 2.1.0.
- [Release notes](https://github.com/docker/setup-qemu-action/releases)
- [Commits](https://github.com/docker/setup-qemu-action/compare/v2.0.0...v2.1.0)

---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-10-13 00:12:46 +00:00
dependabot[bot]
35a6fe94bf Bump docker/login-action from 2.0.0 to 2.1.0 
Bumps [docker/login-action](https://github.com/docker/login-action) from 2.0.0 to 2.1.0.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v2.0.0...v2.1.0)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-10-13 00:12:43 +00:00
Dirk Wetter
0ed2bf0ada Merge pull request #2234 from cancom/fix/grade-cap-sorting 
Fix grade cap reasons not showing weak public keys
 2022-10-07 16:48:06 +02:00
Dirk Wetter
09a479cb7a Merge pull request #2238 from dcooper16/SC2235 
Fix Shellcheck SC2235
 2022-10-07 16:24:04 +02:00
David Cooper
bbe8987053 Fix Shellcheck SC2235 
SC2235 is "Use { ..; } instead of (..) to avoid subshell overhead."

In a large number of places testssl.sh uses paraenthesis in complex boolean expressions in order to specify an evaluation order. The paranthesis results in the expression being evaluated in a subshell, which makes evaluation very expensive. This commit addresses the problem by rewriting any expressions that unnecessarily create subshells.
 2022-09-29 15:37:51 -07:00
Dirk Wetter
b03d8ca1e3 Merge pull request #2248 from war59312/patch-1 
Readme.md - Small Fixes To Docs Section
 2022-09-29 19:16:25 +02:00
Will
7fee2381dc Update Readme.md 2022-09-29 13:00:13 -04:00
Will
2e04127f06 Readme.md - Small Fixes To Docs Section 
Small fix for Documentation section
 2022-09-28 15:36:05 -04:00
Dirk Wetter
c487f911aa Merge pull request #2247 from drwetter/bump_version_rc 
Bump rc version
 2022-09-28 17:17:52 +02:00
Dirk Wetter
77a2d891cf Bump rc version 
... so that distributors feel more encouraged to switch to this version
and drop 3.0.x
 2022-09-28 09:21:25 +02:00
Dirk Wetter
33376cca8c Merge pull request #2244 from drwetter/grep_quotes 
Squashed some double quotes for grep expressions
 2022-09-18 21:50:30 +02:00
Dirk Wetter
8c14a42180 Squashed some double quotes for grep expressions 
... in favor of single quotes
 2022-09-18 19:27:36 +02:00
Dirk Wetter
0e61b72197 Merge pull request #2242 from ghen2/grep-3.8 
Fix grep 3.8 warnings on unneeded escapes of hyphen, slash, space.
 2022-09-18 17:38:11 +02:00
Geert Hendrickx
e36325f8cd Fix grep 3.8 warnings on unneeded escapes of hyphen, slash, space. 
Use -e where needed to avoid confusion of expression as arguments.
 2022-09-17 21:04:14 +02:00
Dirk Wetter
03b3ba8078 Merge pull request #2239 from dcooper16/neat_list_alignment 
Fix alignment in neat_list()
 2022-09-16 09:14:51 +02:00
David Cooper
93ece13747 Fix alignment in neat_list() 
When neat_list() is printing information about a cipher suite that uses (EC)DH key exchange that was obtained using an old version of OpenSSL the rows are not properly aligned, since the key exchange input includes an unexpected trailing space. This commit fixes the problem by removing any trailing spaces from $kx.
 2022-09-15 13:51:04 -07:00
Dirk Wetter
de48956639 Merge pull request #2237 from a1346054/which 
Use bash-builtin `command -v` instead of external `which`
 2022-09-14 21:25:14 +02:00
Dirk Wetter
1193d89344 Merge pull request #2236 from a1346054/fixes 
Use `grep -E` instead of `egrep`
 2022-09-14 21:19:47 +02:00
a1346054
902bdf3d92 Use bash-builtin command -v instead of external which 
`command -v` is a bash builtin and is a standardized version of `which`
 2022-09-12 23:24:26 +00:00
a1346054
4712c48597 Use grep -E instead of egrep 2022-09-12 20:12:28 +00:00
Benedict Becker
0572609793 Fix grade cap reasons not showing weak public keys 2022-09-07 16:18:19 +02:00
Dirk Wetter
b3c49b584d Merge pull request #2227 from dcooper16/fix_data_after_finished 
Fix decrypting TLS 1.3 server response
 2022-09-07 10:11:39 +02:00
Dirk Wetter
34f7b4d8a3 Merge pull request #2229 from cancom/feat/overall_grade 
Consistent overall_grade output
 2022-09-07 10:10:12 +02:00
Dirk Wetter
7e885b4b95 Merge pull request #2225 from dcooper16/fix_determine_cert_compression 
Fix determine_cert_compression() and certificate_transparency()
 2022-09-07 10:08:25 +02:00
Benedict Becker
075bdc5fbf Consistent overall_grade output 2022-09-07 09:38:59 +02:00
David Cooper
0403149b61 Fix determine_cert_compression() and certificate_transparency() 
determine_cert_compression() and certificate_transparency() do not work in debug mode, since tls_sockets() writes debugging messages to stdout. This commit fixes the problem by having determine_cert_compression() and certificate_transparency() return their results using a global variable rather than writing the results to stdout and having having run_server_defaults() catch the output.
 2022-09-06 11:09:18 -07:00
David Cooper
963b606168 Fix decrypting TLS 1.3 server response 
There is at least one server that includes a new session ticket in the same packet as the Finished message. This confuses check_tls_serverhellodone() since the new session ticket is encrypted under the application traffic keys rather than the handshake keys. check_tls_serverhellodone(), being unable to decrypt the new session ticket reports a failure and does not return any of the decrypted data.

This commit fixes the problem by having check_tls_serverhellodone() simply return (or ignore) any data that appears after the Finished message. If such data is returned, then tls_sockets() derives the application traffic keys and decrypts it so that it can be parsed by parse_tls_serverhello().
 2022-09-06 09:58:45 -07:00
Dirk Wetter
814bc8b6f5 Merge pull request #2223 from drwetter/new_binaries 
New openssl binaries
 2022-09-05 14:59:41 +02:00
Dirk
d7b5abe8c1 Add Darwin binary from #2224 2022-09-05 14:57:16 +02:00
Dirk
48c7e2d25c New FreeBSD x64 binary 2022-09-01 19:26:10 +02:00
Dirk
e285b48fd0 New Linux 32 binary 2022-09-01 19:20:41 +02:00
Dirk
8ab3aba818 Correct link 2022-09-01 19:06:30 +02:00
Dirk
7016c4a815 Add newer Linux 64 bit binaries 
* supporting xmpp-server, see #1575, #1589
* address security bug, see #2179
 2022-09-01 17:22:28 +02:00
Dirk
f36e2afa5e Review text, renew some paragraphs 2022-09-01 17:21:00 +02:00
Dirk Wetter
5442981b63 Merge pull request #2222 from drwetter/fix_xmppserver_detection 
Fix xmpp-server detection
 2022-08-31 17:21:59 +02:00
Dirk Wetter
2071feafe3 Fix xmpp-server detection 
See #1575
 2022-08-31 09:09:05 +02:00
Dirk Wetter
0b29be2444 Merge pull request #2220 from ghen2/lmtp 
Send a proper LHLO command with argument (like EHLO), to fix -t lmtp.
 2022-08-28 20:10:01 +02:00
Geert Hendrickx
e77dd4a825 Send a proper LHLO command with argument (like EHLO), to fix -t lmtp. 2022-08-27 21:42:33 +02:00
Dirk Wetter
b577234e6d Merge pull request #2217 from drwetter/3.2rc1 
Bump version 3.1dev to first release candidate
 2022-08-22 20:27:03 +02:00
Dirk
dd01effcfb Bump version to first release candidate 2022-08-22 16:49:06 +02:00
Dirk Wetter
33f28f881b Merge pull request #2215 from drwetter/alpine3.16-dockerfile 
Upgrade Alpine version to the latest stable
 2022-08-22 16:37:43 +02:00
Dirk Wetter
abb8f82d85 Upgrade Alpine version to the latest stable 
3.16.
 2022-08-22 16:31:59 +02:00