Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2024-12-29 04:49:44 +01:00
Code Issues Packages Projects Releases Wiki Activity
4,313 Commits 14 Branches 30 Tags 211 MiB
6cea273a68
Commit Graph

4313 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dirk Wetter
6cea273a68
Update codespell.yml 
add exception for aNULL which should work now
 2023-03-12 17:55:10 +01:00
Dirk Wetter
b84e182ca2
Merge pull request #2332 from drwetter/sanitize_fileout 
Make sure control chars from HTTP header don't end up in html,csv,json
 2023-03-12 16:18:20 +01:00
Dirk Wetter
83f67b4fb7
Merge pull request #2333 from drwetter/drwetter-patch-4 
Update .gitignore
 2023-03-12 16:00:11 +01:00
Dirk Wetter
8643ed4c72
Update .gitignore 2023-03-12 15:57:01 +01:00
Dirk Wetter
cacd8c57b1 Add variable htmlfile + filter GOST message 
... which is needed for newer LibreSSL/OpenSSL versions
 2023-03-12 15:09:24 +01:00
Dirk Wetter
2e33c483dd remove comma in tr as it was interpreted as such 2023-03-12 14:52:11 +01:00
Dirk Wetter
fab67d0cca Remove CR in server banner 
... which caused a problem in t/32_isHTML_valid.t.

Also the test for an empty server banner was simplified
 2023-03-12 14:00:55 +01:00
Dirk Wetter
d298b41d2c add aNULL exception to codespell 2023-03-11 14:06:47 +01:00
Dirk Wetter
06506b371e Make sure control chars from HTTP header don't end up in html,csv,json 
This addresses the bug #2330 by implementing a function which removes
control characters from the file output format html,csv,json at the
output.

In every instance called there's a check before whether the string
contains control chars, hoping it'll save a few milli seconds.

A tr function is used, omitting LF.

It doesn't filter the terminal output and the log file output.
 2023-03-11 13:38:28 +01:00
Dirk Wetter
88763f47a8
Merge pull request #2326 from drwetter/fix_mime-type 
Fix Accept Header
 2023-02-20 20:29:14 +01:00
Dirk
a14fc5bdcf Fix Accept header 
see #2325.

"whenever HTTP/1.1 is used then the Accept header uses "text/*" as a MIME type.
This causes some minor issues with some of the checks we are doing"
 2023-02-20 15:01:40 +01:00
Dirk Wetter
e57527f3ec
Merge pull request #2321 from drwetter/align_json+terminal@run_cipherlists 
Rename 3 jsonIDs in run_cipherlists(): breaking change
 2023-02-08 17:07:42 +01:00
Dirk Wetter
8260ca16e2
Merge pull request #2309 from polarathene/chore/dockerfile-improved-copy 
chore: Use a single `COPY` by better leveraging `.dockerignore` patterns
 2023-02-07 12:23:04 +01:00
Dirk Wetter
363c0d0a69
Merge pull request #2323 from drwetter/drwetter-patch-4 
Remove mkdir in Dockerfile
 2023-02-07 10:29:08 +01:00
Dirk Wetter
f914423978
Remove mkdir in Dockerfile 
see https://github.com/drwetter/testssl.sh/pull/2312#pullrequestreview-1286620850
 2023-02-07 10:28:26 +01:00
Brennan Kinney
81634ce13d
chore: Bring back group value for COPY --chown 2023-02-07 21:36:47 +13:00
Dirk Wetter
1ee21b7f22
Merge pull request #2312 from polarathene/chore/dockerfile-simplify-user 
chore(Dockerfile): Simplify `testssl` user creation
 2023-02-07 09:03:23 +01:00
Dirk Wetter
64ae161218
Merge branch '3.1dev' into chore/dockerfile-simplify-user 2023-02-07 09:03:15 +01:00
Dirk Wetter
66ebfb2f58 Add changes to CSV baseline 2023-02-06 21:56:54 +01:00
Dirk Wetter
6f881dc70b Rename 3 jsonIDs in run_cipherlists(): breaking change 
see #2316 / #2320

AVERAGE --> OBSOLETED
GOOD    --> STRONG_NOFS
STRONG  --> STRONG_FS
 2023-02-05 19:32:08 +01:00
Dirk Wetter
e87b745c93
Merge pull request #2316 from dcooper16/cipherlists_doc 
Update documentation for cipherlists tests
 2023-02-05 19:25:02 +01:00
Dirk Wetter
05b4cdcc0d
Merge pull request #2317 from dcooper16/fix_html 
Fix HTML output in Bash 5.2 and newer
 2023-02-04 09:22:03 +01:00
David Cooper
3d82f7cb21 Fix HTML output in Bash 5.2 and newer 
As noted in #2304, the way that the '&' character is treated in the string part of a pattern substitution changed in Bash 5.2. As a result, the change that was made in #1481 to accommodate older versions of Bash (e.g., on MacOS) now causes testssl.sh to produce incorrect HTML output when run on Bash 5.2.

This commit encodes the '&' characters in the substitution strings in a way that produces correct results on multiple versions of Bash (3.2 on MacOS, 5.2 on Ubuntu 23.10, 5.0 on Ubuntu 20.04).
 2023-02-03 14:18:02 -08:00
David Cooper
b661f7b8d3 Update documentation for cipherlists tests 
The sets of cipher lists checked by `run_cipherslists()` changed in 3.1dev, but the documentation was not updated.
 2023-02-03 11:24:04 -08:00
Dirk Wetter
70237b2328
Merge pull request #2313 from polarathene/chore/dockerfile-remove-mkdir 
chore: Remove redundant `mkdir`
 2023-02-03 19:54:51 +01:00
Dirk Wetter
6c2663aeb6
Merge pull request #2311 from SSLbrain/3.1dev 
Feature Trustcor certificates being removed/disabled from root stores #2293
 2023-02-02 13:55:07 +01:00
Brennan Kinney
76b8f0c981 chore: Remove redundant mkdir 
- If local folder ownership is for example `644` it will fail to handle the `COPY` regardless (while `744` would work).
- Creating the directory with higher permissions in the container does not appear to help.
 2023-02-02 14:26:16 +13:00
Sole
3670c1e4ad Removed non-relevant CA's that no longer have active certificates. 2023-02-02 01:13:00 +00:00
Brennan Kinney
dc7d13b853 chore(Dockerfile): Simplify testssl user creation 
Create `testssl` user (_and group_) with no password (`-D`) and default their shell to bash (`-s`):
- A group will implicitly be created with the same value as the user. `addgroup testssl` and `-G testssl` are not needed.
- Gecos data (`-g "testssl user"`) doesn't appear relevant to the project to be required? The default gecos value (`Linux User,,,`) should be fine.
 2023-02-02 14:07:51 +13:00
Sole
9fc8c33704 Change exception for removed root certificates into easy edit multi-value regular expression for Organization name and making it clear that CA's are actively removed from 1+ root stores. 2023-02-02 00:42:15 +00:00
Brennan Kinney
74892e45c5 chore: Use a single COPY by better leveraging .dockerignore patterns 2023-02-02 12:49:30 +13:00
Dirk Wetter
e02e8be19f
Merge pull request #2306 from drwetter/upgrade_alpine_perf-fix 
Upgrade Alpine version for both Dockerfiles
 2023-02-01 19:45:57 +01:00
Dirk Wetter
beb94d9efc Upgrade Alpine version for both Dockerfiles 
... to improve/mitigate performance problems, see #2299.
(musl libc vs. glibc)
 2023-02-01 19:40:40 +01:00
Dirk Wetter
5a1a114adc
Merge pull request #2300 from drwetter/dependabot/github_actions/docker/build-push-action-4.0.0 
Bump docker/build-push-action from 3.3.0 to 4.0.0
 2023-01-31 09:37:28 +01:00
Dirk Wetter
0b5c414970
Merge pull request #2303 from drwetter/nntp_ci_remove 
Remove NNTP from CI tests
 2023-01-31 09:37:06 +01:00
Dirk Wetter
2e0898c9ef Remove NNTP from CI tests 
Maybe for the future we should check whether host is available and
if so then run the test
 2023-01-31 09:34:18 +01:00
dependabot[bot]
8ae8a6fc44
Bump docker/build-push-action from 3.3.0 to 4.0.0 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 3.3.0 to 4.0.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v3.3.0...v4.0.0)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-31 00:03:02 +00:00
Dirk Wetter
8099dc0106
Merge pull request #2297 from drwetter/ldap_starttls_improvements 
Add logic for STARTTLS enabled AD servers
 2023-01-17 14:27:01 +01:00
Dirk Wetter
fdd72d2785 Cleanup code, clarfy comments for AD/LDAP + STARTTLS 2023-01-17 14:23:53 +01:00
Dirk Wetter
fc2a020294 Add logic for STARTTLS enabled AD servers 
There are two different scenarios. x0C is the buffsize reply from openldap-like servers
whereas AD servers probably have x84 and return also the OID. The following is kind of
hackish as ldap_ExtendedResponse_parse() in apps/s_client.c of openssl is kind of hard
to understand. It was deducted from a number of hosts.
Bottom line: We'll look at the 9th byte or at the 17th when retrieving the result code

AD:
30 84 00 00 00 7d 02 01 01 78 84 00 00 00 74 0a 01 34 04 00 04 55 30 30 30 30 30 30 30 30 3a 20 [ failed AD .. LdapErr + OID..]
30 84 00 00 00 28 02 01 01 78 84 00 00 00 1F 0A 01 00 04 00 04 00 8A 16 [.. OID ..]
   ^^ bufflen                                      ^^ resultcode

30 0C 02 01 01 78 07 0A 01 00 04 00 04 00
   ^^ bufflen              ^^ result code
 2023-01-17 11:16:05 +01:00
Dirk Wetter
ce3bd4764f
Merge pull request #2296 from drwetter/dependabot/github_actions/docker/build-push-action-3.3.0 
Bump docker/build-push-action from 3.2.0 to 3.3.0
 2023-01-16 10:20:13 +01:00
dependabot[bot]
1b2f58d739
Bump docker/build-push-action from 3.2.0 to 3.3.0 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v3.2.0...v3.3.0)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-16 01:05:58 +00:00
Dirk Wetter
7670275e59
Merge pull request #2292 from drwetter/ldap_starttls_improvements 
make starttls_ldap_dialog() more readable...
 2022-12-27 22:06:12 +01:00
Dirk Wetter
c67cefaf8e add info about error handling 2022-12-26 19:15:49 +01:00
Dirk Wetter
336d3c947a better use safe_echo() 2022-12-26 16:14:26 +01:00
Dirk Wetter
b633efae69 make starttls_ldap_dialog() more readable... 
... add references + better debugging output
 2022-12-26 16:10:31 +01:00
Dirk Wetter
198bb09d51
Merge pull request #2282 from drwetter/drwetter-patch-2 
Reflect past update for docker hub's Dockerfile
 2022-11-28 17:09:04 +01:00
Dirk Wetter
0c807bea5b
Reflect past update for docker hub's Dockerfile 
... using alpine 3.16
 2022-11-28 14:10:13 +01:00
Dirk Wetter
9304bb80b8
Merge pull request #2281 from dcooper16/fix_whitespace 
Fix whitespace issues
 2022-11-25 18:23:58 +01:00
David Cooper
e2942966d2 Fix whitespace issues 
This commit fixes incorrect indentations introduced in #2276 and #2278, and also removes the extra whitespace that would have been removed by #2279.
 2022-11-25 07:44:48 -08:00