Commit Graph

4644 Commits

Author SHA1 Message Date
Dirk
4c3cc0df8e - increase first read buffer -- otherwise it's how up at hb reply and lead to false positives 2014-11-20 18:55:51 +01:00
Dirk
d4265742b1 color codes for protocols and default ciphers reflect better a rating
- fix: heartbleed function needed a $TMPFILE for determining the TLS protocol
 - version bumped to 2.1rc2
2014-11-20 10:46:55 +01:00
Dirk
5dd4a8f3fa - fix in cleanup (while debug)
- wrong cmd line option --> help instread of error
2014-11-19 22:23:13 +01:00
Dirk
05877dca93 - protocol check stream lined: similar now for every protocol
- NPN/SPDY is not green anymore
2014-11-19 18:04:43 +01:00
Dirk
d77b667489 - protocol w/o cipher (only SSLv2 so far)
- for EVERY protocol now check whether $openssl supports it
- better fail for PFS if there are no local ciphers
2014-11-19 17:08:59 +01:00
Dirk
52ef1fe684 @oparoz 2014-11-19 13:26:48 +01:00
Dirk
99e472ac01 - banner (opensssl version build date, platform) slightly changed
- even clearer warning upon old openssl version (MacOSX!)
- oparoz hexdump patch
- heartbleed doenst do a precheck anymore --> just sockets as it may lead to false negatives
  if the client was complied with it disabled (FreeBSD)
2014-11-19 13:22:22 +01:00
Dirk
f2c44803ed - FreeBSD fixes (getent, printf) 2014-11-18 23:14:17 +01:00
Dirk
59bdf48823 - Peter 2014-11-18 20:24:10 +01:00
Dirk
41a480abb4 small cleanup 2014-11-18 20:23:17 +01:00
Dirk
8756151a26 Merge branch 'master' of github.com:drwetter/testssl.sh 2014-11-18 16:40:14 +01:00
Dirk Wetter
3d6eda97de Merge pull request #30 from PeterMosmans/cleanup
Make sure that cleanup() function is always called
2014-11-18 16:39:32 +01:00
Dirk Wetter
f067944f2a Merge pull request #29 from PeterMosmans/msys
Added compatilibility with MSYS2 on Windows
2014-11-18 16:30:18 +01:00
Dirk
7b45311c30 - stripping of leading 0 in testssl.sh needed to be reflected by this file 2014-11-18 11:04:57 +01:00
Dirk
049a945abc - prettyprint_local now also can do word pattern matching
- help improved
- put the stripping of leading 0 into normalize_cipher_code where it belonged
- the latter makes a modified mapping-rfc.txt necessary!
2014-11-18 11:03:03 +01:00
Dirk
f45d85617b - hexcode in neat list now w/o leading 0
- help cleaned up and clearer (& removing tabs)
- test_just_one with headline
2014-11-18 10:29:11 +01:00
Peter Mosmans
de0b4313b8 Make sure that cleanup() function is always called
Added {HEADERFILE_BREACH} to temporary files that should be removed
Removed obsolete cleanup calls
2014-11-18 14:30:48 +11:00
Peter Mosmans
15f23f1fec Added compatilibility with MSYS2 on Windows 2014-11-18 13:30:56 +11:00
Dirk
cf8fa2c3f3 - version bumped to 2.1rc1, better layout for chacha (albeit bit ugly), better layout for all ciphers, test_just_one w/ headline 2014-11-18 01:36:29 +01:00
Dirk
16279267ea - sockread w/ sleep
- ccs better documented + more verbose during debug
2014-11-18 00:26:58 +01:00
Dirk Wetter
2e6c0a45cd Update CREDITS.md 2014-11-17 18:59:57 +01:00
Dirk
7414b5b310 next step in color handling: 2=full color, 1: b/w, 0: no ESC codes at all 2014-11-17 18:49:56 +01:00
Dirk
eee56b4bd4 2014-11-17 18:47:39 +01:00
Dirk
fc4c2e5446 - omit the "**" in non colored mode
- query COLOR properly (env)
2014-11-17 17:43:59 +01:00
Dirk
a7bbc6c39a warning upon "no ssl enabled server" clearer; we check only for return code of s_client. Fails if certificate needed 2014-11-17 17:05:43 +01:00
Dirk
b2cd4bfd4c better documentation 2014-11-03 21:45:48 +01:00
Dirk
481af083a3 NEW: first working implementation of "-x <list_of_csv_hexcodes> server" with a catch: none a/v local cipher 2014-11-02 23:37:17 +01:00
Dirk
a2cd77c4ee TLS_FALLBACK_SCSV 2014-10-30 21:15:30 +01:00
Dirk
3b783323d5 TLS_FALLBACK_SCSV 2014-10-30 21:14:50 +01:00
Dirk
5984e86f81 FIX for RUN_DIR, bumped up version to 2.1beta 2014-10-30 21:12:18 +01:00
Dirk
f56f81090a NEW: HPKP 2014-10-29 21:24:43 +01:00
Dirk
b49b1451c4 FIX: for FreeBSD and spaces in "Local problem ..." 2014-10-29 20:23:21 +01:00
Dirk
ef5bf00094 FIXED: too much spaces in "Local problem: No .. configured" 2014-10-23 15:52:06 +02:00
Dirk
6737cd230c FIXED: When there is no support in openssl for SSLv2 the error message and the next protocol test get on the same line 2014-10-23 15:40:15 +02:00
Dirk
abef156191 Merge branch 'master' of github.com:drwetter/testssl.sh 2014-10-17 22:17:04 +02:00
Dirk
1720fed5fe be clear that no TLS_FALLBACK_SCSV support yet 2014-10-17 22:16:37 +02:00
Dirk Wetter
cfc8ed1117 forgot the apple users 2014-10-17 14:28:05 +02:00
Dirk Wetter
4b6d83415b better+ c&p 2014-10-16 16:47:54 +02:00
Dirk Wetter
9714c93ee0 better c&p 2014-10-16 16:46:01 +02:00
Dirk
86e0141f72 POODLE hack 2014-10-15 13:10:06 +02:00
Dirk
192867554e - FIX for getent line 2014-10-15 11:56:40 +02:00
Dirk
5e76322840 - regression on libressl fix fdor openssl fixed 2014-10-14 16:28:18 +02:00
Dirk
df06f45432 - mm: patch for libressl 2014-10-14 16:08:11 +02:00
Dirk
905e1540ab another error message suppressed (DNS) and properly handled internally 2014-10-09 11:22:23 +02:00
Dirk
08202a5768 - FIX: socket reset (ccs, hb) made formatting look not ok 2014-10-08 14:30:31 +02:00
Dirk
397b115a47 BUGFIX: socket buffer wasn't empty, could have led to false negatives 2014-10-08 13:07:12 +02:00
Dirk
4ae510650d - for seldom cases of two hsts header we don't throw an error but take the first one 2014-10-08 01:03:14 +02:00
Dirk
e06251a1d3 - removed netcat dependency, availability check with bash sockets only. Should work on RH'ish distros better now 2014-10-07 12:04:21 +02:00
Dirk
7162d9448f - for clarification hint to license file 2014-10-07 11:15:05 +02:00
Dirk
723ab08258 - BUGFIX: supplying ip addresses only works again 2014-10-07 11:14:39 +02:00