Commit Graph

3787 Commits

Author SHA1 Message Date
Dirk Wetter 20c57289d1
Merge pull request #1792 from drwetter/docker_docu_polish
Consolidate docker sections in Readme.md and Dockerfile.md
2020-11-27 16:35:03 +01:00
Dirk Wetter 1a7e4f1e92 consolidate docker sections in Readme.md and Dockerfile.md
see #1791
2020-11-27 16:33:23 +01:00
Dirk Wetter 849c031597
Merge pull request #1789 from drwetter/skip_sometunittests
Trying to reduced the runtime of travis
2020-11-27 15:24:06 +01:00
Dirk Wetter 96d4b4f08b Trying to reduced the runtime of travis
Often in the past travis was hitting a limit (50min?).

This is a try to make reasonable cuts to the unit tests:
- For STARTTLS some checks with OPenSSL are skipped
- For JSON and HTML outputs --ids-friendly was added assumming we
  don't change the output of ticketbleed, CCSI, HeartBleed and ROBOT any more.
- There's also not point to run those checks against badssl
- for  the diff check we switch to 'or diag' to display a dfifference
2020-11-27 13:19:52 +01:00
Dirk Wetter a5d93486ad
Merge pull request #1788 from drwetter/diff_unittest
Diff unittest
2020-11-26 20:04:22 +01:00
Dirk 665209bf60 typos 2020-11-26 16:27:40 +01:00
Dirk 1b63760bc3 Add baseline master file for testssl.sh 2020-11-26 16:05:08 +01:00
Dirk Wetter 9aafc452d8
Merge pull request #1787 from drwetter/unittest_reorder
Unittest reorder
2020-11-26 16:04:02 +01:00
Dirk a98ede0720 Finalize first diff check for travis 2020-11-26 15:58:13 +01:00
Dirk 49d321cfbb Add "command not found" 2020-11-26 13:41:44 +01:00
Dirk 191efddaee document changes from previous commits 2020-11-26 13:07:49 +01:00
Dirk 0c20b21fc2 Better order, "command not found added" 2020-11-26 13:02:10 +01:00
Dirk Wetter 9ea7446203 Add STARTTLS injection to Changelog 2020-11-26 10:48:32 +01:00
Dirk Wetter 5c5c4dcd58 Merge branch '3.1dev' into starttls_smtp_injection
Resolving conflicts because of do_winshock
2020-11-26 10:45:02 +01:00
Dirk Wetter cc40d2f559
Merge pull request #1786 from drwetter/new-templates
Update issue templates
2020-11-25 21:19:48 +01:00
Dirk Wetter b47bc9e871
Update bug_report.md 2020-11-25 21:19:26 +01:00
Dirk Wetter cab2ee7706
Update bug_report.md 2020-11-25 21:13:44 +01:00
Dirk Wetter 0ed7ede6de
Update other-issues---question.md 2020-11-25 21:12:47 +01:00
Dirk 9ee939397e Merge remote-tracking branch 'origin/template_update' into new-templates 2020-11-25 21:11:18 +01:00
Dirk Wetter d1481616db Update issue templates
Use the new style suggested bu github
2020-11-25 21:07:54 +01:00
Dirk Wetter 4a62b365a9 remove old universal template 2020-11-25 20:12:00 +01:00
Dirk Wetter 21d0910b50
Merge pull request #1781 from drwetter/fix_1779_3.1dev
Fix reading SSLv2 socket
2020-11-24 21:58:05 +01:00
Dirk 3a15383273 Fix reading SSLv2 socket
This fixes #1779. There was a problem introduced in
3cd1273439 which counted
the size of the file name rather than the size of the
socket reply.

The helper function count_chars() is now not used anymore.
It maybe useful in the future though.
2020-11-20 11:23:20 +01:00
Dirk Wetter ac99fbe078
Merge pull request #1773 from drwetter/ca-update
Update certificate stores
2020-11-14 11:11:10 +01:00
Dirk Wetter 2c4799e154
Merge pull request #1518 from dcooper16/html_colors
Make colors in HTML output more accessible
2020-11-14 11:10:47 +01:00
Dirk Wetter ce802634b6 Update remaining: Apple / Java / Microsoft
* also ca_hashes.txt

* Used Java SDK 15 instead of JRE 8
* Used Windows 20H2
* Java Keystore has added 5 certificates (90 --> 95)

Updated Readme and make it more reproducible
2020-11-13 22:01:17 +01:00
David Cooper 64cca8c03a Reintroduce unused print functions
This commit adds back in the print functions (tm_*, tmln_*, pr_*, prln_*) that are defined but not used.
2020-11-13 15:32:21 -05:00
David Cooper 7d183ba8a2 This commit changes the colors that are used when generating HTML so that they comply with the minimum requirements for contrast in the W3C's Web Content Accessibility Guidelines (WCAG). 2020-11-13 14:48:14 -05:00
Dirk Wetter a019b3d396
--overwrite / X-XSS-Protection 2020-11-13 19:26:47 +01:00
Dirk Wetter 2098ea33c5
Merge pull request #1777 from drwetter/feature_overwrite
Introducing --overwrite option
2020-11-13 18:59:03 +01:00
Dirk Wetter 9d0744e229 Introducing --overwrite option
Sometimes it is needed to overwrite existing output files.
This has been requested in the past (#927). For safety reasons
it was not implemented.

However I realized that it could be useful. It requires some
responsible usage though.

Code added, help() and manpages added -- warnings added too.
2020-11-13 16:05:53 +01:00
Dirk Wetter 33ea2c710c updated Linux.pem + Mozilla.pem 2020-11-11 18:15:56 +01:00
Dirk Wetter 65586311f6
Merge pull request #1769 from drwetter/fix_1768
Fix perl style variable in starttls_full_read()
2020-11-05 14:07:42 +01:00
Dirk Wetter 19219dca2e Fix perl style variable in starttls_full_read()
This fixes #1768
2020-11-05 11:47:53 +01:00
Dirk Wetter b0c1f99923
Merge pull request #1766 from keisentraut/fix-gitignore-ignore-html-scan-results
.gitignore: ignore HTML scan results like example.com_p443-20201103-1…
2020-11-03 20:35:46 +01:00
Klaus Eisentraut da3be342bb .gitignore: ignore HTML scan results like example.com_p443-20201103-1037.html 2020-11-03 10:51:40 +01:00
Dirk Wetter 498dc80885
Merge pull request #1765 from drwetter/http_header_color
Remove lite cyan color for http header
2020-11-03 08:51:35 +01:00
Dirk 12bf2987a2 Remove lite cyan color for http header
While we are not sure yet how we deal with "other" colors and different
backgrounds users can have, I'll remove the light cyan here until we
settle on a standard. (other=not yellow,reds,brown,greens)
2020-11-03 08:44:40 +01:00
Dirk Wetter 8d812f5dc0
Merge pull request #1764 from keisentraut/fix-1762
fix #1762: Stop labeling X-XSS-Protection as green
2020-11-02 21:46:51 +01:00
Klaus Eisentraut 5949a0465a fix #1762: X-XSS-Protection is rated as INFO, fixed bug introduced in last commit 2020-11-02 19:58:49 +01:00
Klaus Eisentraut 6f3c957fe7 fix #1762: Stop labeling X-XSS-Protection as green 2020-10-30 22:45:16 +01:00
Dirk Wetter e3cd36a63b
Merge pull request #1760 from keisentraut/fix-1757
fix #1757: manpage: --c has one dash to much
2020-10-29 20:27:19 +01:00
Klaus Eisentraut d130d70e8b fix #1757: manpage: --c has one dash to much 2020-10-29 20:05:44 +01:00
Dirk Wetter 084a29409d
Merge pull request #1758 from drwetter/fix_1754
Fix run_freak() when sslv2 server hello is empty
2020-10-28 11:43:30 +01:00
Dirk Wetter faad7128a7 If we are sure we don't have sslv2 we don't need to test any RC4 SSLv2 ciphers 2020-10-28 10:13:22 +01:00
Dirk Wetter 3cd1273439 Address complaint by Travis
Despite the fact google doesn't support RC4 ciphers, testssl.sh called
sslv2_sockets(). Google answered with a >= TLS alert. Building a sum then
failed then in sslv2_sockets().

This fixes sslv2_sockets() and introduces count_chars() as a helper function
(tested also under old FreeBSD to make sure it works under MacOSX).
2020-10-28 10:06:39 +01:00
Dirk 888f4f9c5a Fix run_freak() when sslv2 server hello is empty
This fixes #1754 by avoiding further strings operations if the socket
reply is empty as bash 5.1 seems to have a problem with that. The fix
is done in sslv2_sockets() .

Also sslv2 is not being used in run_freak() if known not to be supported.
2020-10-27 22:36:42 +01:00
Dirk Wetter d531981e31
Merge pull request #1756 from drwetter/fix_1755
Fix issue with host certificate expiration
2020-10-26 21:45:41 +01:00
Dirk 45b5d7a5d8 Fix issue with host certificate expiration
- wrong certificate name
- fault logic (if statements) -- intermediate section looks not affected
2020-10-26 21:32:09 +01:00
Dirk Wetter 4af901683a
Merge pull request #1751 from tosticated/ssl_renego_mod
Modified ssl renegotiation attempts to be variable, default 6.
2020-10-20 21:00:02 +02:00