Commit Graph

3300 Commits

Author SHA1 Message Date
Dirk c75a2cd838 In addition to #701 add quotes for correcting cmdline parsing -- especially for supplied filenames/arguments
(HTML,CSV,JOSN,PROXY).

Also strip off leading http:// | https://  for --proxy
2017-04-07 09:49:44 +02:00
Dirk Wetter dc629202bb Merge pull request #701 from dcooper16/wordsplitting_filenames
Handle word splitting of log file names.
2017-04-07 08:54:07 +02:00
Dirk Wetter 9c13d2a3a2 Merge pull request #700 from dcooper16/fix_696
Fix #696
2017-04-07 08:52:38 +02:00
Dirk Wetter 46ca4b272d Merge pull request #699 from dcooper16/fix_695
Fix #695
2017-04-07 08:38:52 +02:00
David Cooper 381ad3de32 Handle word splitting of log file names.
This PR fixes a problem that occurs if log file names include spaces.
2017-04-06 11:26:03 -04:00
David Cooper 3a9c49c989 Fix #696
If I understand correctly how `run_hpkp()` should be displaying the list of Backups, the problem shown in the photo attached to #696 occurred because the dangling SPKIs should have been printed on the next line. This PR fixes this by changing the code that prints out the "good" backups to include a newline after printing the CA's name.

Another problem this PR fixes is that `tm_italic()` is being called instead of `pr_italic()`, meaning that the italicized text is being printed to the terminal, but is not being included in the HTML output.

Finally, this PR fixes errors in the definitions of `tmln_italic()` and `prln_italic()`. `tmln_italic()` calls `outln()` and `prln_italic()` calls `tmln_out()` instead of the reverse.
2017-04-06 10:54:20 -04:00
David Cooper ce620ac7d0 Fix #695
This PR fixes issue #695 by changing the call to `out_row_aligned_max_width()` so that the length of the flag is considered in determining the length of the first line of the output.
2017-04-06 10:37:45 -04:00
David Cooper 69530d77cf Merge branch '2.9dev' into openssl_location 2017-04-06 09:12:43 -04:00
Dirk e2f5d5c3cf updated comments 2017-04-06 11:33:54 +02:00
Dirk 3351f8832c mute the error message using bash3, see #697 (2.9dev) 2017-04-06 11:23:57 +02:00
Dirk Wetter c188408f8e Merge pull request #698 from dcooper16/mass_testing_parallel
Mass testing in parallel
2017-04-06 10:25:38 +02:00
Dirk 8a2967c62e make use of swapped out tls data file
(main() sill needs a bit of work)
2017-04-06 09:47:09 +02:00
David Cooper c04d254a43 Mass testing in parallel
This PR modifies `run_mass_testing_parallel()` so that it may be used in place of  `run_mass_testing()`.
2017-04-05 16:58:57 -04:00
David Cooper b98ef7cd8e Merge branch '2.9dev' into openssl_location 2017-04-05 15:01:06 -04:00
Dirk 61d42b022c fix missing space in banner and suppress empty version string 2017-04-05 20:39:35 +02:00
Dirk ec55cdea14 "post-fix" for #697 (2.9dev) 2017-04-05 20:20:00 +02:00
David Cooper dabe72542f Merge branch '2.9dev' into openssl_location 2017-04-05 12:41:50 -04:00
Dirk bfb0f4bc7d FIX #697 in 2.9dev (bash hiccup @ tolower) 2017-04-05 17:28:06 +02:00
Dirk b1ce11d76e in addition to #694: using the predefined variable 2017-04-05 14:48:35 +02:00
Dirk 6b0f389225 fix #694 (CSP and HTTP header friends were cut off @ last colon)
introduced strip_leading_space() / strip_trailing_space()
2017-04-05 14:42:55 +02:00
David Cooper 2d73d06474 Merge branch '2.9dev' into openssl_location 2017-04-04 15:49:40 -04:00
Dirk 7549f10c79 added explanation for #692 2017-04-04 20:23:28 +02:00
Dirk Wetter c593f06f6d Merge pull request #692 from dcooper16/fix_html
Fix HTML
2017-04-04 20:18:05 +02:00
David Cooper 1b4c1cc40c Update testssl.sh
This PR fixes two issues with HTML generation that were introduced by a commit on March 31, 2016, "[count_ciphers is now un-sed'ed, minor improvements](a480e5f699)."

The first is that in `std_cipherlists()`, `[[ $DEBUG -ge 1 ]] && outln " -- $1" || outln` was changed to `[[ $DEBUG -ge 1 ]] && outln " -- $1" || outln`. The result being that in the HTML output, all of the tests from `run_std_cipherlists()` appear on the same line. This PR changes the line to:
```
          [[ $DEBUG -ge 1 ]] && tm_out " -- $1"
          outln
``
so that the line break is added to the HTML output, but the debugging information is not.

The second problem is that the commit on March 31 moved the call in main to `html_header()` until after the calls to `get_install_dir()`, `find_openssl_binary()`, `mybanner()`, `check4openssl_oldfarts()`, and `check_bsd_mount()`. The problem is that each of these functions may call an output function that will call `html_out()`.

If `html_out()` is called before `html_header()` and the command line contains `--htmlfile <htmlfile>`, then "htmlfile" will be written to before `html_header()` is called and then `html_header()` will warn that "htmlfile" already exists and then exit the program.

If `html_out()` is called before `html_header()` and the command line contains `--html`, then anything send to `html_out()` before `html_header()` is called (such as the banner) will not appear in the HTML file.
2017-04-04 13:25:31 -04:00
David Cooper 1ca898190d Merge branch '2.9dev' into openssl_location 2017-04-04 08:54:18 -04:00
Dirk 8213e2436c addressed #691 for 2.9dev 2017-04-04 09:54:47 +02:00
David Cooper a26a53ccef Merge branch '2.9dev' into openssl_location 2017-04-03 09:00:47 -04:00
Dirk 498dda94ce using get_san_dns_from_cert() 2017-04-01 10:38:04 +02:00
David Cooper 32418e39db Merge branch '2.9dev' into openssl_location 2017-03-31 12:02:22 -04:00
Dirk 6b601e22c7 adding Referrer-Policy header (FIX #604)
introduced get_san_dns_from_cert()

added two stub function get_session_ticket_lifetime_from_serverhello
2017-03-31 17:04:04 +02:00
David Cooper e03d89107b Merge branch '2.9dev' into openssl_location 2017-03-31 09:36:26 -04:00
Dirk Wetter 75c794546d Merge pull request #689 from dcooper16/run_server_defaults_cleanup
Cleanup variable definitions in run_server_defaults()
2017-03-31 12:53:46 +02:00
Dirk a480e5f699 count_ciphers is now un-sed'ed, minor improvements 2017-03-31 12:24:25 +02:00
Dirk Wetter 10ac0ffed4 Merge pull request #687 from dcooper16/child_mass_testing_env_variable
Child mass testing env variable
2017-03-31 08:44:15 +02:00
David Cooper 9f93d9d578 Move insertion of commas to a separate file
Create a separate function to insert the comma separators between findings for different tests within mass testing.
2017-03-30 12:48:25 -04:00
David Cooper d8a7037000 Add missing comma
I did some testing with http://jsonlint.com/ and discovered a missing comma when massing testing is being performed and a single JSON file is being created.
2017-03-30 12:37:41 -04:00
David Cooper 73a24cba27 Correct indentation in run_server_defaults()
This second commit doesn't make any changes to the code, it just corrects the indentation.
2017-03-30 10:27:08 -04:00
David Cooper ba2a75b093 Cleanup variable definitions in run_server_defaults()
In `run_server_defaults()` the variable `success` is defined twice, once an an ordinary variable and once as an array. The PR removes the incorrect definition. It also removes the definitions of some variables that are no longer used and reorganizes the definitions so that each line has only one variable type.

I also noticed a typo later in `run_server_defaults()` and corrected it.
2017-03-30 10:08:26 -04:00
Christian Dresen 2211a23bf0 Added Dockerfile.md, modified Dockerfile: pull with depth=1, default-cmd: --help 2017-03-30 14:41:46 +02:00
Christian Dresen c366f09043 Removed unused lines from Dockerfile for testssl.sh 2017-03-30 13:35:48 +02:00
Christian Dresen db32b1fbea Added Dockerfile for testssl.sh 2017-03-30 13:18:46 +02:00
David Cooper 603f03e79a Remove tmp.json files after use
Remove tmp.json files after use so that testssl.sh doesn't complain that they already exist.
2017-03-29 11:43:03 -04:00
David Cooper 1723374511 Remove tmp.file files after use
Remove tmp.json files are use so that testssl.sh doesn't complain that they already exist.
2017-03-29 11:42:09 -04:00
David Cooper e7c0ca13f6 Remove tmp.json files after use
Remove tmp.json files are use so that testssl.sh doesn't complain that they already exist.
2017-03-29 11:41:23 -04:00
David Cooper 04f86f9469 Fix indentation of JSON pretty banner 2017-03-29 11:22:29 -04:00
David Cooper 86c81f2276 Use CHILD_MASS_TESTING environment variable
This PR introduces the environment variable `CHILD_MASS_TESTING`, and uses it as an indicator that testssl.sh is running as a child within mass testing rather than using the `$APPEND` flag. It also makes a number of other changes to make the handling, of HTML, CSV, JSON, and log files consistent, and it fixes a number of bugs related to the generation of these files when mass testing is being performed.

Please let me know if you disagree with any of the changes in this PR, or if you would prefer that it be broken up into multiple smaller PRs.

Some of the changes are as follows:
- When the `$APPEND` flag is true, all of these files are appended to and headers and footers are omitted. (Perhaps this should be changed. Appending to a log file isn't an issue, but appending to a JSON or HTML file without including headers or footers seems to just create an improperly formatted file).
- Following the code in `prepare_logging()`, an error is printed and the program stops if the `$APPEND` flag is false and one of the files to be written to already exists.

Some of the bugs fixed:

Creating log files did not work with mass testing:
- If `--logfile <logfile>` is used, then the parent and each child try to write to "logfile".
- If `--logging` is used, then a log file is created for each child, but an oddly-named log file is also created for the parent. The one created by the parent contains the entire output.

Plain JSON files:
- When `--jsonfile <jsonfile>` is run, there is no comma separating the final finding for one child and the first finding for the next child.

Pretty JSON files:
- When `--jsonfile-pretty <jsonfile>` is called without mass testing, the "target host" line is empty, since `$NODE` has not yet been set.
- When `--jsonfile <jsonfile>` is run with mass testing, there is no comma separating the final finding for one child and the first finding for the next child. In addition, `fileout_pretty_json_banner()` is never called, and the entries for individual tests have insufficient information to determine what is being tested (it lists "service" and "ip", but not port number).

For the final issue, when mass testing is being performed and all output is being placed in a single file, I have the parent call `fileout_pretty_json_banner()`, but tell `fileout_pretty_json_banner()` to not include a "target host" or "port", but then have each child include a "target host" or "port" (when the "service" and "ip" are being printed).
2017-03-29 11:16:09 -04:00
David Cooper 312598837f Merge branch '2.9dev' into openssl_location 2017-03-29 09:01:38 -04:00
Dirk 7953bfda5e correct DEBUGTIME 2017-03-29 11:17:24 +02:00
Dirk 05ea5675b8 one line per variable type 2017-03-29 10:44:22 +02:00
Dirk Wetter 2f8bc2e77a Merge pull request #686 from dcooper16/out_row_aligned_max_width
out_row_aligned_max_width()
2017-03-29 10:39:04 +02:00