Commit Graph

1018 Commits

Author SHA1 Message Date
David Cooper b6ccdec614 Merge branch 'master' into version_negotiation 2016-06-24 13:27:35 -04:00
David Cooper 31c3a87a72 Merge branch 'master' into run_allciphers(),run_cipher_per_proto(),-and-SSLv2 2016-06-24 13:26:28 -04:00
David Cooper f2077b7726 Merge branch 'master' into fix_issue_276 2016-06-24 13:23:07 -04:00
David Cooper 0e58e272f8 Merge branch 'master' into client_sim_sockets
Conflicts:
	testssl.sh
2016-06-24 13:18:25 -04:00
Dirk 5cb4b722b4 in client simulation it should be TLSv1.0 instead of TLSv1.0 2016-06-24 19:01:00 +02:00
Dirk 93204937c5 FIX #376 2016-06-23 19:42:26 +02:00
David Cooper dd8788d670 Merge branch 'master' into fix_issue_276 2016-06-23 09:42:18 -04:00
David Cooper df2904edbf Merge branch 'master' into run_allciphers(),run_cipher_per_proto(),-and-SSLv2 2016-06-23 09:36:58 -04:00
David Cooper df4edd4152 Merge branch 'master' into version_negotiation 2016-06-23 09:36:06 -04:00
David Cooper bebdc3c70e Merge branch 'master' into client_sim_sockets 2016-06-23 09:24:54 -04:00
Dirk 68353db42b polishing #382 2016-06-23 14:33:26 +02:00
Dirk Wetter 31c8979d41 Merge pull request #382 from seccubus/mass_and_file_out
Allow the file output feature and mass_test feature to work together
2016-06-23 13:40:09 +02:00
Dirk Wetter b5b9dd8712 Merge pull request #387 from bad/master
porting to NetBSD
2016-06-23 12:15:02 +02:00
Dirk ef23703903 fix for #389 2016-06-23 12:04:45 +02:00
Dirk Wetter e7404e9ce9 Merge pull request #389 from flmsc/master
Fix HSTS/HPKP includeSubDomains and preload being broken in file output.
2016-06-23 12:02:37 +02:00
Dirk 6eedd5747f wrong language fix ;-) 2016-06-23 11:13:11 +02:00
Dirk 6efc3e90f5 includes IPv6 check and is ready for other uname's 2016-06-23 11:04:58 +02:00
Florian Schuetz 18c5f273c3 HSTS: check if max-age is present and nonzero 2016-06-21 21:24:24 +02:00
Florian Schuetz f8579ee2f7 Fix HSTS/HPKP includeSubDomains and preload being broken in file output. 2016-06-21 08:57:39 +02:00
Christoph Badura 0fd261eb6c Refactor date parsing. Makes testssl.sh work on NetBSD too.
Introduce a parse_date() function to handle all date parsing.
Check for the following date(1) variants:
GNU: accepts "-d date-to-parse".
FreeBSD/OS X: accepts "-j -f input-format"
everything else: accepts "-j date-to-parse"

usage: parse-date date output-format input-format

Tested on NetBSD, OS X 10.11 and Debian jessie.
2016-06-20 22:01:13 +02:00
Christoph Badura 48d5e5a7a1 Drop remaining '\c's in printf(1) arguments. 2016-06-20 22:01:13 +02:00
David Cooper b8b779b419 Use sockets for client simulations
Modify run_client_simulation() to send the ClientHello from https://api.dev.ssllabs.com/api/v3/getClients (modified to use the correct value in the server name extension) if $EXPERIMENTAL is true, $STARTTLS is empty, and $SSL_NATIVE is false.
2016-06-17 16:33:00 -04:00
David Cooper 1275ce5ed2 Merge branch 'master' into version_negotiation 2016-06-17 16:18:09 -04:00
David Cooper 0a51239cda Merge branch 'master' into run_allciphers(),run_cipher_per_proto(),-and-SSLv2 2016-06-17 16:17:31 -04:00
David Cooper 2b4d10137a Merge branch 'master' into fix_issue_276 2016-06-17 16:14:24 -04:00
Dirk Wetter 02e9f5cd23 fix colum spacing again for all alg chacha poly ciphers 2016-06-15 21:31:10 +02:00
Dirk Wetter 9b8fc2c6f0 rename old alg chacha/poly ciphers according to SSLlabs (#379 / https://github.com/PeterMosmans/openssl/issues/43) 2016-06-15 20:14:08 +02:00
Dirk Wetter d10dd6d34c align old chacha/poly ciphers output in OPENSSL name, see #379 2016-06-15 20:12:48 +02:00
Frank Breedijk 3b1d8b6253 Need to deal with the comma correctly if we are appending to a file 2016-06-14 10:36:57 +02:00
David Cooper 34e983c301 Merge branch 'master' into version_negotiation 2016-06-13 16:07:35 -04:00
David Cooper a53ee051f6 Merge branch 'master' into run_allciphers(),run_cipher_per_proto(),-and-SSLv2 2016-06-13 16:07:01 -04:00
David Cooper 5c0368c476 Merge branch 'master' into fix_issue_276 2016-06-13 16:04:10 -04:00
Dirk 1fae394b04 2013 --> OLD for CHACHA/POLY ciphers 2016-06-13 21:38:02 +02:00
David Cooper b590ecedcf Merge branch 'master' into version_negotiation 2016-06-13 15:03:11 -04:00
David Cooper 321a8bfe57 Merge branch 'master' into run_allciphers(),run_cipher_per_proto(),-and-SSLv2 2016-06-13 15:02:20 -04:00
David Cooper 5f120f8021 Merge branch 'fix_issue_276' of https://github.com/dcooper16/testssl.sh into fix_issue_276 2016-06-13 14:57:51 -04:00
David Cooper 3420c86e7f Merge branch 'master' into fix_issue_276 2016-06-13 14:55:55 -04:00
Dirk Wetter d4454d009b Merge pull request #383 from dcooper16/printSAN
Printing of subjectAltName extension
2016-06-13 19:32:31 +02:00
David Cooper 1d0c8cb3f8 Printing of subjectAltName extension
Modify the extraction of the subjectAltName extension from certificates in order to address SANs with name forms other than DNS and otherName.
2016-06-13 12:52:19 -04:00
David Cooper b264714fd9 Add check of IP address
compare_server_name_to_cert() now checks the DNS names and IP addresses in the subjectAltName extension for a match.
2016-06-13 11:09:15 -04:00
David Cooper 0a1c4d565c Merge branch 'master' into fix_issue_276 2016-06-13 10:59:34 -04:00
Frank Breedijk 701545dbb6 Allow the file output feature and mass_test feature to work together 2016-06-13 15:35:56 +02:00
Dirk Wetter 88fd5c4e19 Merge pull request #381 from PeterMosmans/chachanaming
Updated ChaCha20 cipher names
2016-06-13 08:27:28 +02:00
Peter Mosmans a06c71d915 Updated ChaCha20 cipher names
See https://tools.ietf.org/html/draft-ietf-tls-chacha20-poly1305-04 (the latest version as of this writing is 04).
The previous version received the suffix _2013. See https://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-04
2016-06-13 10:34:04 +10:00
Dirk Wetter 1b7653e438 Update Readme.md 2016-06-11 09:08:51 +02:00
David Cooper 76ea57863a Merge branch 'master' into run_allciphers(),run_cipher_per_proto(),-and-SSLv2 2016-06-10 15:29:00 -04:00
David Cooper f84ebd99b5 Merge branch 'master' into fix_issue_276 2016-06-10 15:27:46 -04:00
David Cooper 52d6eabdf7 Merge branch 'master' into version_negotiation
Conflicts:
	testssl.sh
2016-06-10 15:26:29 -04:00
Dirk Wetter 61a049ccf9 Merge pull request #380 from dcooper16/runallciphers128limit
run_cipher_per_proto() 128-cipher limit
2016-06-10 20:30:47 +02:00
David Cooper 8c86049848 run_cipher_per_proto() 128-cipher limit
Ensure that neither run_allciphers() nor run_cipher_per_proto() sends a ClientHello with 128 or more cipher suites.
2016-06-10 13:45:25 -04:00