Git
/
testssl.sh
mirror of https://github.com/drwetter/testssl.sh.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
4,171 Commits 14 Branches 30 Tags 208 MiB
Commit Graph

4171 Commits

Author SHA1 Message Date
Dirk Wetter 88e80d2688
Merge pull request #2201 from drwetter/readme-patch 
Update README.md
 2022-07-02 22:13:06 +02:00
Dirk Wetter 12654b904b
Update README.md 2022-07-02 22:12:56 +02:00
Dirk Wetter 559049fa60
Merge pull request #2200 from drwetter/cert_update 
Update cert stores
 2022-07-02 22:11:24 +02:00
Dirk e217af0324 Remove the expired DST Root CA X3 cert from ... 
Apple / Linux / Microsoft stores
 2022-07-02 16:02:30 +02:00
Dirk d79504ea8a Reference to remove DST Root CA 2022-07-02 16:00:16 +02:00
Dirk 9f4a3b359c add new stores 2022-07-02 15:59:00 +02:00
Dirk fb2b4935ac Java.pem from Oracle jdk-17.0.3.1 2022-07-01 22:01:36 +02:00
Dirk dca2672d88 Apple.pem: picked from Internet (see etc/Readme.md) 2022-07-01 21:55:43 +02:00
Dirk 285eb60d45 add loop for Apple.pem 2022-07-01 21:51:25 +02:00
Dirk f1003d62f8 fine tune instructions for Apple.pem 2022-07-01 21:45:02 +02:00
Dirk 8b580d1448 Update cert store: Linux + Mozilla 2022-07-01 21:32:38 +02:00
Dirk Wetter 153ce87982
Merge pull request #2194 from dcooper16/reorganize_ciphers_by_strength 
Reorganize ciphers_by_strength()
 2022-07-01 21:26:26 +02:00
David Cooper 564dd63efc Reorganize ciphers_by_strength() 
This commit modifies ciphers_by_strength() and run_server_preference() so that the message indicating that ciphers are listed by strength is not printed until the list of supported ciphers has been determined. This is in support of #1311, as it will allow the message to be modified based on the set of supported ciphers.

This commit also modifies both ciphers_by_strength() and cipher_pref_check() so that the order in which ciphers are listed (by strength or server preference) is not printed if the server does not support the protocol.
 2022-06-06 15:48:34 -04:00
Dirk Wetter 13298ffd19
Merge pull request #2193 from drwetter/moregitignore 
More .gitignore files
 2022-06-01 09:47:12 +02:00
Dirk Wetter 6959d3c9a5 few amendments to ignore files 2022-05-31 20:39:47 +02:00
Dirk Wetter 8438f99856
Merge pull request #2169 from drwetter/update_clients1 
Update client simulations
 2022-05-31 17:00:37 +02:00
Dirk Wetter c92a648391 Add LibreSSL from MacOS 2022-05-31 16:17:47 +02:00
Dirk Wetter 854028166d Including AppleMail 2022-05-31 15:12:16 +02:00
Dirk Wetter b274e3b858 correct openssl 3.0.3 data which made CI action fail 2022-05-31 14:32:47 +02:00
Dirk Wetter 6536eaddb6 remove Java 12 and OSX 10 in baseline file 2022-05-31 14:09:19 +02:00
Dirk Wetter a21a343c1c disable Java 12 and Safari on OS X 10.12 2022-05-31 12:17:38 +02:00
Dirk Wetter 09432f0346 minor fix: italic markdown 2022-05-31 12:10:36 +02:00
Dirk Wetter f90b473b32 Add Thunderbid 91.9 to hanshak simulation 2022-05-31 12:10:11 +02:00
Dirk Wetter 6023acd58c Merge branch '3.1dev' into update_clients1 2022-05-31 12:09:23 +02:00
Dirk Wetter acc063e078
Merge pull request #2181 from dcooper16/continue_server_pref_on_error 
Continue run_server_preference() on error
 2022-05-31 11:37:08 +02:00
Dirk Wetter e6f6bcaaa7
Merge pull request #2191 from drwetter/pr2189 
Fix CRIME test
 2022-05-30 14:58:48 +02:00
Dirk Wetter dfbb9f8122 Fix Actions 
this one works locally...
 2022-05-30 13:37:07 +02:00
Dirk Wetter 8d817e1dcf PR to merge #2189 
added: changes in CI so that it goes through
 2022-05-25 18:46:08 +02:00
Dirk Wetter f3fe2ac401 Merge branch 'EliteTK-fix-crime-tls1.3' into pr2189 2022-05-25 18:45:13 +02:00
Tomasz Kramkowski fc0cc67d47 Make run_crime use $jsonID instead of repeating 
This also seems more consistent across the code.
 2022-05-23 13:57:31 +01:00
Tomasz Kramkowski 326a65e7ad Fix CRIME test on servers only supporting TLS 1.3 
As jsonID is not set by run_crime, make the fileout invocation for
servers supporting only TLS 1.3 use the literal "CRIME_TLS" instead.

Previously running testssl with CSV or JSON output would produce an item
with the wrong ID.
 2022-05-23 13:53:38 +01:00
David Cooper 706262095b Continue run_server_preference() on error 
Currently run_server_preference() will stop if it cannot determine whether the server enforces a cipher preference order.

This commit changes run_server_preference() so it will continue running even if this case, so that the list of ciphers supported with each TLS protocol is provided. Since it is not known whether the server enforces a cipher order, the list of supported ciphers is ordered by strength.
 2022-05-16 09:28:02 -04:00
Dirk Wetter d931eb470c
Merge pull request #2186 from drwetter/censys_fix_2127 
Fix censys link in DROWN section
 2022-05-14 13:57:46 +02:00
Dirk 04463784a8 Fix censys link in DROWN section 
See #2127. the line seems very long though.

Note: this was previously commited as #2184 but as there were two mistakes
and one other thing which could be improved I decided to make a hard reset.

Apologize if it caused inconvenience.
 2022-05-14 12:06:09 +02:00
Dirk 1eb8347174 Update comparion/diff file for CI 
... for the time being
 2022-05-10 13:08:44 +02:00
Dirk Wetter b89574e5c7
Merge pull request #2180 from dcooper16/ossl_ffdhe 
Check for OpenSSL support for ffdhe groups
 2022-05-10 07:47:56 +02:00
Dirk Wetter 86158f0bdf Firefox 100, Chrom and Edge 101 (Win10) 
- disabled Opera (too old)
- disabled ATS 9 / iOS 9
- reenabled Android 8.1
 2022-05-09 17:49:16 +02:00
David Cooper 66c3e35dba Check for OpenSSL support for ffdhe groups 
OpenSSL 3.0.0 and later supports specifying the FFDHE groups from RFC 7919 in the "-groups" (or "-curves") option of s_client.

This commit modifies find_openssl_binary() to check whether $OPENSSL supports this. This information is then used by run_client_simulation(), if client simulation testing is being performed using $OPENSSL. If the "curves" for a client include FFDHE groups, then they will be included in the simulated ClientHello.
 2022-05-09 09:46:40 -04:00
Dirk Wetter 6bd80b3baa Merge branch '3.1dev' into update_clients1 2022-05-06 10:32:01 +02:00
Dirk Wetter 22d8cd3adf Go client (1.17) 2022-05-06 10:06:03 +02:00
Dirk Wetter ff23a2ba22
Merge pull request #2177 from drwetter/dependabot/github_actions/docker/setup-buildx-action-2 
Bump docker/setup-buildx-action from 1 to 2
 2022-05-06 08:17:49 +02:00
Dirk Wetter 4935679f50
Merge pull request #2176 from drwetter/dependabot/github_actions/docker/metadata-action-4 
Bump docker/metadata-action from 3 to 4
 2022-05-06 08:17:33 +02:00
Dirk Wetter f1ce1a21bb
Merge pull request #2175 from drwetter/dependabot/github_actions/docker/setup-qemu-action-2.0.0 
Bump docker/setup-qemu-action from 1.2.0 to 2.0.0
 2022-05-06 08:17:09 +02:00
Dirk Wetter acfbaf8408
Merge pull request #2174 from drwetter/dependabot/github_actions/docker/login-action-2.0.0 
Bump docker/login-action from 1.14.1 to 2.0.0
 2022-05-06 08:16:42 +02:00
Dirk Wetter c332d03323
Merge pull request #2173 from drwetter/dependabot/github_actions/docker/build-push-action-3.0.0 
Bump docker/build-push-action from 2.10.0 to 3.0.0
 2022-05-06 08:15:59 +02:00
dependabot[bot] f434dd963d
Bump docker/setup-buildx-action from 1 to 2 
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 1 to 2.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](https://github.com/docker/setup-buildx-action/compare/v1...v2)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-06 00:31:01 +00:00
dependabot[bot] d40591bf00
Bump docker/metadata-action from 3 to 4 
Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 3 to 4.
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Upgrade guide](https://github.com/docker/metadata-action/blob/master/UPGRADE.md)
- [Commits](https://github.com/docker/metadata-action/compare/v3...v4)

---
updated-dependencies:
- dependency-name: docker/metadata-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-06 00:30:56 +00:00
dependabot[bot] 44ae7c1604
Bump docker/setup-qemu-action from 1.2.0 to 2.0.0 
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 1.2.0 to 2.0.0.
- [Release notes](https://github.com/docker/setup-qemu-action/releases)
- [Commits](https://github.com/docker/setup-qemu-action/compare/v1.2.0...v2.0.0)

---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-06 00:30:52 +00:00
dependabot[bot] 172115501a
Bump docker/login-action from 1.14.1 to 2.0.0 
Bumps [docker/login-action](https://github.com/docker/login-action) from 1.14.1 to 2.0.0.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v1.14.1...v2.0.0)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-06 00:30:49 +00:00
dependabot[bot] 7fb9039f83
Bump docker/build-push-action from 2.10.0 to 3.0.0 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 2.10.0 to 3.0.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v2.10.0...v3.0.0)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-06 00:30:45 +00:00