Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-01-06 00:39:44 +01:00
Code Issues Packages Projects Releases Wiki Activity
1,058 Commits 15 Branches 30 Tags 211 MiB
8a7827436d
Commit Graph

1058 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
David Cooper
8a7827436d Merge branch 'master' into more_sslv2_sslv3_fixes 2016-08-09 10:48:49 -04:00
Dirk
424cf233d1 FIX #431 2016-08-09 10:35:58 +02:00
Dirk
b0923a1833 - workaround for failed CI test 2016-07-26 22:00:53 +02:00
Dirk
b1595c124b - new 1.0.2i binaries with IPv6 and renamed old chacha/poly-ciphers from PM 2016-07-26 21:03:09 +02:00
Dirk
c8490c0dea Merge branch 'master' of github.com:drwetter/testssl.sh 2016-07-26 20:51:56 +02:00
Dirk
7fb89f8071 - new 1.0.2i binaries with IPv6 and renamed old chacha/poly-ciphers from PM 2016-07-26 20:51:21 +02:00
Dirk Wetter
1d516a2d4d Delete openssl.Linux.i686-krb5 2016-07-26 20:43:02 +02:00
Dirk Wetter
19f2182af1 Delete openssl.Linux.x86_64-krb5 2016-07-26 20:42:48 +02:00
Dirk
a0582d70e1 Merge branch 'master' of github.com:drwetter/testssl.sh 2016-07-26 20:41:26 +02:00
Dirk
d5bda3272f - new 1.0.2i binaries with IPv6 and renamed old chacha/poly-ciphers frpom PM 2016-07-26 20:40:27 +02:00
Dirk Wetter
1c4790b184 Update Readme.md 2016-07-26 20:32:05 +02:00
Dirk Wetter
2e1e45fca0 Update Readme.md 2016-07-26 20:31:20 +02:00
Dirk Wetter
830bc0fb4f Update Readme.md 2016-07-26 20:23:31 +02:00
Dirk Wetter
c7afd8e366 Update Readme.md 2016-07-26 20:22:51 +02:00
Dirk
5114a118f2 Merge branch 'master' of github.com:drwetter/testssl.sh 2016-07-26 20:18:37 +02:00
Dirk
69e8be6be8 - new 1.0.2i binaries with IPv6 and renamed old chacha/poly-ciphers from PM 2016-07-26 20:16:35 +02:00
David Cooper
1add0f86f9 Merge branch 'master' into more_sslv2_sslv3_fixes 
Conflicts:
	testssl.sh
 2016-07-26 13:33:49 -04:00
Dirk Wetter
48f2dc20a6 Merge pull request #428 from dcooper16/determine_optimal_proto_ssl2_fix 
SSLv2 fixes for determine_optimal_proto()
 2016-07-26 18:29:49 +02:00
Dirk Wetter
3f550d14cf Merge pull request #429 from dcooper16/old_openssl_warning 
Don't ignore response to old OpenSSL warning
 2016-07-26 18:27:33 +02:00
Dirk Wetter
8d3e157e35 Merge pull request #430 from dcooper16/minor_typos 
Fix two minor typos
 2016-07-26 18:25:39 +02:00
David Cooper
746eab7f6b Fix two minor typos 
Fixes for two minor typos that were previously included in PR #345.
 2016-07-26 12:07:08 -04:00
David Cooper
72bbdbf49b Remove fixes for minor typos 2016-07-26 12:00:46 -04:00
David Cooper
4ed1f2fc11 Don't ignore response to old OpenSSL warning 
In the check for old versions of OpenSSL, the results of the call to `ignore_no_or_lame()` are ignored, and so the program continues even if the user enters `no`.
 2016-07-26 11:29:25 -04:00
David Cooper
bc6367d3ad Update testssl.sh 2016-07-26 11:21:23 -04:00
David Cooper
b43562aabf Update testssl.sh 2016-07-26 11:13:45 -04:00
David Cooper
23d311b1fc SSLv2 fixes for determine_optimal_proto() 
This PR makes three changes to `determine_optimal_proto()`:
* It no longer tries an empty string for `$OPTIMAL_PROTO` twice.
* It does not include `-servername` for `-ssl2` or `-ssl3`, since some versions of OpenSSL that support SSLv2 will fail if `s_client` is provided both the `-ssl2` and `-servername` options.
* It displays a warning if `$OPTIMAL_PROTO` is `-ssl2`, since some tests in testssl.sh will not work correctly for SSLv2-only servers.
 2016-07-26 11:10:20 -04:00
David Cooper
e9a2d27af3 Remove determine_optimal_proto() fix 2016-07-26 11:04:43 -04:00
David Cooper
93ba2e5d65 Remove some server preference fixes 2016-07-26 10:11:22 -04:00
David Cooper
6bd6b8959c Merge branch 'master' into more_sslv2_sslv3_fixes 2016-07-26 08:48:01 -04:00
Dirk Wetter
5a763ff8e1 Merge pull request #424 from dcooper16/run_rc4_ssl2_ciphers 
SSLv2 fixes for run_rc4()
 2016-07-26 12:08:17 +02:00
Dirk Wetter
a8048ccfa0 Merge pull request #425 from dcooper16/test_just_one_ssl2_ciphers 
SSLv2 fixes for test_just_one()
 2016-07-26 07:54:29 +02:00
David Cooper
add75caf82 SSLv2 fixes for test_just_one() 
This PR changes test_just_one() to correctly handle SSLv2 ciphers.

As with PR #424, this PR addresses the problem in which servers that do not implement SSLv2, but that implement RC4-MD5, EXP-RC2-CBC-MD5, EXP-RC4-MD5, or NULL-MD5 are shown as implementing both the SSLv2 and SSLv3 versions of the ciphers, and that any SSLv2 ciphers that a server does implement are not shown as being implemented.
 2016-07-25 17:00:49 -04:00
David Cooper
db0a6db620 Remove fixes for test_just_one() 2016-07-25 16:54:19 -04:00
David Cooper
43d5ad5071 SSLv2 fixes for run_rc4() 
This PR changes run_rc4() to correctly handle SSLv2 ciphers.

It addresses the problem in which servers that do not implement SSLv2, but that implement SSLv3 ciphers that share an OpenSSL name with an SSLv2 cipher (RC4-MD5 and EXP-RC4-MD5), are not incorrectly shown as having implemented the SSLv2 cipher.

It also addresses the problem that if a server does implement SSLv2 with an RC4 SSLv2-cipher suite, then that cipher suite it not shown as being implemented.
 2016-07-25 16:42:04 -04:00
David Cooper
d2f1e15243 Remove fixes for run_rc4() 2016-07-25 16:30:30 -04:00
David Cooper
b142962063 Merge branch 'master' into more_sslv2_sslv3_fixes 2016-07-25 16:24:35 -04:00
Dirk Wetter
9b3cfab5b8 Merge pull request #341 from dcooper16/run_allciphers(),run_cipher_per_proto(),-and-SSLv2 
run_allciphers(),run_cipher_per_proto(), and SSLv2
 2016-07-25 20:04:14 +02:00
David Cooper
bb29e3c917 Merge branch 'master' into run_allciphers(),run_cipher_per_proto(),-and-SSLv2 2016-07-25 09:39:28 -04:00
David Cooper
36a3230b84 Merge branch 'master' into more_sslv2_sslv3_fixes 2016-07-25 09:36:50 -04:00
Dirk
541690b46e - enabled+renamed tolerance test per default 
- quoted some bool vars for faster execution
 2016-07-23 15:12:13 +02:00
Dirk Wetter
38b61ed36f Merge pull request #346 from dcooper16/version_negotiation 
Additional checks in run_protocols()
 2016-07-23 14:54:50 +02:00
Dirk
3d588ddb20 change sequence of out output (trust checks together 2016-07-23 14:52:26 +02:00
Dirk Wetter
0c2acdd8fe Merge pull request #420 from dcooper16/signed-signed-check 
Fix check for self-signed certificate
 2016-07-23 14:47:14 +02:00
Dirk
1a099d35b7 - minor polishing #419 2016-07-23 11:17:49 +02:00
Dirk Wetter
9ef0cef8ef Merge pull request #419 from dcooper16/CN-hostname-match 
CN <--> hostname match
 2016-07-23 11:13:29 +02:00
David Cooper
ae38670067 Fix check for self-signed certificate 
The check for whether a certificate is self-signed was using the undefined variable $CN rather than $cn.
 2016-07-22 12:06:52 -04:00
David Cooper
59002c1088 Update JSON id for chain-of-trust 2016-07-22 11:57:16 -04:00
David Cooper
df64e47fb9 CN <--> hostname match 
PR to address issue #94 (CN <--> hostname match)
 2016-07-22 11:31:52 -04:00
Dirk Wetter
ddead05825 Merge pull request #418 from dcooper16/issuer2 
CA names with domain component attributes
 2016-07-21 12:16:24 +02:00
David Cooper
603ed33f57 Merge branch 'master' into version_negotiation 2016-07-20 13:39:11 -04:00