Commit Graph

4161 Commits

Author SHA1 Message Date
Dirk
8b580d1448 Update cert store: Linux + Mozilla 2022-07-01 21:32:38 +02:00
Dirk Wetter
153ce87982
Merge pull request #2194 from dcooper16/reorganize_ciphers_by_strength
Reorganize ciphers_by_strength()
2022-07-01 21:26:26 +02:00
David Cooper
564dd63efc Reorganize ciphers_by_strength()
This commit modifies ciphers_by_strength() and run_server_preference() so that the message indicating that ciphers are listed by strength is not printed until the list of supported ciphers has been determined. This is in support of #1311, as it will allow the message to be modified based on the set of supported ciphers.

This commit also modifies both ciphers_by_strength() and cipher_pref_check() so that the order in which ciphers are listed (by strength or server preference) is not printed if the server does not support the protocol.
2022-06-06 15:48:34 -04:00
Dirk Wetter
13298ffd19
Merge pull request #2193 from drwetter/moregitignore
More .gitignore files
2022-06-01 09:47:12 +02:00
Dirk Wetter
6959d3c9a5 few amendments to ignore files 2022-05-31 20:39:47 +02:00
Dirk Wetter
8438f99856
Merge pull request #2169 from drwetter/update_clients1
Update client simulations
2022-05-31 17:00:37 +02:00
Dirk Wetter
c92a648391 Add LibreSSL from MacOS 2022-05-31 16:17:47 +02:00
Dirk Wetter
854028166d Including AppleMail 2022-05-31 15:12:16 +02:00
Dirk Wetter
b274e3b858 correct openssl 3.0.3 data which made CI action fail 2022-05-31 14:32:47 +02:00
Dirk Wetter
6536eaddb6 remove Java 12 and OSX 10 in baseline file 2022-05-31 14:09:19 +02:00
Dirk Wetter
a21a343c1c disable Java 12 and Safari on OS X 10.12 2022-05-31 12:17:38 +02:00
Dirk Wetter
09432f0346 minor fix: italic markdown 2022-05-31 12:10:36 +02:00
Dirk Wetter
f90b473b32 Add Thunderbid 91.9 to hanshak simulation 2022-05-31 12:10:11 +02:00
Dirk Wetter
6023acd58c Merge branch '3.1dev' into update_clients1 2022-05-31 12:09:23 +02:00
Dirk Wetter
acc063e078
Merge pull request #2181 from dcooper16/continue_server_pref_on_error
Continue run_server_preference() on error
2022-05-31 11:37:08 +02:00
Dirk Wetter
e6f6bcaaa7
Merge pull request #2191 from drwetter/pr2189
Fix CRIME test
2022-05-30 14:58:48 +02:00
Dirk Wetter
dfbb9f8122 Fix Actions
this one works locally...
2022-05-30 13:37:07 +02:00
Dirk Wetter
8d817e1dcf PR to merge #2189
added: changes in CI so that it goes through
2022-05-25 18:46:08 +02:00
Dirk Wetter
f3fe2ac401 Merge branch 'EliteTK-fix-crime-tls1.3' into pr2189 2022-05-25 18:45:13 +02:00
Tomasz Kramkowski
fc0cc67d47 Make run_crime use $jsonID instead of repeating
This also seems more consistent across the code.
2022-05-23 13:57:31 +01:00
Tomasz Kramkowski
326a65e7ad Fix CRIME test on servers only supporting TLS 1.3
As jsonID is not set by run_crime, make the fileout invocation for
servers supporting only TLS 1.3 use the literal "CRIME_TLS" instead.

Previously running testssl with CSV or JSON output would produce an item
with the wrong ID.
2022-05-23 13:53:38 +01:00
David Cooper
706262095b Continue run_server_preference() on error
Currently run_server_preference() will stop if it cannot determine whether the server enforces a cipher preference order.

This commit changes run_server_preference() so it will continue running even if this case, so that the list of ciphers supported with each TLS protocol is provided. Since it is not known whether the server enforces a cipher order, the list of supported ciphers is ordered by strength.
2022-05-16 09:28:02 -04:00
Dirk Wetter
d931eb470c
Merge pull request #2186 from drwetter/censys_fix_2127
Fix censys link in DROWN section
2022-05-14 13:57:46 +02:00
Dirk
04463784a8 Fix censys link in DROWN section
See #2127. the line seems very long though.

Note: this was previously commited as #2184 but as there were two mistakes
and one other thing which could be improved I decided to make a hard reset.

Apologize if it caused inconvenience.
2022-05-14 12:06:09 +02:00
Dirk
1eb8347174 Update comparion/diff file for CI
... for the time being
2022-05-10 13:08:44 +02:00
Dirk Wetter
b89574e5c7
Merge pull request #2180 from dcooper16/ossl_ffdhe
Check for OpenSSL support for ffdhe groups
2022-05-10 07:47:56 +02:00
Dirk Wetter
86158f0bdf Firefox 100, Chrom and Edge 101 (Win10)
- disabled Opera (too old)
- disabled ATS 9 / iOS 9
- reenabled Android 8.1
2022-05-09 17:49:16 +02:00
David Cooper
66c3e35dba Check for OpenSSL support for ffdhe groups
OpenSSL 3.0.0 and later supports specifying the FFDHE groups from RFC 7919 in the "-groups" (or "-curves") option of s_client.

This commit modifies find_openssl_binary() to check whether $OPENSSL supports this. This information is then used by run_client_simulation(), if client simulation testing is being performed using $OPENSSL. If the "curves" for a client include FFDHE groups, then they will be included in the simulated ClientHello.
2022-05-09 09:46:40 -04:00
Dirk Wetter
6bd80b3baa Merge branch '3.1dev' into update_clients1 2022-05-06 10:32:01 +02:00
Dirk Wetter
22d8cd3adf Go client (1.17) 2022-05-06 10:06:03 +02:00
Dirk Wetter
ff23a2ba22
Merge pull request #2177 from drwetter/dependabot/github_actions/docker/setup-buildx-action-2
Bump docker/setup-buildx-action from 1 to 2
2022-05-06 08:17:49 +02:00
Dirk Wetter
4935679f50
Merge pull request #2176 from drwetter/dependabot/github_actions/docker/metadata-action-4
Bump docker/metadata-action from 3 to 4
2022-05-06 08:17:33 +02:00
Dirk Wetter
f1ce1a21bb
Merge pull request #2175 from drwetter/dependabot/github_actions/docker/setup-qemu-action-2.0.0
Bump docker/setup-qemu-action from 1.2.0 to 2.0.0
2022-05-06 08:17:09 +02:00
Dirk Wetter
acfbaf8408
Merge pull request #2174 from drwetter/dependabot/github_actions/docker/login-action-2.0.0
Bump docker/login-action from 1.14.1 to 2.0.0
2022-05-06 08:16:42 +02:00
Dirk Wetter
c332d03323
Merge pull request #2173 from drwetter/dependabot/github_actions/docker/build-push-action-3.0.0
Bump docker/build-push-action from 2.10.0 to 3.0.0
2022-05-06 08:15:59 +02:00
dependabot[bot]
f434dd963d
Bump docker/setup-buildx-action from 1 to 2
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 1 to 2.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](https://github.com/docker/setup-buildx-action/compare/v1...v2)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-06 00:31:01 +00:00
dependabot[bot]
d40591bf00
Bump docker/metadata-action from 3 to 4
Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 3 to 4.
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Upgrade guide](https://github.com/docker/metadata-action/blob/master/UPGRADE.md)
- [Commits](https://github.com/docker/metadata-action/compare/v3...v4)

---
updated-dependencies:
- dependency-name: docker/metadata-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-06 00:30:56 +00:00
dependabot[bot]
44ae7c1604
Bump docker/setup-qemu-action from 1.2.0 to 2.0.0
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 1.2.0 to 2.0.0.
- [Release notes](https://github.com/docker/setup-qemu-action/releases)
- [Commits](https://github.com/docker/setup-qemu-action/compare/v1.2.0...v2.0.0)

---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-06 00:30:52 +00:00
dependabot[bot]
172115501a
Bump docker/login-action from 1.14.1 to 2.0.0
Bumps [docker/login-action](https://github.com/docker/login-action) from 1.14.1 to 2.0.0.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v1.14.1...v2.0.0)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-06 00:30:49 +00:00
dependabot[bot]
7fb9039f83
Bump docker/build-push-action from 2.10.0 to 3.0.0
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 2.10.0 to 3.0.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v2.10.0...v3.0.0)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-06 00:30:45 +00:00
Dirk Wetter
cf79a19598 Add Android 11+12 2022-05-04 19:12:03 +02:00
Dirk Wetter
28e9ddeebd Teating of FFDHE groups
* readded to the markdown
* readded to the clientsimulations for Java 12
2022-05-04 18:29:29 +02:00
Dirk Wetter
ac6f99fe1c correct FFDHE groups
... so that they a recognized by ~/utils/hexstream2curves.sh
2022-05-04 17:44:33 +02:00
Dirk Wetter
c6491a3834 Correct spell checking error
and hint to missing ALPN
2022-05-04 15:56:25 +02:00
Dirk Wetter
415043865a Add Java 17 LTS
plus

* amend documentation
* remove TLS 1.3 ciphers in ch_ciphers for consistency reasons
2022-05-04 15:46:36 +02:00
Dirk Wetter
52ed4181f9 Add SSLSocketClient in Java
Note this doesn't add alpn (same as openssl). See here https://docs.oracle.com/javase/8/docs/api/javax/net/ssl/SSLSocket.html
if you want to add that.

This code is NOT GPLv2! It was taken from the Oracle web site which didn't list any license
(https://docs.oracle.com/javase/10/security/sample-code-illustrating-secure-socket-connection-client-and-server.htm).
2022-05-04 15:39:32 +02:00
Dirk Wetter
d84492a75e Update openssl 3.0.3 2022-05-04 14:32:04 +02:00
Dirk Wetter
cc7a88386d Update documention how to add a client simulation 2022-05-04 12:38:12 +02:00
Dirk Wetter
859da96ad0
Merge pull request #2167 from drwetter/fix_banner
Minor changes to banner
2022-05-04 10:48:18 +02:00
Dirk Wetter
03803cf0c9 Add Safari for macOS 2022-05-03 22:11:31 +02:00