Frank Breedijk
9527c3dbb5
Merge branch 'master' into client_sim_sockets
2016-06-29 23:36:06 +02:00
Dirk Wetter
aed0a8475a
Merge pull request #396 from seccubus/unit-tests
...
Pull request that helps to enable travis CI integrations
2016-06-29 09:53:51 +02:00
Frank Breedijk
ec9276c17d
Serach and replace failure, fixed now
2016-06-29 00:38:51 +02:00
Frank Breedijk
23ef87c134
Making tests work correctly
2016-06-29 00:35:52 +02:00
Frank Breedijk
ac7dd4da79
CBC isn't done yet. Unit tests count themselves now
2016-06-29 00:24:57 +02:00
Frank Breedijk
0e8f69e6ac
Merge branch 'master' into unit-tests
2016-06-29 00:16:36 +02:00
Frank Breedijk
fa19ac168f
Be more verbose in your error testing
2016-06-29 00:15:32 +02:00
Frank Breedijk
353756ffd6
We need dnsutils as well
2016-06-29 00:12:46 +02:00
Frank Breedijk
2111008880
Install test dependancies
2016-06-29 00:09:12 +02:00
Frank Breedijk
0a86f07e61
Lets get unit testing
2016-06-29 00:02:53 +02:00
Frank Breedijk
6801279471
Additional tests
2016-06-28 23:59:36 +02:00
Dirk
36d300b74e
add line when using sockets for client simulation
2016-06-28 12:21:50 +02:00
Dirk Wetter
197ef27542
Merge pull request #386 from dcooper16/client_sim_sockets
...
Use sockets for client simulations
2016-06-28 11:40:19 +02:00
Dirk Wetter
c5d680c38a
Merge pull request #392 from seccubus/unit-tests
...
Lets add some unit tests to testssl.sh - Using badssl.com work
2016-06-28 10:36:10 +02:00
Frank Breedijk
a25a66ff49
Lets add some unit tests to testssl.sh - Using abdsll.com work
2016-06-27 16:49:54 +02:00
Frank Breedijk
d14badfd3c
Protocol detection fix for openssl client simulation
...
New approach: try every protocol individually from high to low and stop as soon as one works
2016-06-27 13:26:15 +02:00
Frank Breedijk
bba9905e62
Sockets for STARTTLS. Non HTTP(s) client simulations. Apple mail clients added.
...
In this commit clients are also tested when non-HTTP protocols are used. Each client
now has a line that indicates what services the client can handle. Clients that match
the current SERVICE tested or have service ANY (OpenSSL/Java) will be simulated, others
will be ignored.
I have removed the STARTTLS restriction from using sockets because sockets seem to handle
starttls just fine.
Update client SIM data has been updated to add two client we maintain ourselves:
* Mail on iOS
* Mail on OSX
* Thunderbird on OSX
2016-06-27 11:31:15 +02:00
Frank Breedijk
4aba0b90bf
Merge branch 'client_sim_sockets' of https://github.com/dcooper16/testssl.sh into client_sim_sockets
2016-06-27 08:40:38 +02:00
David Cooper
be85fbf2b7
Update IE client simulation data
...
Change client data for IE 8-10 and IE 11 to match ssllabs.
2016-06-24 16:14:41 -04:00
David Cooper
799c6a5fd0
Handle missing $MAPPING_FILE_RFC
...
Changed code for run_client_simulation() so that cipher is output when sockets are used even if $MAPPING_FILE_RFC is missing. Also, updated the client data.
2016-06-24 15:48:40 -04:00
David Cooper
0e58e272f8
Merge branch 'master' into client_sim_sockets
...
Conflicts:
testssl.sh
2016-06-24 13:18:25 -04:00
Dirk
5cb4b722b4
in client simulation it should be TLSv1.0 instead of TLSv1.0
2016-06-24 19:01:00 +02:00
Dirk
93204937c5
FIX #376
2016-06-23 19:42:26 +02:00
Frank Breedijk
a73caa930a
Parsing more information from SSL Labs
2016-06-23 16:55:29 +02:00
David Cooper
bebdc3c70e
Merge branch 'master' into client_sim_sockets
2016-06-23 09:24:54 -04:00
Dirk
68353db42b
polishing #382
2016-06-23 14:33:26 +02:00
Dirk Wetter
31c8979d41
Merge pull request #382 from seccubus/mass_and_file_out
...
Allow the file output feature and mass_test feature to work together
2016-06-23 13:40:09 +02:00
Dirk Wetter
b5b9dd8712
Merge pull request #387 from bad/master
...
porting to NetBSD
2016-06-23 12:15:02 +02:00
Dirk
ef23703903
fix for #389
2016-06-23 12:04:45 +02:00
Dirk Wetter
e7404e9ce9
Merge pull request #389 from flmsc/master
...
Fix HSTS/HPKP includeSubDomains and preload being broken in file output.
2016-06-23 12:02:37 +02:00
Dirk
6eedd5747f
wrong language fix ;-)
2016-06-23 11:13:11 +02:00
Dirk
6efc3e90f5
includes IPv6 check and is ready for other uname's
2016-06-23 11:04:58 +02:00
Florian Schuetz
18c5f273c3
HSTS: check if max-age is present and nonzero
2016-06-21 21:24:24 +02:00
Frank Breedijk
cf8b2f01f2
The results of using sockets and using openSSL now match perfectly
2016-06-21 10:17:46 +02:00
Florian Schuetz
f8579ee2f7
Fix HSTS/HPKP includeSubDomains and preload being broken in file output.
2016-06-21 08:57:39 +02:00
Christoph Badura
0fd261eb6c
Refactor date parsing. Makes testssl.sh work on NetBSD too.
...
Introduce a parse_date() function to handle all date parsing.
Check for the following date(1) variants:
GNU: accepts "-d date-to-parse".
FreeBSD/OS X: accepts "-j -f input-format"
everything else: accepts "-j date-to-parse"
usage: parse-date date output-format input-format
Tested on NetBSD, OS X 10.11 and Debian jessie.
2016-06-20 22:01:13 +02:00
Christoph Badura
48d5e5a7a1
Drop remaining '\c's in printf(1) arguments.
2016-06-20 22:01:13 +02:00
Frank Breedijk
ca937d3b72
Client Simulations moved to external file
...
parse_client_ciphers now gets the results from the SSL labs API
Wrote a parse to conver wireshark SSL Handshake ciphers lists to openssl cipher lists
2016-06-20 16:52:49 +02:00
David Cooper
b8b779b419
Use sockets for client simulations
...
Modify run_client_simulation() to send the ClientHello from https://api.dev.ssllabs.com/api/v3/getClients (modified to use the correct value in the server name extension) if $EXPERIMENTAL is true, $STARTTLS is empty, and $SSL_NATIVE is false.
2016-06-17 16:33:00 -04:00
Dirk Wetter
02e9f5cd23
fix colum spacing again for all alg chacha poly ciphers
2016-06-15 21:31:10 +02:00
Dirk Wetter
9b8fc2c6f0
rename old alg chacha/poly ciphers according to SSLlabs ( #379 / https://github.com/PeterMosmans/openssl/issues/43 )
2016-06-15 20:14:08 +02:00
Dirk Wetter
d10dd6d34c
align old chacha/poly ciphers output in OPENSSL name, see #379
2016-06-15 20:12:48 +02:00
Frank Breedijk
3b1d8b6253
Need to deal with the comma correctly if we are appending to a file
2016-06-14 10:36:57 +02:00
Dirk
1fae394b04
2013 --> OLD for CHACHA/POLY ciphers
2016-06-13 21:38:02 +02:00
Dirk Wetter
d4454d009b
Merge pull request #383 from dcooper16/printSAN
...
Printing of subjectAltName extension
2016-06-13 19:32:31 +02:00
David Cooper
1d0c8cb3f8
Printing of subjectAltName extension
...
Modify the extraction of the subjectAltName extension from certificates in order to address SANs with name forms other than DNS and otherName.
2016-06-13 12:52:19 -04:00
Frank Breedijk
701545dbb6
Allow the file output feature and mass_test feature to work together
2016-06-13 15:35:56 +02:00
Dirk Wetter
88fd5c4e19
Merge pull request #381 from PeterMosmans/chachanaming
...
Updated ChaCha20 cipher names
2016-06-13 08:27:28 +02:00
Peter Mosmans
a06c71d915
Updated ChaCha20 cipher names
...
See https://tools.ietf.org/html/draft-ietf-tls-chacha20-poly1305-04 (the latest version as of this writing is 04).
The previous version received the suffix _2013. See https://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-04
2016-06-13 10:34:04 +10:00
Dirk Wetter
1b7653e438
Update Readme.md
2016-06-11 09:08:51 +02:00