Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-01-03 23:39:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
1,198 Commits 14 Branches 30 Tags 211 MiB
95f583322a
Commit Graph

1198 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
David Cooper
95f583322a Merge branch 'master' into no_version_tolerance_test 2016-10-27 16:51:50 -04:00
Dirk
99300a0059 bump version 2016-10-27 22:02:35 +02:00
Dirk
00a5d19276 Merge branch 'master' of github.com:drwetter/testssl.sh 2016-10-27 22:00:19 +02:00
Dirk
337e66fc61 Merge branch 'CA_pinning' 2016-10-27 21:59:42 +02:00
Dirk
1613bb214e Merge branch 'master' into CA_pinning 
Conflicts:
	testssl.sh
 2016-10-27 21:59:10 +02:00
Dirk Wetter
bfad620bf5 Update Readme.md 2016-10-21 22:16:19 +02:00
Dirk
5e5edd5c89 FIX #490 2016-10-15 22:55:24 +02:00
Dirk Wetter
6abca0c598 Merge pull request #495 from mailsvb/minor_display_fix_ssl3_offer 
remove additional pr_off at the end of sslv2 check
 2016-10-14 22:07:19 +02:00
mailsvb
4ce4d922ac remove additional pr_off at the end of sslv2 check 2016-10-12 22:32:35 +02:00
Dirk
d32dbdaff3 Updating MS store, sill small, still not automated/cumbersome not sure if ok 2016-10-12 21:15:37 +02:00
Dirk
6723622024 - do not do HTTP2+SPDY checks if non-STARTTLS but also non-HTTP 
- ASSUMING_HTTP --> ASSUME_HTTP
- minor cleanups
 2016-10-11 22:30:30 +02:00
David Cooper
3c55eec654 Remove test of version tolerance 
PR #346 added a test for version tolerance to `run_protocols()`, but I think it may now be more appropriate to remove that test. Draft -16 of TLS 1.3, which was posted on September 22, changed the way that version negotiation is handled for TLS 1.3 and above. The current version tolerance test sends a ClientHello with the version field set to "03, 05", to represent a TLS 1.4 ClientHello. While this was consistent with RFC 5246 and with drafts of TLS 1.3 up to -15, draft -16 changed the version field to `legacy_version` and declared that its value should be "03, 03" for TLS 1.2 and above. (For TLS 1.3 and above a Supported Versions extension is included to inform the server which versions of TLS the client supports.) The change in draft -16 was made as a result of the problems with servers not handling version negotiation correctly.

Since the current draft suggests that a server should never be presented with a ClientHello with a version higher than "03, 03" (even for clients that support TLS versions higher than 1.2), it seems there is no reason to include the version tolerance test anymore.

For servers that do not support TLS 1.2, the additional checks that were added by PR #346 will already detect if the server cannot perform version negotiation correctly.
 2016-10-11 11:01:04 -04:00
Dirk Wetter
d59c581700 Update Readme.md 2016-10-11 12:17:33 +02:00
Dirk
77f98e73e2 medium only for "Secure Client-Initiated Renegotiation" != HTTP 2016-10-10 23:27:34 +02:00
Dirk Wetter
51912944ec Merge pull request #492 from mailsvb/CA_BUNDLES_PATH 
fix usage of CA_BUNDLES_PATH env for local ca_bundles
 2016-10-09 10:22:22 +02:00
mailsvb
5a967302dc fix usage of CA_BUNDLES_PATH env for local ca_bundles 2016-10-08 22:50:44 +02:00
Dirk
1c5eb17729 (saving work): major cleanups for output readability and code 2016-10-06 18:53:25 +02:00
Dirk
bd64fb4214 minor putput cleanup for headers 2016-10-03 21:17:29 +02:00
Dirk Wetter
f9d44484af Merge branch 'master' of github.com:drwetter/testssl.sh 2016-10-03 21:01:54 +02:00
Dirk Wetter
9fe87223cc fix anchor 2016-10-03 20:48:32 +02:00
Dirk Wetter
248351eef5 Update Readme.md 2016-10-03 20:29:50 +02:00
Dirk Wetter
bf1d3933bf Update Readme.md 2016-10-03 20:28:44 +02:00
Dirk
878ab519c0 update 2016-10-03 20:21:38 +02:00
Dirk Wetter
19b63aa8a9 duplicate headers fixed, #FIX 488, outstanding: proper treatment of simulatenous Public-Key-Pins|Public-Key-Pins-Report-Only 2016-10-03 18:52:48 +02:00
Dirk
e2023f51ac evaluate env TESTSSL_INSTALL_DIR and CA_BUNDLES_PATH for CA bundles and/or RFC/IANA mapping, FIX #475, #435 2016-10-02 18:15:13 +02:00
Dirk
eb1f6e05bb update, thanks to Niko78, see #371 2016-10-02 10:04:25 +02:00
Dirk
fd6e2c0682 cleanup of #489 2016-10-01 22:25:14 +02:00
Dirk
09c19b4654 FIX #489, clear warning if >=1 HSTS headers are present 2016-10-01 10:04:33 +02:00
Dirk
fd83509ae5 update 2016-09-29 23:23:44 +02:00
Dirk
5115055895 update 2016-09-29 21:44:54 +02:00
Dirk
15f9315cd0 fix last build 2016-09-29 21:27:24 +02:00
Dirk
a5adb2f3ec fixing last T CI run 2016-09-29 21:20:13 +02:00
Dirk
68697b822e fixing last run, hopfully 2016-09-29 21:19:09 +02:00
Dirk
05a0e555a7 - save 1x sed in count_lines/words 2016-09-29 20:59:13 +02:00
Dirk
d786a94a8c output + code polishing, phrasing. lf still has space for improvements 2016-09-28 20:32:01 +02:00
Dirk Wetter
b238fab3c1 Merge pull request #443 from dcooper16/remove_sockread 
Replace sockread() with sockread_serverhello()
 2016-09-27 22:34:17 +02:00
Dirk Wetter
144e2c20cf Update Readme.md 2016-09-27 00:08:01 +02:00
Dirk Wetter
092badc55a Update Readme.md 2016-09-27 00:01:13 +02:00
Dirk Wetter
e59efb0313 Merge branch 'master' of github.com:drwetter/testssl.sh 2016-09-26 23:48:08 +02:00
Dirk Wetter
556d637069 updated 2016-09-26 23:47:39 +02:00
Dirk Wetter
76e9a58223 Delete openssl.Linux.armv7l 2016-09-26 23:31:21 +02:00
Dirk Wetter
9a4211e867 Delete openssl.Darwin.i386 2016-09-26 23:30:55 +02:00
David Cooper
6ded937b14 Merge branch 'master' into remove_sockread 2016-09-26 17:02:53 -04:00
Dirk Wetter
7e729d26cd Darwin 64bit binary, see https://gist.github.com/jpluimers/9257ba6e27afea1b98376d9d4411c88c 2016-09-26 22:52:26 +02:00
Dirk Wetter
2201c59ba3 FIX #477: check also for ALPN as TLS extension 2016-09-26 21:47:57 +02:00
David Cooper
98663b4c72 Merge branch 'master' into remove_sockread 2016-09-26 09:46:27 -04:00
Dirk Wetter
fcdc15b24b no STARTTLS for NPN, preparing #477 2016-09-24 16:59:28 +02:00
Dirk Wetter
0cadeefb05 cleanup #473 2016-09-24 16:07:23 +02:00
Dirk Wetter
679d1b9c1f Merge pull request #473 from nachtgeist/issue-467 
Fix handling of empty argument to "-nextprotoneg" parameter
 2016-09-24 16:01:47 +02:00
Dirk Wetter
f24770f6f4 Merge pull request #478 from wdhongtw/master 
Remove duplicated do_rc4 in debug_globals()
 2016-09-24 13:13:15 +02:00