Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-07-15 10:11:57 +02:00
Code Issues Packages Projects Releases Wiki Activity
846 Commits 16 Branches 34 Tags
a46b6791dbb3d720ddbe0ae7fec7a10d97a83d0c
Commit Graph

846 Commits

Author SHA1 Message Date
Dirk
0f5c4981cb - more or less desperate try to figure out the real installation path (and find the mapping file) 
- help extended (equal sign, logjam)
 2015-06-02 22:13:19 +02:00
Dirk Wetter
312b02ac63 Merge pull request from teward/patch-1 
Update OpenSSL reqs - LOGJAM checks need 1.0.2+
 2015-06-02 18:09:19 +02:00
Thomas Ward
266874daeb Expand the OpenSSL 1.0.2 reqs/benefits. 2015-06-02 11:59:17 -04:00
Thomas Ward
03d8ba9b81 Update OpenSSL reqs - LOGJAM checks need 1.0.2+ 
To effectively analyze the LOGJAM risks, and to display the bitstrength on the DH/ECDH negotiated ciphers, OpenSSL 1.0.2+ is needed.  With anything under 1.0.2 (and greater than 1.0.0), the bitstrengths are not displayed as OpenSSL is 'too old' (as referred to in the script itself when 1.0.2 is newer than what's available).

I suggest that we keep a note that >= 1.0.2 is needed for LOGJAM checks.
 2015-06-02 11:57:11 -04:00
Dirk
4081b2eef4 - wrong arg for dirname ($1) 2015-06-02 15:59:17 +02:00
Dirk
06c3b06a7a - regression fix on mapping file 2015-06-02 15:53:46 +02:00
Dirk Wetter
32acfa97a5 Merge pull request from PeterMosmans/space 
Minor textual fix (added space)
 2015-06-02 09:26:25 +02:00
Peter Mosmans
8e4970c408 Minor textual fix (added space) 2015-06-01 14:16:31 +02:00
Dirk
cac985967f - first prototype for using = in cmdline, see . Tests needed 
- beautified big case loop
 2015-06-01 12:01:38 +02:00
Dirk
452fd6762a - local dns matches don't need lookup anymore over net --> saves timeouts+time 
- further banner tuning + funtion mybanner, 2 addtl global vars for debugging
- cosmetic improvements
 2015-05-31 14:40:12 +02:00
Dirk
77ad7c9252 - the outsticking part was kind of not handy, see , remove commit message 2015-05-30 11:36:47 +02:00
Dirk Wetter
353b58c0c0 Merge pull request from PeterMosmans/showversion 
FIX: Show version when specified on command line
 2015-05-30 11:16:31 +02:00
Peter Mosmans
764f20dbcf FIX: Show version when specified on command line 
ADDITION: Show git commit information, to support troubleshooting.
 2015-05-30 11:13:57 +02:00
Dirk Wetter
d066e0868a Merge pull request from AntonioMeireles/cosmetics_1 
trim all whitespace at EOL, plus spelling typos fixes.
 2015-05-29 22:42:51 +02:00
António Meireles
faa9c49a2b fix spelling typos. 
Signed-off-by: António Meireles <antonio.meireles@reformi.st>
 2015-05-29 18:56:57 +01:00
António Meireles
4064332234 trim all whitespace at EOL. 
also, align comment blocks for better code readability.

Signed-off-by: António Meireles <antonio.meireles@reformi.st>
 2015-05-29 18:44:32 +01:00
Dirk
9b2b897a43 - make date even more beautiful, see 
- fix RUN_DIR
 2015-05-29 14:12:22 +02:00
Dirk Wetter
df3b9019a1 Update Readme.md 2015-05-29 13:37:37 +02:00
Dirk Wetter
e14453b607 Merge pull request from AntonioMeireles/master 
simplify life for OSX users running gnu's coreutils...
 2015-05-29 11:01:47 +02:00
Dirk
4e18c35271 Merge branch 'master' of github.com:drwetter/testssl.sh 2015-05-29 10:36:47 +02:00
Dirk
41ee37f0dc - per default we do a allciphers run in the end 
- option long changed to wide
- PFS now is per default not wide
- PFS comes after standard cipher lists
- debug output improved (in terms of privacy and additional info)
 2015-05-29 10:36:14 +02:00
Dirk
b48ac9874e - early check to make sure people really use bash, see 2015-05-29 10:10:53 +02:00
Dirk
2ac34c1424 - early check to make sure people really use bash, see 2015-05-29 10:08:17 +02:00
António Meireles
4063e38ccf simplify life for OSX users running gnu's coreutils... 
Signed-off-by: António Meireles <antonio.meireles@reformi.st>
 2015-05-28 16:56:37 +01:00
Dirk Wetter
8b10dc9638 - code improvements rc4, beast, logjam, freak 2015-05-27 23:31:25 +02:00
Dirk Wetter
f9605c4f35 - BEAST now also works in wide mode 
- renamed --long in --wide
- added --show-each to help
- inserted help
 2015-05-27 17:04:35 +02:00
Dirk Wetter
a76ca52c4c - first candidate for logjam (missing the precomuted primes though) 
- 1024 DH is now brown instead of red, 768 will be red, 512 bold red
- dumped calls to ok()
- further cosmetic stuff
 2015-05-27 14:28:18 +02:00
Dirk
f261884499 Merge branch 'master' of github.com:drwetter/testssl.sh 
Conflicts:
	testssl.sh
 2015-05-27 11:24:47 +02:00
Dirk
ed38a365ae - fix regression on missing rfc cipher names 
- cosmetic stuff
 2015-05-27 11:19:30 +02:00
Dirk Wetter
efffe9867b - FIX: cipher mapping 
- adjust trailing spaces missing b4
 2015-05-26 19:26:21 +02:00
Dirk Wetter
c7a76d9b86 - typo/ c&p error with dh func 
- fixed uninitialised var
 2015-05-26 15:59:27 +02:00
Dirk
d58f39d008 - logjam 2015-05-26 12:57:15 +02:00
Dirk
8ab0aef84b Merge branch 'master' of github.com:drwetter/testssl.sh 2015-05-26 12:56:17 +02:00
Dirk
060178071d - for pfs. allciphers and cipher_per_proto we WARN now because of weak DH param (if openssl supports it) 
FIX , $85
- logjam not yet named *#105, ) but addressed
- --openssl switch
- reorder find_openssl_binary / mybanner
- proper identation of help
 2015-05-26 12:51:10 +02:00
Dirk Wetter
9b13160953 Update Readme.md 2015-05-25 21:41:45 +02:00
Dirk
3c161f9ce4 - blanks in headlines added 2015-05-25 21:22:21 +02:00
Dirk
9c7d385098 - omit 1xblank in almost all colored output (and adjust the functions using it) 
- little bit more robust for strange keysize and dh bits
- added ecdsa-with-SHA256 to Signature Algorithm
- FIX: no TLS1+SSL3 resulted in no output for BEAST
 2015-05-25 21:14:59 +02:00
Dirk
e58b53eeae - dh key lenghth in negotiated cipher at first, see $85, , 
- got rid of ok function calls in protocols
- detection of apache banner win32/win64
 2015-05-25 15:10:09 +02:00
Dirk
a7a19428d6 - FIX for : check for hpkp pin match failed if \" was present 2015-05-18 23:10:34 +02:00
Dirk
0c4a36121e - NEW / FIX : check for hpkp pin match 2015-05-18 21:51:45 +02:00
Dirk Wetter
bf7b867d86 Update Readme.md 2015-05-17 22:56:38 +02:00
Dirk
7cc15e5d4d - 2.4 v2.4 2015-05-17 22:43:53 +02:00
Dirk
43732ae53d Merge branch 'master' of github.com:drwetter/testssl.sh 2015-05-17 22:42:53 +02:00
Dirk
4e7bbb20a0 - 2.4 2015-05-17 22:41:58 +02:00
Dirk
1c509bf845 2015-05-17 22:34:50 +02:00
Dirk
2919a7c40e - 2.4! 
- FIX 
- FIX for TLS time (difftime was too small for local clock skew)
- warning for freebsd/macosx w/o ports need now a "yes"
- TLS 1.0 not offered is not bold anymore
- output weirdness fixed for cipher order in spdy
 2015-05-17 22:30:49 +02:00
Dirk
6e74b3bd5c - FIX of output whene there's no CBC cipher in BEAST 
- FIX: 2 occurrances of OPENSSL calls had a hostname instead of an IP address
- FIX: starttls protocol correctly displayed
- NEW added duplicate detection for header flags
- NEW: added four GOST cipher to standard socket handshake
- recommends if openssl 1.0.2 is used and results were strange and IIS6 --> run wqith openssl 1.0.1
- declared some global vars as readonly
 2015-05-15 21:32:11 +02:00
Dirk Wetter
7741d99cc8 Update Readme.md 2015-05-12 13:42:42 +02:00
Dirk
7614ac6f87 Merge branch 'master' of github.com:drwetter/testssl.sh 2015-05-12 13:38:20 +02:00
Dirk
16d2b33459 - Workarounds for IIS6 : some places where openssl 1.0.2 cannot connect (as opposed 
to =< 1.0.1) finding the right protocol before
- hints for IIS6+openssl 1.0.2 non-conformity 
- version bumped up to 2.4rc2
- better formatting for BSD in cipher order
- FIX: 2x bug for cipher order + sslv2
- preambel revisited
 2015-05-12 13:37:39 +02:00