Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-01-06 00:39:44 +01:00
Code Issues Packages Projects Releases Wiki Activity
3,389 Commits 15 Branches 30 Tags 211 MiB
ac71be1040
Commit Graph

3389 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jan Schaumann
ac71be1040 whitespace alignment 2021-03-25 16:24:52 -04:00
Jan Schaumann
ddb324c81d add codepoints for RFC7905, ChaCha20-Poly1305 2021-03-25 16:21:45 -04:00
Dirk Wetter
acc9a82a07
Merge pull request #1848 from elfranne/ianaopenssl3.0 
IANA <-> Openssl mapping issue for 3.0
 2021-02-25 17:17:39 +01:00
Elfranne
fe6c866d4e
IANA <-> Openssl mapping issue 2021-02-25 13:56:54 +01:00
Dirk Wetter
bf966a9b2f
Merge pull request #1831 from drwetter/fix_heartbleed_json.1828_3.0 
Fix file output formatting for heartbleed (3.0)
 2021-01-20 10:11:51 +01:00
Dirk
a1777cdd0e Fix file output formatting for heartbleed 
Quotes were wrong for different results, which lead to some confusion
for finding, cve and cwe.

Fixes #1828
 2021-01-20 09:04:11 +01:00
Dirk Wetter
2627d9db13
Merge pull request #1825 from drwetter/fix_travis_3.0 
Travis CI didn't run. Trying to fix it (3.0)
 2021-01-18 09:15:14 +01:00
Dirk
4ee936dc52 Travis CI didn't run. Trying to fix it 2021-01-13 22:35:34 +01:00
Dirk Wetter
4b800b0ae5
Merge pull request #1822 from drwetter/fix_dot@NODE 
Fixes trailing dot error in URL handling (3.0)
 2021-01-13 21:56:48 +01:00
Dirk Wetter
b8e76a3861 Fixes trailing dot error in URL handling 
For DNS queries a trailing dot in the variable $NODE is always fine. For
HTTP queries it is not. and causes the https request to fail.

Backport from 4f1da9b192

Also: removal of ancient CVS_REL relict in $TEMPDIR/environment.txt
 2021-01-13 11:35:31 +01:00
Dirk Wetter
666a2c4edb
Merge pull request #1818 from drwetter/le_issuer_fix1816_3.0 
Fix issuer check for Let's Encrypt (3.0)
 2021-01-07 10:32:12 +01:00
Dirk Wetter
0de00f4322 Fix issuer check for Let's Encrypt (3.0) 
Fixes #1816 for 3.0 by a proper halving of the dates
 2021-01-07 10:29:08 +01:00
Dirk Wetter
cb94ffaa13
Merge pull request #1796 from drwetter/no_code_update3.0 
Trying to save resources for Travis/CI (3.0)
 2020-11-28 10:15:13 +01:00
Dirk
98d1bd64bc Trying to save resources for Travis/CI (3.0) 
See 3b38a5dea3
 2020-11-28 10:12:43 +01:00
Dirk Wetter
dc08a120ba
Merge pull request #1793 from drwetter/docker_docu_polish3.0 
Consolidate docker sections in Readme.md and Dockerfile.md (3.0)
 2020-11-27 16:54:26 +01:00
Dirk Wetter
7c835470be Consolidate docker sections in Readme.md and Dockerfile.md 
see #1791
 2020-11-27 16:53:28 +01:00
Dirk Wetter
7dac1a20f7
Merge pull request #1780 from drwetter/fix_1779 
Fix 1779
 2020-11-20 16:27:10 +01:00
Dirk
ca89328ed4 Change version number 
To avoid clashes with distributors it may be is smarter to stick
to three numbers and not intoducing another digit.

3.0.4 <-- 3.0.3.1
 2020-11-20 11:09:17 +01:00
Dirk
e441357efe Fix reading SSLv2 socket (3.0 branch) 
This fixes #1779. There was a problem introduced in
3c97412a61 which counted
the size of the file name rather than the size of the
socket reply.
 2020-11-20 11:06:22 +01:00
Dirk
b08b5d8b98 Bump version to 3.0.3 2020-11-19 09:41:12 +01:00
Dirk Wetter
0abaa6d2bf
Merge pull request #1774 from drwetter/ca-update_3.0 
Update certificate stores (3.0 branch)
 2020-11-14 11:11:03 +01:00
Dirk Wetter
2f18dcbd58 Update remaining stores: Apple / Java / Microsoft 
* also ca_hashes.txt

* Used Java SDK 15 instead of JRE 8
* Used Windows 10 20H2
* Java Keystore has added 5 certificates (90 --> 95)

Updated Readme and make instructions more reproducible

Fixes #1772
 2020-11-13 22:13:10 +01:00
Dirk Wetter
d536c07b72
Merge pull request #1776 from drwetter/fix_1762_3.0 
Stop labeling X-XSS-Protection as green (3.0 branch)
 2020-11-13 15:24:22 +01:00
Dirk Wetter
99a158d952 Stop labeling X-XSS-Protection as green (3.0 branch) 
* X-XSS-Protection is now labled as a neutral finding as suggested in #1762
* Also it adds colons to header values

This a quick fix for the stable version as opposed to #1764 ff.
It also changes the color from lite cyan to neutral
 2020-11-13 13:57:21 +01:00
Dirk Wetter
a180ec4f80 update Linux.pem + Mozilla.pem 2020-11-11 18:37:56 +01:00
Dirk Wetter
f3abf77ed8
Merge pull request #1761 from keisentraut/fix-1757-3.0 
fix #1757: manpage: --c has one dash to much (backport 3.0)
 2020-10-29 20:28:23 +01:00
Klaus Eisentraut
44fd73bfcd fix #1757: manpage: --c has one dash to much (backport 3.0) 2020-10-29 20:21:05 +01:00
Dirk Wetter
0cf5a49762
Merge pull request #1759 from drwetter/fix_1754_3.0 
Fix run_freak() when sslv2 server hello is empty (3.0 branch)
 2020-10-28 15:05:51 +01:00
Dirk Wetter
3c97412a61 Address complaint by Travis + RC4 SSLv2 ciphers shortcut 
Despite the fact google doesn't support RC4 ciphers, testssl.sh called
sslv2_sockets(). Google answered with a >= TLS alert. Building a sum then
failed then in sslv2_sockets().

This fixes sslv2_sockets() and introduces count_chars() as a helper function
(tested also under old FreeBSD to make sure it works under MacOSX).

Also it adds a shortcut: if we are sure we don't have sslv2 we don't need
to test any RC4 SSLv2 ciphers
 2020-10-28 11:45:41 +01:00
Dirk
4ddc90d98d Fix run_freak() when sslv2 server hello is empty (3.0 branch) 
This fixes #1754 by avoiding further string operations if the SSLv2 socket reply is empty as bash 5.1 seems to have a problem with that. The fix is done in sslv2_sockets() .

Also sslv2 is not being used in run_freak() if known not to be supported.
 2020-10-27 22:48:50 +01:00
Dirk Wetter
cd9b98ca70
Merge pull request #1727 from drwetter/fix_1725_SCIR_3.0 
Fix Secure Client-Initiated Renegotiation false positive (3.0 branch)
 2020-09-16 20:13:33 +02:00
Dirk
08feaf4a0c Fix Secure Client-Initiated Renegotiation false positive (3.0 branch) 
Server side closed the connection but openssl retrieved
a zero exit code. In addition now we look for "closed"
and if that was returned from the server we label it
as not vulnerable.

This fixes #1725.

Same fix as for 3.1dev, see #1726
 2020-09-16 18:13:47 +02:00
Dirk Wetter
c0581afeeb
Merge pull request #1712 from dcooper16/fix1699_3.0 
Fix #1699 in 3.0 branch
 2020-08-31 17:07:46 +02:00
David Cooper
b7dab55b6c Fix #1699 in 3.0 branch 
This commit makes the same change as #1711, but in the 3.0 branch.
 2020-08-31 10:42:11 -04:00
Dirk
d9866d875a Revised risk for BREACH --> medium 2020-07-10 19:56:18 +02:00
Dirk Wetter
e1b0f2d55f
Merge pull request #1673 from dcooper16/fix_unrecognized_option_3.0 
Fix printing of unrecognized option in 3.0 branch
 2020-07-07 15:54:11 +02:00
David Cooper
cb5305e42d Fix printing of unrecognized option in 3.0 branch 
When testssl.sh is called with an unknown option it prints something like:

     0: unrecognized option "--option"

It should be printing the name of the program rather than "0". This commit fixes that.
 2020-07-07 07:39:28 -04:00
Dirk Wetter
2949b95937
Merge pull request #1667 from dcooper16/fix1665_3.0 
Fix #1665 in 3.0 branch
 2020-06-25 20:45:42 +02:00
David Cooper
e2dce19559
Fix #1665 in 3.0 branch 
This commit fixes #1665 by adding the certificate number to the JSON identifier for cert_eTLS.
 2020-06-25 13:24:10 -04:00
Dirk Wetter
916d942b00
Merge pull request #1664 from dcooper16/fix1662_3.0 
Fix #1662 in 3.0 branch
 2020-06-25 13:40:41 +02:00
David Cooper
f7ef50b968
Fix #1662 in 3.0 branch 
This commit fixes #1662 in the 3.0 branch by changing the fileout to use the value of $cert_ext_keyusage rather than the string "cert_ext_keyusage".
 2020-06-25 07:37:37 -04:00
Dirk Wetter
2cdcf1564b
Merge pull request #1661 from csett86/wireshark-android-7-0-backport 
Add wiresharked Android 7.0 (native) (backport of #1659)
 2020-06-25 08:31:17 +02:00
Christoph Settgast
e2a1f9f329 Add wiresharked Android 7.0 (native) 
After being bitten by https://stackoverflow.com/questions/39133437/sslhandshakeexception-handshake-failed-on-android-n-7-0
I add a wiresharked Android 7.0 to reflect that bug in Android 7.0.

Backport of 82e939f2bd
 2020-06-24 21:10:22 +02:00
Dirk Wetter
594f09e858
Merge pull request #1647 from drwetter/fix_mxs_in_get_mx_record 
Fix wrong variable declaraton in get_mx_record()
 2020-05-26 09:35:54 +02:00
Dirk
11c03790bf Fix wrong variable declaraton in get_mx_record() 
mx was declared, mxs used instead. This fixes
it by correcting the declaration.
 2020-05-25 21:28:44 +02:00
Dirk Wetter
c6ca746954
Merge pull request #1634 from drwetter/dockerfile+ 
Better Dockerfile: doesn't require "git clone"
 2020-05-09 12:54:02 +02:00
Dirk
e5bb789dd3 Better Dockerfile: doesn't require "git clone" 
.. see also #1559.

It "mkdirs" the needed etc and bin directories first, then copies
stuff over. It also reduces a few layers.

Also it corrects a mistake in the Readme.md (docker exec --> run)
 2020-05-09 12:48:11 +02:00
Dirk Wetter
747b1e20ac
Merge pull request #1633 from unit193/3.0 
Fix a couple typos.
 2020-05-09 12:20:03 +02:00
Unit 193
f1a53a5b3a Fix a couple typos. 
enviroment → environment
ususally → usually
 2020-05-09 05:42:41 -04:00
Dirk Wetter
4e887e3ee4
Merge pull request #1628 from drwetter/bump_version302 
Bump version to 3.0.2
 2020-05-08 11:44:48 +02:00