Dirk Wetter
d066e0868a
Merge pull request #112 from AntonioMeireles/cosmetics_1
...
trim all whitespace at EOL, plus spelling typos fixes.
2015-05-29 22:42:51 +02:00
António Meireles
faa9c49a2b
fix spelling typos.
...
Signed-off-by: António Meireles <antonio.meireles@reformi.st>
2015-05-29 18:56:57 +01:00
António Meireles
4064332234
trim all whitespace at EOL.
...
also, align comment blocks for better code readability.
Signed-off-by: António Meireles <antonio.meireles@reformi.st>
2015-05-29 18:44:32 +01:00
Dirk
9b2b897a43
- make date even more beautiful, see #110
...
- fix RUN_DIR
2015-05-29 14:12:22 +02:00
Dirk Wetter
df3b9019a1
Update Readme.md
2015-05-29 13:37:37 +02:00
Dirk Wetter
e14453b607
Merge pull request #110 from AntonioMeireles/master
...
simplify life for OSX users running gnu's coreutils...
2015-05-29 11:01:47 +02:00
Dirk
4e18c35271
Merge branch 'master' of github.com:drwetter/testssl.sh
2015-05-29 10:36:47 +02:00
Dirk
41ee37f0dc
- per default we do a allciphers run in the end
...
- option long changed to wide
- PFS now is per default not wide
- PFS comes after standard cipher lists
- debug output improved (in terms of privacy and additional info)
2015-05-29 10:36:14 +02:00
Dirk
b48ac9874e
- early check to make sure people really use bash, see #109
2015-05-29 10:10:53 +02:00
Dirk
2ac34c1424
- early check to make sure people really use bash, see #109
2015-05-29 10:08:17 +02:00
António Meireles
4063e38ccf
simplify life for OSX users running gnu's coreutils...
...
Signed-off-by: António Meireles <antonio.meireles@reformi.st>
2015-05-28 16:56:37 +01:00
Dirk Wetter
8b10dc9638
- code improvements rc4, beast, logjam, freak
2015-05-27 23:31:25 +02:00
Dirk Wetter
f9605c4f35
- BEAST now also works in wide mode
...
- renamed --long in --wide
- added --show-each to help
- inserted help
2015-05-27 17:04:35 +02:00
Dirk Wetter
a76ca52c4c
- first candidate for logjam (missing the precomuted primes though)
...
- 1024 DH is now brown instead of red, 768 will be red, 512 bold red
- dumped calls to ok()
- further cosmetic stuff
2015-05-27 14:28:18 +02:00
Dirk
f261884499
Merge branch 'master' of github.com:drwetter/testssl.sh
...
Conflicts:
testssl.sh
2015-05-27 11:24:47 +02:00
Dirk
ed38a365ae
- fix regression on missing rfc cipher names
...
- cosmetic stuff
2015-05-27 11:19:30 +02:00
Dirk Wetter
efffe9867b
- FIX: cipher mapping
...
- adjust trailing spaces missing b4
2015-05-26 19:26:21 +02:00
Dirk Wetter
c7a76d9b86
- typo/ c&p error with dh func
...
- fixed uninitialised var
2015-05-26 15:59:27 +02:00
Dirk
d58f39d008
- logjam
2015-05-26 12:57:15 +02:00
Dirk
8ab0aef84b
Merge branch 'master' of github.com:drwetter/testssl.sh
2015-05-26 12:56:17 +02:00
Dirk
060178071d
- for pfs. allciphers and cipher_per_proto we WARN now because of weak DH param (if openssl supports it)
...
FIX #106 , $85
- logjam not yet named *#105, #107 ) but addressed
- --openssl switch
- reorder find_openssl_binary / mybanner
- proper identation of help
2015-05-26 12:51:10 +02:00
Dirk Wetter
9b13160953
Update Readme.md
2015-05-25 21:41:45 +02:00
Dirk
3c161f9ce4
- blanks in headlines added
2015-05-25 21:22:21 +02:00
Dirk
9c7d385098
- omit 1xblank in almost all colored output (and adjust the functions using it)
...
- little bit more robust for strange keysize and dh bits
- added ecdsa-with-SHA256 to Signature Algorithm
- FIX: no TLS1+SSL3 resulted in no output for BEAST
2015-05-25 21:14:59 +02:00
Dirk
e58b53eeae
- dh key lenghth in negotiated cipher at first, see $85, #105 , #106
...
- got rid of ok function calls in protocols
- detection of apache banner win32/win64
2015-05-25 15:10:09 +02:00
Dirk
a7a19428d6
- FIX for #104 : check for hpkp pin match failed if \" was present
2015-05-18 23:10:34 +02:00
Dirk
0c4a36121e
- NEW / FIX #104 : check for hpkp pin match
2015-05-18 21:51:45 +02:00
Dirk Wetter
bf7b867d86
Update Readme.md
2015-05-17 22:56:38 +02:00
Dirk
7cc15e5d4d
- 2.4
2015-05-17 22:43:53 +02:00
Dirk
43732ae53d
Merge branch 'master' of github.com:drwetter/testssl.sh
2015-05-17 22:42:53 +02:00
Dirk
4e7bbb20a0
- 2.4
2015-05-17 22:41:58 +02:00
Dirk
1c509bf845
2015-05-17 22:34:50 +02:00
Dirk
2919a7c40e
- 2.4!
...
- FIX #92
- FIX for TLS time (difftime was too small for local clock skew)
- warning for freebsd/macosx w/o ports need now a "yes"
- TLS 1.0 not offered is not bold anymore
- output weirdness fixed for cipher order in spdy
2015-05-17 22:30:49 +02:00
Dirk
6e74b3bd5c
- FIX of output whene there's no CBC cipher in BEAST
...
- FIX: 2 occurrances of OPENSSL calls had a hostname instead of an IP address
- FIX: starttls protocol correctly displayed
- NEW added duplicate detection for header flags
- NEW: added four GOST cipher to standard socket handshake
- recommends if openssl 1.0.2 is used and results were strange and IIS6 --> run wqith openssl 1.0.1
- declared some global vars as readonly
2015-05-15 21:32:11 +02:00
Dirk Wetter
7741d99cc8
Update Readme.md
2015-05-12 13:42:42 +02:00
Dirk
7614ac6f87
Merge branch 'master' of github.com:drwetter/testssl.sh
2015-05-12 13:38:20 +02:00
Dirk
16d2b33459
- Workarounds for IIS6 #99 : some places where openssl 1.0.2 cannot connect (as opposed
...
to =< 1.0.1) finding the right protocol before
- hints for IIS6+openssl 1.0.2 non-conformity #99
- version bumped up to 2.4rc2
- better formatting for BSD in cipher order
- FIX: 2x bug for cipher order + sslv2
- preambel revisited
2015-05-12 13:37:39 +02:00
Dirk Wetter
a7d7158c4b
Update Readme.md
2015-05-12 10:21:31 +02:00
Dirk
3a64bd1005
- WONTFIX remarks for #103 and #102
...
- better warning for openssl < 1.0
2015-05-11 16:58:57 +02:00
Dirk
35d8469f67
URL_PATH regression fixed
2015-05-11 10:47:26 +02:00
Dirk
08fe890d5f
- two fixes from #40 reported by @salt-lick
2015-05-11 08:52:40 +02:00
Dirk
19fc021587
- FIX: 30x with BigIP doesn't have a date, handled properly now
...
- generic GET/HEAD is now always with URL_PATH
2015-05-10 23:38:06 +02:00
Dirk
0050df5529
- informative header extended
2015-05-10 20:54:43 +02:00
Dirk
2f79ba52fc
- NUMEROUS FreeBSD9/Darwin FIXES #40
...
- http date
- cipher list in preferences
- GET_REQ11 now closes the connection
- openssl_age comes afeter the banner so that help doesn't need to go thru this
- uname -s ==> SYSTEM
2015-05-10 19:20:55 +02:00
Dirk
0aa8ac7e76
- more robust wrt IIS6 (some stuff better with IIS7)
...
- X-Powered-By is easy to remove (PHP, ASP.NET), thus labelled as yellow
- same X-AspNet-Version (version # itself is brown)
- better addressed address resolution failures ;-)
- bumped up version to 2.4rc1
2015-05-06 18:48:51 +02:00
Dirk
f3f3967bd1
- FIX $87 (2), finally
...
- feature: integrated TLS+HTTP time into server defaults
- NEW: option: -U/vulnerable
- moved explanation for BREACH into result
- FREAK and CCS are not labled experimental anymore
- unifying of get request headers
- readability of help
2015-05-02 15:01:02 +02:00
Dirk Wetter
2aa82e5164
- partly FIX for #87 (removed SNI helps. Doesn't make sense anyway)
...
- changed order of Secure Renegotiation/Secure Client-Initiated Renegotiation
- readability improvements in renego
2015-05-01 12:18:43 +02:00
Dirk
d766a0b459
- fix additional \n in RC4 if no RC4 ciphers were detected
2015-04-28 08:04:09 +02:00
Dirk Wetter
ae1abda571
Update Readme.md
2015-04-24 16:52:08 +02:00
Dirk
150fb671bb
- more thourough what has been done
2015-04-23 09:25:28 +02:00