Git
/
testssl.sh
mirror of https://github.com/drwetter/testssl.sh.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,834 Commits 14 Branches 30 Tags 204 MiB
Commit Graph

1834 Commits

Author SHA1 Message Date
Peter Mosmans 764f20dbcf FIX: Show version when specified on command line 
ADDITION: Show git commit information, to support troubleshooting.
 2015-05-30 11:13:57 +02:00
Dirk Wetter d066e0868a Merge pull request #112 from AntonioMeireles/cosmetics_1 
trim all whitespace at EOL, plus spelling typos fixes.
 2015-05-29 22:42:51 +02:00
António Meireles faa9c49a2b fix spelling typos. 
Signed-off-by: António Meireles <antonio.meireles@reformi.st>
 2015-05-29 18:56:57 +01:00
António Meireles 4064332234 trim all whitespace at EOL. 
also, align comment blocks for better code readability.

Signed-off-by: António Meireles <antonio.meireles@reformi.st>
 2015-05-29 18:44:32 +01:00
Dirk 9b2b897a43 - make date even more beautiful, see #110 
- fix RUN_DIR
 2015-05-29 14:12:22 +02:00
Dirk Wetter df3b9019a1 Update Readme.md 2015-05-29 13:37:37 +02:00
Dirk Wetter e14453b607 Merge pull request #110 from AntonioMeireles/master 
simplify life for OSX users running gnu's coreutils...
 2015-05-29 11:01:47 +02:00
Dirk 4e18c35271 Merge branch 'master' of github.com:drwetter/testssl.sh 2015-05-29 10:36:47 +02:00
Dirk 41ee37f0dc - per default we do a allciphers run in the end 
- option long changed to wide
- PFS now is per default not wide
- PFS comes after standard cipher lists
- debug output improved (in terms of privacy and additional info)
 2015-05-29 10:36:14 +02:00
Dirk b48ac9874e - early check to make sure people really use bash, see #109 2015-05-29 10:10:53 +02:00
Dirk 2ac34c1424 - early check to make sure people really use bash, see #109 2015-05-29 10:08:17 +02:00
António Meireles 4063e38ccf simplify life for OSX users running gnu's coreutils... 
Signed-off-by: António Meireles <antonio.meireles@reformi.st>
 2015-05-28 16:56:37 +01:00
Dirk Wetter 8b10dc9638 - code improvements rc4, beast, logjam, freak 2015-05-27 23:31:25 +02:00
Dirk Wetter f9605c4f35 - BEAST now also works in wide mode 
- renamed --long in --wide
- added --show-each to help
- inserted help
 2015-05-27 17:04:35 +02:00
Dirk Wetter a76ca52c4c - first candidate for logjam (missing the precomuted primes though) 
- 1024 DH is now brown instead of red, 768 will be red, 512 bold red
- dumped calls to ok()
- further cosmetic stuff
 2015-05-27 14:28:18 +02:00
Dirk f261884499 Merge branch 'master' of github.com:drwetter/testssl.sh 
Conflicts:
	testssl.sh
 2015-05-27 11:24:47 +02:00
Dirk ed38a365ae - fix regression on missing rfc cipher names 
- cosmetic stuff
 2015-05-27 11:19:30 +02:00
Dirk Wetter efffe9867b - FIX: cipher mapping 
- adjust trailing spaces missing b4
 2015-05-26 19:26:21 +02:00
Dirk Wetter c7a76d9b86 - typo/ c&p error with dh func 
- fixed uninitialised var
 2015-05-26 15:59:27 +02:00
Dirk d58f39d008 - logjam 2015-05-26 12:57:15 +02:00
Dirk 8ab0aef84b Merge branch 'master' of github.com:drwetter/testssl.sh 2015-05-26 12:56:17 +02:00
Dirk 060178071d - for pfs. allciphers and cipher_per_proto we WARN now because of weak DH param (if openssl supports it) 
FIX #106, $85
- logjam not yet named *#105, #107) but addressed
- --openssl switch
- reorder find_openssl_binary / mybanner
- proper identation of help
 2015-05-26 12:51:10 +02:00
Dirk Wetter 9b13160953 Update Readme.md 2015-05-25 21:41:45 +02:00
Dirk 3c161f9ce4 - blanks in headlines added 2015-05-25 21:22:21 +02:00
Dirk 9c7d385098 - omit 1xblank in almost all colored output (and adjust the functions using it) 
- little bit more robust for strange keysize and dh bits
- added ecdsa-with-SHA256 to Signature Algorithm
- FIX: no TLS1+SSL3 resulted in no output for BEAST
 2015-05-25 21:14:59 +02:00
Dirk e58b53eeae - dh key lenghth in negotiated cipher at first, see $85, #105, #106 
- got rid of ok function calls in protocols
- detection of apache banner win32/win64
 2015-05-25 15:10:09 +02:00
Dirk a7a19428d6 - FIX for #104: check for hpkp pin match failed if \" was present 2015-05-18 23:10:34 +02:00
Dirk 0c4a36121e - NEW / FIX #104: check for hpkp pin match 2015-05-18 21:51:45 +02:00
Dirk Wetter bf7b867d86 Update Readme.md 2015-05-17 22:56:38 +02:00
Dirk 7cc15e5d4d - 2.4 2015-05-17 22:43:53 +02:00
Dirk 43732ae53d Merge branch 'master' of github.com:drwetter/testssl.sh 2015-05-17 22:42:53 +02:00
Dirk 4e7bbb20a0 - 2.4 2015-05-17 22:41:58 +02:00
Dirk 1c509bf845 2015-05-17 22:34:50 +02:00
Dirk 2919a7c40e - 2.4! 
- FIX #92
- FIX for TLS time (difftime was too small for local clock skew)
- warning for freebsd/macosx w/o ports need now a "yes"
- TLS 1.0 not offered is not bold anymore
- output weirdness fixed for cipher order in spdy
 2015-05-17 22:30:49 +02:00
Dirk 6e74b3bd5c - FIX of output whene there's no CBC cipher in BEAST 
- FIX: 2 occurrances of OPENSSL calls had a hostname instead of an IP address
- FIX: starttls protocol correctly displayed
- NEW added duplicate detection for header flags
- NEW: added four GOST cipher to standard socket handshake
- recommends if openssl 1.0.2 is used and results were strange and IIS6 --> run wqith openssl 1.0.1
- declared some global vars as readonly
 2015-05-15 21:32:11 +02:00
Dirk Wetter 7741d99cc8 Update Readme.md 2015-05-12 13:42:42 +02:00
Dirk 7614ac6f87 Merge branch 'master' of github.com:drwetter/testssl.sh 2015-05-12 13:38:20 +02:00
Dirk 16d2b33459 - Workarounds for IIS6 #99 : some places where openssl 1.0.2 cannot connect (as opposed 
to =< 1.0.1) finding the right protocol before
- hints for IIS6+openssl 1.0.2 non-conformity #99
- version bumped up to 2.4rc2
- better formatting for BSD in cipher order
- FIX: 2x bug for cipher order + sslv2
- preambel revisited
 2015-05-12 13:37:39 +02:00
Dirk Wetter a7d7158c4b Update Readme.md 2015-05-12 10:21:31 +02:00
Dirk 3a64bd1005 - WONTFIX remarks for #103 and #102 
- better warning for openssl < 1.0
 2015-05-11 16:58:57 +02:00
Dirk 35d8469f67 URL_PATH regression fixed 2015-05-11 10:47:26 +02:00
Dirk 08fe890d5f - two fixes from #40 reported by @salt-lick 2015-05-11 08:52:40 +02:00
Dirk 19fc021587 - FIX: 30x with BigIP doesn't have a date, handled properly now 
- generic GET/HEAD is now always with URL_PATH
 2015-05-10 23:38:06 +02:00
Dirk 0050df5529 - informative header extended 2015-05-10 20:54:43 +02:00
Dirk 2f79ba52fc - NUMEROUS FreeBSD9/Darwin FIXES #40 
- http date
  - cipher list in preferences
- GET_REQ11 now closes the connection
- openssl_age comes afeter the banner so that help doesn't need to go thru this
- uname -s ==> SYSTEM
 2015-05-10 19:20:55 +02:00
Dirk 0aa8ac7e76 - more robust wrt IIS6 (some stuff better with IIS7) 
- X-Powered-By is easy to remove (PHP, ASP.NET), thus labelled as yellow
- same X-AspNet-Version (version # itself is brown)
- better addressed address resolution failures ;-)
- bumped up version to 2.4rc1
 2015-05-06 18:48:51 +02:00
Dirk f3f3967bd1 - FIX $87 (2), finally 
- feature: integrated TLS+HTTP time into server defaults
- NEW: option: -U/vulnerable
- moved explanation for BREACH into result
- FREAK and CCS are not labled experimental anymore
- unifying of get request headers
- readability of help
 2015-05-02 15:01:02 +02:00
Dirk Wetter 2aa82e5164 - partly FIX for #87 (removed SNI helps. Doesn't make sense anyway) 
- changed order of Secure Renegotiation/Secure Client-Initiated Renegotiation
- readability improvements in renego
 2015-05-01 12:18:43 +02:00
Dirk d766a0b459 - fix additional \n in RC4 if no RC4 ciphers were detected 2015-04-28 08:04:09 +02:00
Dirk Wetter ae1abda571 Update Readme.md 2015-04-24 16:52:08 +02:00