Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-10-31 13:55:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
785 Commits 17 Branches 35 Tags
bbb8af804e1ebf33eaed1d5e882916c009807bfd
Commit Graph

785 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dirk Wetter
2b14455c55 client auth added 2015-10-11 23:41:05 +02:00
Dirk
1a1f007ef9 - banner f'up reversed 2015-10-11 23:34:53 +02:00
Dirk
8c0786d147 - switched on clientauth functionality (missed b4) 2015-10-11 23:23:35 +02:00
Dirk
b9bfd48871 - client based auth (see sclient_connect_successful() works now, see #206) 
- careful regression tests for this, point open: speed
- test for more TLS extensions
- heartbleed() does now before a check whether heartbeat is available to save time
- breach simplyfied (and doesn't have to be killed in seldom cases)
- tmpfiles are only being erased after exit not after each function
- user agent is testssl -- unless --sneaky is chosen
- global host vars are now being resetted to prevent side effects
- tls version in record layer is now always 1
- used ERRFILE wherever possible
- smaller code cleanups
 2015-10-11 23:07:16 +02:00
Dirk Wetter
379bc9464a Update Readme.md 2015-10-11 11:47:10 +02:00
Dirk Wetter
4eacc75f2d Merge pull request #209 from jumanjiman/docker_readme 
Readme: add link(s) to external contrib, such as docker images
 2015-10-11 10:03:19 +02:00
Dirk Wetter
0600e39b45 - fix screw up of rDNS display for those few folks having only IPv4 ;-) 2015-10-06 12:30:29 +02:00
Dirk
a3a15aa11e Merge branch 'master' of github.com:drwetter/testssl.sh 2015-10-05 09:59:22 +02:00
Dirk
f8d6a2fb6d - IPv6 formatting fixed, see #11 (points 3,4,5) 
5 cannot be done automagically, see issue
 2015-10-05 09:56:21 +02:00
Dirk Wetter
fc46a61733 Update Readme.md 2015-10-05 09:22:02 +02:00
Dirk Wetter
8b917e6625 Update Readme.md 2015-10-05 09:19:11 +02:00
Dirk
a0d634f94a - ouput corrections for BEAST 2015-10-04 12:32:29 +02:00
Dirk
41bc2fb70c - regression wrt what_dh 2015-10-03 00:14:52 +02:00
Paul Morgan
2fe8fc95fa Readme: add link(s) to external contrib, such as docker images 2015-10-01 21:39:09 -04:00
Dirk Wetter
5d230edb3a Merge branch 'master' of github.com:drwetter/testssl.sh 2015-10-01 13:29:25 +02:00
Dirk Wetter
f3cef41053 - some speed improvements (sed, tr --> bash internal s'n'r) 
- revamped BEAST a bit: availablity of higher protocols lead now to yellow color, see #208
- Fixed error in BEAST (no higher protos led to no message)
- made BEAST it faster: one check for protocol ssl3+tls1 upfront, see #208
 2015-10-01 13:27:14 +02:00
Dirk Wetter
8648398094 Update CREDITS.md 2015-10-01 13:19:15 +02:00
Dirk Wetter
fd256a74b1 Merge pull request #207 from typingArtist/beast 
Fix CBC cipher selection for BEAST detection
 2015-10-01 11:51:16 +02:00
typingArtist
2ca6c2b0dc improved variable naming, scope and worked around length limitation of cipher list, as suggested by @drwetter 2015-09-30 14:54:39 +02:00
typingArtist
449aada392 fix CBC cipher selection 
CBC cipher selection is not so easy using the openssl tool alone. Selecting the cipher based on the string CBC occuring in it would be right if it’s
about the RFC name of the cipher but not so with the openssl naming. Since CBC ciphers are not going to be continued anyway, I think it’s safe to take
a static list. However, it’s easy to extract it from the cipher list in openssl-rfc.mapping.html, but we certainly don’t want to require that file to
be shipped all the time.
 2015-09-30 12:44:27 +02:00
Dirk
1c1eaa53d8 - fix for renamed http_header function 2015-09-29 18:47:49 +02:00
Dirk
cac49cb1f1 - "--file" implicitly does "--warnings=batch" 
- "--file" works now fine with equal sign
- fixed load balancer issue where header request stalled and testssl.sh consequently too
- http_date needed to be changed too because of that
- needed to estimate then the http_date when request was killed (HAD_SLEPT)
  will Mr. Spock like this??
- fixed load balancer issue where header request for breach test stalled and thus an error was displayed
- code improvements
 2015-09-28 22:54:00 +02:00
Dirk Wetter
251e09bb4e IPv6 2015-09-26 23:00:41 +02:00
Dirk
feaef680aa - IPv6 #11 is 80% working (whohoo!). Needed is an openssl capable IPv6 and HAS_IPv6=true in the environment 
- FIX #191
 2015-09-26 22:44:33 +02:00
Dirk Wetter
cc81642ee3 - #FIX 202 (EV detection from TERENA/Digicert) 2015-09-25 14:35:42 +02:00
Dirk
a2efc201b7 - added a failure condition for trust check 2015-09-24 09:10:43 +02:00
Dirk
06466cca92 - proxy in determine_trust was missing 2015-09-23 09:03:47 +02:00
Dirk Wetter
bdd6856de8 Update Readme.md 2015-09-22 20:17:06 +02:00
Dirk
bf54d9ef3d Merge branch 'master' of github.com:drwetter/testssl.sh 2015-09-22 20:09:41 +02:00
Dirk
0b1e573fc9 - FIX #190: Server temp key backport for RH-ish systems works now automagically 
- just to be sure there's a cmd line flag --has-dhbit / env HAS_DH_BITS
- some reordering
 2015-09-22 20:09:26 +02:00
Dirk Wetter
95b6d59b7c Update Readme.md 2015-09-22 17:54:25 +02:00
Dirk
faa6de312d Merge branch 'master' of github.com:drwetter/testssl.sh 2015-09-22 17:15:08 +02:00
Dirk
4b57a22f6e - FIX #198 (date env problem under BSD and maybe others) 2015-09-22 17:14:36 +02:00
Dirk Wetter
fb565ac78e See #97 2015-09-22 16:39:09 +02:00
Dirk
1668daa04e - NEW: chain of trust -- for openssl 1.0.2 only 
- FIX #97
 2015-09-22 15:05:59 +02:00
Dirk
3eeb1f9d9d - check whether dig, host or nslookup is there. The error message is now describing the cause 2015-09-21 16:43:47 +02:00
Dirk
23802e219d - #FIX 197 
- renamed a variable
 2015-09-21 14:03:48 +02:00
Dirk
6406e1828d - minor polish of output 2015-09-19 15:03:40 +02:00
Dirk
413b64c44a - fixed proxy name resolution and make it more robust 
- additional line if a proxy is used above rDNS
 2015-09-18 15:12:01 +02:00
Dirk Wetter
fc3f711b4c Need to reflect the new master 2015-09-17 15:33:41 +02:00
Dirk
945d26d222 - changed version number 
- retabed to five spaces
 2015-09-17 15:30:15 +02:00
Dirk Wetter
4cee5c21c0 Running 2.6. now 2015-09-16 14:58:28 +02:00
Dirk
58096d6633 2.6 release 2015-09-15 08:49:00 +02:00
Dirk
467988fb0a - improved resilience in cipher order check 
- improved also there compatibility with intolerant IIS6 servers
 2015-09-14 12:54:54 +02:00
Dirk Wetter
09c06e0ffa Update Readme.md 2015-09-14 11:21:24 +02:00
Dirk
a2ba43ec78 - litemagenta should be used for not fatal conditions / magenta for fatal conditions (prg terminates then) 2015-09-14 11:12:37 +02:00
Dirk
9b08cb7584 - FIX /workaround for #188 (https://github.com/drwetter/testssl.sh/issues/188) 
- bumped up version to rc4
 2015-09-14 11:03:10 +02:00
Dirk
a9f231b3ff - fix where an $PID"ERRFILE" was written 2015-09-09 16:41:32 +02:00
Dirk
d28317f2d0 - exit code always 0 unless an error occured 
- enable devel feaure of SSLv2 via socket
 2015-09-08 19:30:03 +02:00
Dirk
566a059250 - fix for issue when a non-HTTP service indicates a misleading non-match of certificate 
- wildcard check
 2015-09-06 18:21:08 +02:00