Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-03-14 13:46:35 +01:00
Code Issues Packages Projects Releases Wiki Activity
2,386 Commits 16 Branches 31 Tags
Commit Graph

1622 Commits

Author SHA1 Message Date
Dirk Wetter
90930a2f78 - changed return code if someone dares to use dash as it hiccups 
- catch users try to use sh instead of real bash (#184),  see http://www.gnu.org/software/bash/manual/bashref.html#Bash-POSIX-Mode)
 2015-09-02 12:56:03 +02:00
Dirk Wetter
45eb3ed662 better phrasing for LOGJAM, see #181 2015-08-28 17:43:38 +02:00
Dirk Wetter
90ead7a301 FIX #183 2015-08-28 17:06:07 +02:00
Dirk Wetter
412fb6fb05 FIX #182 2015-08-28 16:46:28 +02:00
Dirk Wetter
9b718d39d0 - removed VERBERR (is now DEBUG=2) 
- hex2dec uses now internal echo instead of printf (which has problems with some chars if unexpected content if not properly used)
 2015-08-28 14:59:04 +02:00
Dirk
b5818f6034 - FIX $177 
- some by-catches whle shellchecking
- minor cleanups
 2015-08-28 00:15:51 +02:00
Dirk
c102bb6712 micro fix for the ESC code orgination fron tput test 2015-08-27 20:39:20 +02:00
Dirk
0d9370237c - FIX #172 
- labeled TLS_FALLBACK_SCSV as experimental, to be improved in next release (remarks in code)
- removed experimental from FREAK check
- separated headerfile from errorfile, TLS handshake oids were sometimes misinterpreted as IPv4 addreses in header
- bumped up rc version
- linefeeds
 2015-08-27 11:25:12 +02:00
Dirk Wetter
c93dc01b41 better service detection, dedicated line for NNTP and certificate stuff redirected to ERRFILE 2015-08-26 20:06:53 +02:00
Dirk Wetter
838112e6d2 - LibreSSL compatibility: recent pull spits out an error if cnf file isn't found (oh well) ==> introduction of #ERRFILE, good idea anyway 
- commented what I wanted to achieve with the colors
- code cleanups
 2015-08-24 23:50:03 +02:00
Dirk
aa91990fb3 - fix bug where a host name like AAA.BBB.CCC.DDD.in-addr.arpa.DOMAIN.TLS was taken as an ipv4 address 
- freebsd 9 supports now also colors with setaf, Darwin?
- correct indentation of help
- improved parsing in command line so that where a distinct option is required it is also tested in the 1st place
- removed -q in help (deprecated as we might want to use it for other things in the future)
- fix: if $PWD/openssl was a dir it bailed out
- cleanup of fatal errors ==> provide ONE function
 2015-08-24 22:17:35 +02:00
Dirk
83bf9067aa FIX #167 (# of certificates provided) 2015-08-23 21:16:34 +02:00
Dirk Wetter
6baf5e377c - sanitize '%' in general output function, avoids hiccups in url encoded strings 
- FIX #178 (Security headers only key in green, not value)
- CSP rule for facebook hast 127.0.0.1 which is labeled as IP address
 2015-08-21 18:10:45 +02:00
Dirk Wetter
87cef93b6c - more solid parsing for HPKP header (FIX #163) 
- X-UA-Compatible is now an "other" flag and key won't be swallowed
 2015-08-21 12:43:10 +02:00
Dirk Wetter
394bde8ff5 output FIX for multiple CRLs (#165) 2015-08-21 10:47:29 +02:00
Peter Mosmans
cd4ba60f16 Fixes #174 
Thanks to Ligushka
 2015-08-18 16:07:24 +02:00
Jonathon Rossi
e8cbf1a699 Fix subject alternative name on darwin 2015-08-18 17:15:17 +10:00
Dirk
9afab04012 FIX #162 (leading space for rp banner and missing lf) 2015-08-17 20:13:52 +02:00
Dirk
405b0f10bf FIX #161 + small improvemnet on rengotiation 2015-08-15 21:33:17 +02:00
Dirk
e3fcd786f7 - FIX #160 -- removed code from #27 
- bumped up version to 2.6rc2
 2015-08-15 18:48:49 +02:00
Dirk Wetter
58a1c1c1da - expiration variables tunable via ENV 
- cleanups expire section
 2015-08-13 16:56:12 +02:00
Thomas Kähn
8963916b3b Fix certificate expiration check 2015-08-12 18:28:50 +02:00
Dirk Wetter
719536a44e FIX: Dilyans bug where a STARTTLS servive runs on a different port 2015-08-12 13:58:45 +02:00
Dirk
5bc6e5fda9 - if a record is local host it is shown now 
- also look in etc hosts for MSYS2
- cosmetic improvements
 2015-08-12 00:17:28 +02:00
Dirk Wetter
81b158431f NEW: showing # of detected pinned keys (HPKP) 2015-08-10 15:58:56 +02:00
Dirk Wetter
72aa8add5c FIX for missing CN (e.g. cloudflare) 2015-08-10 15:17:42 +02:00
Dirk Wetter
e6f0f79157 - FIX: rDNS ignores CNAME now 
- some code beautified
 2015-08-10 14:47:11 +02:00
Dirk
aa2b33fdb4 rp header fine tuning 2015-08-08 13:42:31 +02:00
Dirk
dc60d9360a reverse proxy banner alignment 2015-08-08 13:37:05 +02:00
Dirk
56e6f90308 FIX #158 (pagesspeed header was identified as IPv4 addr) 2015-08-08 10:20:13 +02:00
Dirk Wetter
70ff293fb7 - fix for #156 
- reverting #27. Catch is the functions are being initiated at a fixed time instead of while calling. This conflicts with the --color option which is done late. Other solution?
 2015-08-05 11:31:55 +02:00
Dirk
f1fe2c3286 just renaming as rc1 for 2.6 2015-08-02 01:25:39 +02:00
Dirk
fcb8c5d0bc - FIX for multiple ip addresses for one mx host (didn't expect a matroshka ;-)) 
- make dotted lines smaller
 2015-08-02 01:16:27 +02:00
Dirk
ea1ab3b911 help for mass testing option in #153 2015-08-02 00:26:34 +02:00
Dirk
325abcfc06 - first shot for szepeviktor's color function maker #27 2015-08-02 00:03:30 +02:00
Dirk
9006234c34 - NEW: mass testing via --file 
- FIX: ipv6 address in rDNS was ..umm err ....missing some chars
- rough ipv6 address detection (fixes single colon in "further ip addresses")
- FIX: facebook has EC certificate but signing algo is not EC
- FIX for wrong openssl location in banner
 2015-08-01 23:11:27 +02:00
Peter Mosmans
c04497f2f6 Another fix for #140 
Suppress awk warnings
Don't try to retrieve header information from openssl stderr output
 2015-07-27 12:16:03 +02:00
Dirk
f45f91a07e - quiet mode for mass testing (see #148) w/o banner 
- -q is now --devel
 2015-07-25 14:33:08 +02:00
Dirk
d4f7dd0f91 * squash dirname err msg on FreeBSD 
* numerous DNS related internal improvements
* FIX #137
* FIX #147
 2015-07-23 17:11:33 +02:00
Dirk
013a24caea * - improved DNS parser again, see #141 #140 
* at least exit with -250 or worse if a problem occurs (rest still undefined, needs to be fixed, see #145/#100)
* renamed all top level tests in "run_" for better code
 2015-07-22 13:11:20 +02:00
Dirk
c66a2c8f2e FIX #144: reverse screw up of hpkp function for BSD/Darwin 2015-07-21 20:35:49 +02:00
Dirk
784294b52d awk fixes for MSYS2 FIX #141, #FIX 140 2015-07-21 14:20:15 +02:00
Jonathon Rossi
298a91d743 Fix bash 3 support 
Mac OS X ships with bash 3, not 4. The case statement fallthrough and
continue operators were added in bash 4.
 2015-07-21 15:11:20 +10:00
Dirk Wetter
f81b3a5c25 * GOST ciphers sometimes missing during scan 
* help was not precise wrt some arg w no params
 2015-07-20 14:05:35 +02:00
Dirk Wetter
66f0b22adb word match for -V / -x now only for non-numbers: testssh.sh -x cc google.com tests for chaha ciphers 
(before only word matching was done e.g.: testssl.sh -x ECDH chase.com
 2015-07-17 15:58:07 +02:00
Dirk Wetter
d9b9d2c2fb * path display error in banner fixed 2015-07-17 14:58:12 +02:00
Dirk Wetter
cda5eff12e * STARTTLS_SLEEP 
* resolved misleading output STARTTLS + socket
* fixed poodle ciphers in code (but not used yet)
 2015-07-17 14:33:23 +02:00
Dirk Wetter
f04ee57e79 * display shortend path to $OPENSSL in banner 2015-07-17 13:25:39 +02:00
Harald Wagener
4df61eed14 Update testssl.sh 
Fix typo.
 2015-07-17 11:05:07 +02:00
Dirk Wetter
54290b220a - Provide Darwin binaries and paths thereto 
- provide also other static bins in $PWD/bin
 2015-07-16 23:01:10 +02:00