Commit Graph

1577 Commits

Author SHA1 Message Date
Dirk adbb1932eb simplified cipher and protocol retrieval in 'Testing server preferences' 2016-06-09 15:56:53 +02:00
David Cooper c656015312 Merge branch 'master' into version_negotiation
Conflicts:
	testssl.sh
2016-06-09 09:34:37 -04:00
David Cooper d2bded1114 Merge branch 'master' into run_allciphers(),run_cipher_per_proto(),-and-SSLv2 2016-06-09 09:33:05 -04:00
David Cooper aa9eeaf6af Merge branch 'master' into more_sslv2_sslv3_fixes
Conflicts:
	testssl.sh
2016-06-09 09:31:46 -04:00
David Cooper a46b6791db Merge branch 'master' into fix_issue_276 2016-06-09 09:29:40 -04:00
Dirk d561687554 initial commit 2016-06-09 15:06:42 +02:00
Dirk 6b07b89946 - added values to curve448 + 25519 2016-06-09 13:18:55 +02:00
Dirk 5ceace33e0 - FIX #189 with a smart check, introduced global var SERVER_SIZE_LIMIT_BUG
- introduced "has_server_protocol()" which can be used to check b4 connecting if protocol is a/v
2016-06-09 11:04:40 +02:00
Dirk 94d5a8df80 hint for new (etxernal) binaries 2016-06-09 00:06:11 +02:00
David Cooper eb9e2d85a0 Merge branch 'master' into version_negotiation 2016-06-08 13:47:35 -04:00
David Cooper ce9b277b2c Merge branch 'master' into run_allciphers(),run_cipher_per_proto(),-and-SSLv2 2016-06-08 13:47:01 -04:00
David Cooper b5765bfda0 Merge branch 'master' into openss2rfc_rfc2openssl 2016-06-08 13:46:18 -04:00
David Cooper 90fcb3500c Merge branch 'master' into more_sslv2_sslv3_fixes 2016-06-08 13:45:22 -04:00
David Cooper a224bb5068 Merge branch 'master' into fix_issue_276 2016-06-08 13:44:16 -04:00
David Cooper 5e3d4d127c Mask error when no $MAPPING_FILE_RFC
Redirect error output to $ERRFILE if $MAPPING_FILE_RFC is missing.
2016-06-08 12:07:23 -04:00
Dirk Wetter f754d67e74 Merge pull request #377 from dcooper16/curve25519
Adding x25519 and x448 to ClientHello
2016-06-08 17:32:28 +02:00
David Cooper 4750c3f0d5 Adding x25519 and x448 to ClientHello
This added x25519 and x448 to the list of supported elliptic curves in the ClientHello created by socksend_tls_clienthello().
2016-06-08 11:25:47 -04:00
David Cooper 5edd005df0 Merge branch 'master' into version_negotiation
Conflicts:
	testssl.sh
2016-06-08 09:52:45 -04:00
David Cooper 130aa350d2 Merge branch 'master' into run_allciphers(),run_cipher_per_proto(),-and-SSLv2 2016-06-08 09:48:18 -04:00
David Cooper 0c146ef7a1 Merge branch 'master' into openss2rfc_rfc2openssl 2016-06-08 09:47:37 -04:00
David Cooper cbb20bf661 Merge branch 'master' into more_sslv2_sslv3_fixes 2016-06-08 09:46:58 -04:00
David Cooper eaad4c7dd8 Merge branch 'master' into fix_issue_276 2016-06-08 09:46:25 -04:00
Dirk Wetter c929fba206 Merge pull request #342 from dcooper16/socksend_tls_clienthello_extensions
More extensions in socksend_tls_clienthello()
2016-06-08 10:39:17 +02:00
Dirk 022dbc687a Merge branch 'master' of github.com:drwetter/testssl.sh 2016-06-07 23:07:17 +02:00
Dirk d858edca1b - filled PROTOS_OFFERED w sense
- minor fixes for fileout
- introduced "fixme()"
2016-06-07 23:06:58 +02:00
Dirk Wetter 1d051a24e0 Merge pull request #374 from dcooper16/CREDITS
Update CREDITS.md
2016-06-07 22:40:56 +02:00
David Cooper fa866f6458 Update CREDITS.md 2016-06-07 14:23:33 -04:00
David Cooper 253ba29cde openssl2rfc and rfc2openssl
This PR provides implementations of openssl2rfc and rfc2openssl. It also uses openssl2rfc() in run_server_preference() to help determine how to display the "negotiated cipher." I believe that using the RFC names addresses the current FIXME:

FIXME BEAST: We miss some CBC ciphers here, need to work w/ a list"
2016-06-07 14:02:48 -04:00
David Cooper ec8420144d Merge branch 'master' into version_negotiation 2016-06-07 10:36:52 -04:00
David Cooper c13ae4a001 Merge branch 'master' into socksend_tls_clienthello_extensions 2016-06-07 10:35:32 -04:00
David Cooper c50f2cc796 Merge branch 'master' into run_allciphers(),run_cipher_per_proto(),-and-SSLv2 2016-06-07 10:33:21 -04:00
David Cooper 366025256b Merge branch 'master' into more_sslv2_sslv3_fixes
Conflicts:
	testssl.sh
2016-06-07 10:30:46 -04:00
David Cooper a6d59b5380 Merge branch 'master' into fix_issue_276 2016-06-07 10:24:56 -04:00
Dirk 8ed6214b6f preliminary fix for #189 (SIZELMT_W_ARND=true needed) 2016-06-07 13:02:58 +02:00
Dirk 29072315e5 output correction for IPv6 and --ip=<addr 2016-06-07 09:08:48 +02:00
Dirk 6f4ba5bda7 - corrected handling of shortened warning periods for LE certs (dual certs were wrong)
- (kind of) readded cert_key_algo in output
- smaller output fixes e.g. for GOST certificates
2016-06-06 13:42:17 +02:00
Dirk Wetter 4668b9879a Update Readme.md 2016-06-04 19:17:10 +02:00
Dirk Wetter efdcd805a9 Update Readme.md 2016-06-04 19:14:38 +02:00
Dirk Wetter 561cfa16fc - FIX #367 2016-06-02 21:31:24 +02:00
David Cooper b1e2fc7448 Merge branch 'master' into version_negotiation 2016-06-02 09:19:37 -04:00
David Cooper e8cc32af54 Merge branch 'master' into socksend_tls_clienthello_extensions 2016-06-02 09:16:45 -04:00
David Cooper f5fcff22d6 Merge branch 'master' into run_allciphers(),run_cipher_per_proto(),-and-SSLv2 2016-06-02 09:14:20 -04:00
David Cooper c593675b8e Merge branch 'master' into more_sslv2_sslv3_fixes 2016-06-02 09:09:57 -04:00
David Cooper fc6b5070af Merge branch 'master' into fix_issue_276 2016-06-02 09:08:24 -04:00
Dirk Wetter 6a9b0e01fc - polishing #366 and IPv6-related 2016-06-02 09:59:52 +02:00
Dirk Wetter 51f4c9ac9e Merge pull request #366 from typingArtist/365_fix_ipv6_handling
drwetter#365 fix ipv6 handling
2016-06-02 09:27:14 +02:00
David Cooper 6825c0b363 Allow for certificates with no subjectAltName extension
While it seems that almost all certificates include a subjectAltName extension, need to allow for the possibility that the two certificates being compared don't have subjectAltName extensions.
2016-06-01 16:20:10 -04:00
David Cooper 3bc0d6b45c Fix issue #276
Here is my proposed change to fix issue #276.
2016-06-01 15:57:40 -04:00
David Cooper a9cd3ec6ca Merge branch 'master' into version_negotiation
Conflicts:
	testssl.sh
2016-05-31 09:51:13 -04:00
typingArtist 2c69e83f5b https://github.com/drwetter/testssl.sh/issues/365 add UNBRACKETED_IPV6 quirks option
Since some OpenSSL binaries, namely Gentoo’s, don’t support bracketed
IPv6 addresses but unbracketed ones, specified as the -connect option,
the UNBRACKETED_IPV6 environment variable can be set to true for
disabling the automatic addition of brackets around IPv6 addresses on
such platforms.
2016-05-27 20:11:47 +02:00