Commit Graph

138 Commits

Author SHA1 Message Date
Dirk
191c69fbdd Minor probe for STARTTLS xmpp-server
... don't know whether this gets through -- depends on the
version openssl used (1.0.2 doesn't have that)
2020-05-01 18:39:36 +02:00
Dirk Wetter
8c466bf2ee Rename PFS/perfect forward secrecy to FS/forward secrecy
In all instances:

* command line (will break things)
* JSON IDs (will break things)
* in the documentation
* in the travis checks where used
* everywhere in the code: variables, functions, comments
2020-04-14 15:53:05 +02:00
Dirk Wetter
3cdb16a969 Prepare baseline_ipv4_http as a good example ...
... as indicated in CONTRIBUTING.md / Coding_Convention.md
2020-01-24 17:42:17 +01:00
Dirk
5083e950d2 Move debugging remainders detection to t/00_testssl_help.t 2020-01-22 21:04:23 +01:00
Dirk
d4d5a61a0b Hopefully make Travis shut up now
picked a TLS 1.2 host
2020-01-22 11:30:21 +01:00
Dirk
39abb27dd9 cloudflare seems not good for html travis checks 2020-01-22 00:28:59 +01:00
Dirk
80530aa34c remove fast as it makes problems especially with Travis+testssl.net 2020-01-21 23:53:52 +01:00
Dirk
26a8f23ec1 Shutup Travis
... by adding the formerly intruoced "DEBUG" statement as a filter.
Note: "DEBUG" can now / should now be taken preferably for extra
output on debug level 1.

Replacing badssl.com by testssl.net. The former needed almost 5 min
for a run, whereas one IP of testssl.net needs ~80 secs. With --fast
even less.
2020-01-21 22:41:50 +01:00
Dirk
f109d3bbd6 add unlink / start with a clean state
... good when running "prove -v" locally and previously
the run was interrrupted by e.g. ^C
2020-01-18 21:47:44 +01:00
Dirk
cb6677e2d3 removed comment 2020-01-18 21:45:32 +01:00
Dirk
bec9ebdda8 only one ip 2020-01-18 21:44:24 +01:00
Dirk
2563dfb5e5 add set -x 2020-01-18 21:36:19 +01:00
Dirk Wetter
8d864aba2e Output adjustments closer to a more common format 2020-01-14 18:44:11 +01:00
Dirk Wetter
58498583c9 Modified LFs 2020-01-13 23:50:14 +01:00
Dirk Wetter
89275f7ea9 Redefine numbering scheme 2020-01-13 23:00:10 +01:00
Dirk Wetter
91f8f33a6c add new basic checks, rename ca_hashes_up_to_date 2020-01-13 17:36:40 +01:00
Dirk Wetter
a7b0a04480 remove redundant lines 2020-01-13 16:26:05 +01:00
Dirk Wetter
69acd00731 Add file to check whether ~/etc/client-simulation.txt is parsable 2020-01-13 15:52:17 +01:00
Dirk
7ff4ebfc0c fix travis 2020-01-04 16:52:38 +01:00
Dirk Wetter
c643860701 Modernize 08_isHTML_valid.t
and make it similar to 07_isJSON_valid.t or 20_baseline_ipv4_http.t
in terms of output and readability
2019-11-16 12:41:44 +01:00
Dirk
ba009565a8 swap ldap server as previous one wasn't reachable anymore 2019-09-25 09:36:16 +02:00
Dirk Wetter
520fda64f0 remove -p from json unit test 2019-08-12 12:38:47 +02:00
Dirk Wetter
874932774e Fixes for travis
Travis updated the container images so that the perl
reference to 5.18 was outdated. We use now 5.26 which
works, however we should consider to be more flexible.

JSON::Validator didn't compile in the container. Thus
we switched to just use 'JSON'. That also supports JSON
pretty. For the future we should just test for valid JSON
in all unit test files as it is more effective.
2019-08-12 12:25:54 +02:00
Dirk Wetter
33ece6858d In line with the new scheme now 2019-05-06 14:07:08 +02:00
Dirk Wetter
51e8373efb Update to newest template
* die statement if testssl.sh cannot be found from the current path
* comment everything out for JSON
* don't repeat the pattern, use a variable
* use "speaking" variable names
2019-05-06 11:20:28 +02:00
Dirk Wetter
802d0defe7 Better phrased and provide examples 2019-05-06 11:13:37 +02:00
Dirk Wetter
62bd23a632
add headline+note 2019-05-05 13:54:56 +02:00
Dirk Wetter
3785e9d622
Proper formatting 2019-05-05 13:45:23 +02:00
Dirk Wetter
c3ff9e85f9 Rename file according to new scheme
... Readme.md
2019-05-05 13:44:02 +02:00
Dirk Wetter
666e897623 renamed 2019-05-05 13:42:48 +02:00
Dirk Wetter
b63c389b54 Renamed 2019-05-05 12:58:49 +02:00
Dirk Wetter
b9aee02978 Split IPv6 + IPv4
... and disable IPv6 test as it is NOT supported by Travis CI,
see https://docs.travis-ci.com/user/reference/overview/#virtualisation-environment-vs-operating-system

The *.disabled file should provide a start if it'll be available
at some time or one can manage this in travis with a docker container,
see https://github.com/travis-ci/travis-ci/issues/8891
2019-05-05 12:53:07 +02:00
Dirk Wetter
50a83235fe Renamed + testssl.net (IPv6) 2019-05-05 12:08:13 +02:00
Dirk Wetter
df88577ec4 Add basline test for IPv4 and IPv6
... client simulations come later. One pattern for
failed output added
2019-05-04 13:51:20 +02:00
Dirk Wetter
dc64753085 Add error catcher also for --ssl-native + FTP 2019-05-03 20:46:06 +02:00
Dirk Wetter
de45440279 better use the right protocol when checking ldap 2019-05-03 20:26:59 +02:00
Dirk Wetter
9257654522 fix wrong variable 2019-05-03 20:11:42 +02:00
Dirk Wetter
b60dbc0fa6 Code + Fix
- Removed doubled declaration (my)
- hopefully fix error in FTPs (should maybe think about changing
  the line in testssl.sh or filter here always)
2019-05-03 20:08:31 +02:00
Dirk Wetter
72136437bb Proper file naming 2019-05-03 19:32:59 +02:00
Dirk Wetter
1825a8ca33 Fix output for POP (STARTTLS unit test) 2019-05-03 19:32:25 +02:00
Dirk Wetter
2996d24176 Add several unit tests for STARTTLS protocols
- SMTP via sockets+OpenSSL
- POP3 via sockets+OpenSSL
- IMAP via sockets+OpenSSL
- XMPP via sockets+OpenSSL
- FTP via sockets+OpenSSL
- LDAP via OpenSSL
- NNTPS via sockets+OpenSSL

Open: IRC, LTMP, mysql, postgres

This PR fixes #923. Partly it addresses #1254
2019-05-03 19:27:31 +02:00
Dirk Wetter
bdbc194491 Beautify and simplify the code 2019-05-03 16:38:44 +02:00
Dirk Wetter
c38a1e6896 Major imporvement to unit test for client simulations
- we don't check the head line only but errors
- don't use "pass" if you didn't run a test
- add simulation for http too
2019-05-03 16:24:57 +02:00
Dirk Wetter
edcd9d7bd0 clarify failed test, add new test 2019-04-17 09:04:39 +02:00
Dirk Wetter
1d558228b7 PoC added
Current catch: "JSON::Validator" cannot swallow "--json-pretty". Other
validators tried had issues too.

Improvements welcome!

See #1227
2019-04-15 10:34:03 +02:00
Dirk Wetter
a73fda7cf9 Fix travis
.. see previous commit
2019-04-09 12:47:12 +02:00
Dirk
b46fdccbd1 Fix travis
.. for HTML check after introducing "Pre-tests"

In ~/t/32_http.t a statement failied because the debug output has deliberately a line
"Pre-test: No 128 cipher limit bug."

This and ONE additional LF are now being filtered before comparing.

Unclear why the other additional line introduced
makes no problems.
2019-03-30 11:27:22 +01:00
Dirk
6e5f7c15af Make Travis CI shut up.
A soon-to-be-expired cert can be also HIGH, thus a test
for critical is appropriate.
2018-07-11 17:14:29 +02:00
Dirk
d23241b8cd Fix to-be-expired-soon certificate
The certificate from self-signed.badssl.com was about to expire
which raises a MEDIUM type issue in testssl.

This commit does a workaround for this, so that those certificates
will be ok in Travis CI.

(Same problem exists in 2.9.5)
2018-06-13 14:30:35 +02:00
Dirk
7585ab60e5 fix Travis CI 2018-01-31 21:44:33 +01:00
Dirk
8327171935 simplify few cert checks messages + hopefullt make Travis work again 2018-01-23 11:46:24 +01:00
Dirk
5890677d85 chmodded 2017-06-01 11:14:52 +02:00
Dirk
de5b2aa042 readded basic check from seccubus whether check via starttls works 2017-06-01 11:14:04 +02:00
Dirk Wetter
55b89ee131 Rename 02_http.t to 32_http.t 2017-05-30 22:15:13 +02:00
Dirk Wetter
4afedb45b1 Rename 01_badssl.com.t to 31_badssl.com.t 2017-05-30 22:14:19 +02:00
Dirk Wetter
c9b6ee25b1 Delete 11_hpkp.t 2017-05-04 10:29:06 +02:00
Dirk
7d8479f55e temporary disabled until either an replacement has been coded or host is up again 2017-05-04 10:14:42 +02:00
David Cooper
6d1aec736e Add Travis test for HTML output
It seems that I needed to escape the plus sign in the check for the HTTP clock skew.
2017-04-19 09:19:24 -04:00
Dirk Wetter
9164230186 Revert "Add Travis test for HTML output" 2017-04-19 00:53:38 +02:00
Dirk Wetter
5285c26759 Merge pull request #712 from dcooper16/travis_check_for_html
Add Travis test for HTML output
2017-04-19 00:38:27 +02:00
Dirk
9ff868b083 fix travis 2017-04-19 00:35:55 +02:00
David Cooper
c76f6019e3 Fix typo
Missing "/" in second call to testssl.sh
2017-04-14 16:31:46 -04:00
David Cooper
6d55b2e6f3 Include banner in check
* Changed calls to testssl.sh to not include `--quiet` or `--append` flags. Modified perl script to remove HTML header and footer before comparing to terminal output.

* Changed `TERM_WIDTH` to 120 (doesn't affect test, but 80 created too much line wrapping).

* Replace date and time information with X's rather than removing entirely. This should not affect the comparison, but will make the output created displayed in an error message look closer to the actual output of testssl.sh
2017-04-14 16:25:49 -04:00
David Cooper
1249157afd Handle differing HTTP clock skew
Occasionally the HTTP clock skew will differ between the two runs of testssl.sh, so remove that text from the strings that are compared.
2017-04-14 11:39:28 -04:00
David Cooper
d82f809c6d Add Travis test for HTML output
I've never programmed in perl before, but this script seems to work. It includes two checks:

* I runs testssl.sh without the `--debug` flags and checks that the HTML file is the same as what is sent to the terminal.

* It runs testssl.sh with `--debug 4` and checks that the HTML file created is the same as the one created without the `--debug` flag.
2017-04-14 11:24:26 -04:00
David Cooper
603f03e79a Remove tmp.json files after use
Remove tmp.json files after use so that testssl.sh doesn't complain that they already exist.
2017-03-29 11:43:03 -04:00
David Cooper
1723374511 Remove tmp.file files after use
Remove tmp.json files are use so that testssl.sh doesn't complain that they already exist.
2017-03-29 11:42:09 -04:00
David Cooper
e7c0ca13f6 Remove tmp.json files after use
Remove tmp.json files are use so that testssl.sh doesn't complain that they already exist.
2017-03-29 11:41:23 -04:00
AlGreed
6b8de02072 Fixed broken JSON-PRETTY format. Added test to check severity levels 2017-03-09 18:55:04 +01:00
AlGreed
175ead6d2a Merge remote-tracking branch 'drwetter/2.9dev' into 2.9dev 2016-11-04 02:54:56 +01:00
AlGreed
694e4c7b6e pretty json format + severity levels filter 2016-10-28 15:30:07 +02:00
Dirk
1613bb214e Merge branch 'master' into CA_pinning
Conflicts:
	testssl.sh
2016-10-27 21:59:10 +02:00
Dirk
1c5eb17729 (saving work): major cleanups for output readability and code 2016-10-06 18:53:25 +02:00
Dirk
5115055895 update 2016-09-29 21:44:54 +02:00
Dirk
15f9315cd0 fix last build 2016-09-29 21:27:24 +02:00
Dirk
68697b822e fixing last run, hopfully 2016-09-29 21:19:09 +02:00
Dirk
424cf233d1 FIX #431 2016-08-09 10:35:58 +02:00
Dirk
b0923a1833 - workaround for failed CI test 2016-07-26 22:00:53 +02:00
Frank Breedijk
9133eddb9a Working unit tests again 2016-07-25 10:57:10 +02:00
Frank Breedijk
5d7367a68d Shell script to generate ca_hashes.txt (OSX only) 2016-07-25 09:47:24 +02:00
Frank Breedijk
fccc5fe4fb Merge branch 'CA_pinning' of https://github.com/drwetter/testssl.sh into CA_pinning 2016-07-25 09:38:30 +02:00
David Cooper
59002c1088 Update JSON id for chain-of-trust 2016-07-22 11:57:16 -04:00
Frank Breedijk
845e6c13a3 And we have unit tests too (and found some bugs in the process) 2016-07-05 23:55:19 +02:00
Frank Breedijk
ec9276c17d Serach and replace failure, fixed now 2016-06-29 00:38:51 +02:00
Frank Breedijk
23ef87c134 Making tests work correctly 2016-06-29 00:35:52 +02:00
Frank Breedijk
ac7dd4da79 CBC isn't done yet. Unit tests count themselves now 2016-06-29 00:24:57 +02:00
Frank Breedijk
6801279471 Additional tests 2016-06-28 23:59:36 +02:00
Frank Breedijk
a25a66ff49 Lets add some unit tests to testssl.sh - Using abdsll.com work 2016-06-27 16:49:54 +02:00