testssl.sh

mirror of https://github.com/drwetter/testssl.sh.git synced 2025-09-06 12:02:59 +02:00

Author	SHA1	Message	Date
Dirk Wetter	d74c1bbaee	add QUIC line for testssl.sh server	2025-07-03 22:34:43 +02:00
Dirk Wetter	8a665e9dce	Fix 52_ocsp_revoked (OCSP --> CRL)	2025-07-03 16:56:28 +02:00
Dirk Wetter	c942283b34	Re-add correct version \#	2025-07-03 15:01:04 +02:00
Dirk	49dcd5b854	First try for QUIC (OpenSSL only) This is an implementation for QUIC (RFC 9000, RFC 9114). It's purely OpenSSL based for now. As some distros support newer (>= 3.2) versions this works on some distros now and will work on more as time goes by. It has been tested with MacOS and Linux. If there's an OpenSSL version in /usr/bin/ it will automagically use that version. A new short sub function named sub_quic() was introduced for handling this as run_protocols() is already "full". It appears below TLS 1.3. A check against HTTPS RR #2484 is planned but not implemented yet. PR #2484 has to be worked on and merged before. New variables were introduces (HAS_QUIC/ +HAS2_QUIC). Also there's QUIC_WAIT as we run the connect in the background and we need a wait time. HAS_UDS2 was renamed to HAS2_UDS as HAS2 should signal this is for OPENSSL2 and UDS2 doesn't make sense. To clarify: - check for a proxy and then don't do the check? - short unit test (t/31_isJSON_valid.t cjecks cloudflare but ...)	2025-07-03 14:36:55 +02:00
Dirk Wetter	6173d80ca2	Merge branch '3.2' into 3.3dev	2025-07-03 09:00:16 +02:00
Dirk Wetter	4b5409122c	Merge pull request #2820 from testssl/performance_hint Performance hint for openssl	2025-07-02 17:37:21 +02:00
Dirk Wetter	6de18d3a22	was 2x first	2025-07-02 17:36:33 +02:00
Dirk Wetter	6083938a47	Performance hint for openssl	2025-07-02 17:34:29 +02:00
Dirk Wetter	2829827cc2	Merge pull request #2817 from testssl/errormsg_2807 Improve error message for sockets fail and Alpine	2025-06-29 17:06:01 +02:00
Dirk	3792bceeda	Improve error message for sockets fail and Alpine See $2807 . Also some prln_magenta were modified (see #2816) to pr_warning.	2025-06-29 15:24:44 +02:00
Dirk Wetter	9b1a7ae1f8	Merge pull request #2814 from testssl/revert-2813-revert_2772_for_testing Revert "Revert lowercase conversion for repo"	2025-06-24 12:07:08 +02:00
Dirk	78a613dae3	Remove the scheudule part as it will not work anymore	2025-06-24 12:06:00 +02:00
Dirk Wetter	b56302518b	Revert "Revert lowercase conversion for repo"	2025-06-23 23:12:59 +02:00
Dirk Wetter	6dc26b09fe	Merge pull request #2813 from testssl/revert_2772_for_testing Revert lowercase conversion for repo	2025-06-23 21:38:32 +02:00
Dirk	d44692331b	Revert lowercase conversion for repo ... which was done in #2772 . This is done for testing as building the container doesn't work anymore, see #2810 . Action logs say it was build but it's unclear why it is still based on 3.2rc4 . Hence this test. The schedule was commented out as it would not apply either here as 3.3dev is now the default version.	2025-06-23 21:17:49 +02:00
Dirk Wetter	bed43df2df	Merge pull request #2812 from testssl/ghcr_workflow_no_unittest YAML file doesn't need the unit tests	2025-06-23 21:04:43 +02:00
Dirk Wetter	58719e4492	YAML file doesn't need the unit tests	2025-06-23 21:00:33 +02:00
Dirk Wetter	4b71d0e2ce	Merge pull request #2811 from testssl/docker_action_rename Change action docker file to 3.3dev	2025-06-23 20:54:24 +02:00
Dirk Wetter	d2eaae79cb	rename docker ghcr.io action	2025-06-23 20:52:14 +02:00
Dirk Wetter	5e571b4463	no unit test for yml file changes	2025-06-23 20:51:03 +02:00
Dirk Wetter	f1621600f4	Change file to 3.3dev	2025-06-23 20:40:54 +02:00
Dirk Wetter	da6ec2f695	Merge branch '3.2' into 3.3dev	2025-06-23 20:31:40 +02:00
Dirk Wetter	5fe854b830	Merge pull request #2809 from testssl/improve_2798 Minor improvements to #2798	2025-06-23 20:29:27 +02:00
Dirk Wetter	4d75527a4b	Merge pull request #2808 from testssl/fix_sectigo_x46.forLinux Add sectigo CA E46 and R46 for Linux.pem	2025-06-23 20:29:07 +02:00
Dirk Wetter	c9a11a9fb0	Minor improvements to #2798 see https://github.com/testssl/testssl.sh/pull/2798#issuecomment-2972834180	2025-06-23 18:43:34 +02:00
Dirk Wetter	71f0f32cf5	Merge pull request #2798 from secinto/3.2 Modify grading for incomplete chain. suggested corrections will be done after merge	2025-06-23 18:41:00 +02:00
Dirk Wetter	b4f9e51865	Add lf so that gh action doesn't complain	2025-06-23 18:21:44 +02:00
Dirk Wetter	1403503077	Add Sectigo x46 CAs from recent Debian update	2025-06-23 18:20:14 +02:00
Dirk Wetter	81471c3a22	Merge pull request #2805 from testssl/readme_3.3dev Reflect that this is 3.3dev	2025-06-15 09:48:31 +02:00
Dirk Wetter	aa7d0f4311	typo	2025-06-15 09:47:23 +02:00
Dirk Wetter	7cc605aeaf	Reflect that this is 3.3dev A branch at Docker.io needs to be created, thus that section is commented out.	2025-06-15 09:42:07 +02:00
Dirk Wetter	a209f92d4f	Merge pull request #2804 from testssl/readiness_for_new_stuff Reflect version 3.0.10 version is EOL	2025-06-15 09:28:24 +02:00
Dirk Wetter	99a05cb261	Merge pull request #2801 from HarrisonTCodes/fix-readme-deepwiki-link Fix README DeepWiki Link	2025-06-14 17:14:37 +02:00
Dirk	637fb86c83	typo	2025-06-14 17:11:30 +02:00
Dirk	c4ad4d7d42	Reflect version 3.0.10 version is EOL	2025-06-14 17:09:24 +02:00
HarrisonTCodes	246ecbf490	fix deepwiki link	2025-06-14 14:56:37 +01:00
secinto	529a373b2e	Update testssl.sh Modified grading for incomplete chain	2025-06-13 10:54:13 +02:00
Dirk Wetter	b6a951d40a	Merge pull request #2797 from testssl/bump_version Bump version v3.2.1	2025-06-13 10:24:25 +02:00
Dirk	f2aa87ba66	Bump version "just" bugfix release.	2025-06-12 17:26:06 +02:00
Dirk Wetter	949042866b	Merge pull request #2796 from testssl/plaintext_len_AKA_openssl2conf_problem Fix OPENSSL_CONF problem for OPENSSL2	2025-06-11 20:38:29 +02:00
Dirk	235a6a0f88	add another OPENSSL_CONF=''	2025-06-11 19:02:06 +02:00
Dirk	91a35026b6	Fix OPENSSL_CONF problem for OPENSSL2 In #2727 there were workarounds introduced which sped up processing decryption of ChaCha20 and and AES-GCM by using OPENSSL2 when it is supporting such functions. However when OPENSSL2 is called and OPENSSL_CONF still points to the autogenerated file which works for `~/bin/openssl.$(uname -s).$(uname -m)` the decryption `$plaintext` will be empty which later on caused a negative value, see #2780 . This fixes #2780 by prepending `OPENSSL_CONF=''` to each OPENSSL2 instance. Also it makes `chacha20()` and `gcm-decrypt()` more robust. It is now more readable now. At other places $OPENSSL2 were prepended by `OPENSSL_CONF=''` also if there weren't any obvious errors noticed. Also now all OPENSSL2 vars will appear in /tmp/testssl.XXXXXX/environment.txt when debugging. It was also noticed that the `find_socat()` function had room for improvements, it was not set in any case when `socat was in $PATH or supplied via env SOCAT.	2025-06-11 18:47:14 +02:00
Dirk Wetter	735cc668c0	Merge pull request #2792 from testssl/fix_issuerCN Fix missing issuer CN	2025-06-11 11:13:21 +02:00
Dirk Wetter	0a89d5c94f	Some cert need 5 lines to reach the CN	2025-06-11 09:06:41 +02:00
Dirk Wetter	fd6dbb22bd	Merge pull request #2790 from testssl/FixServerHeaderParser Fix parser for server header	2025-06-11 08:48:36 +02:00
Dirk Wetter	39029e9995	fix orthographic error	2025-06-10 23:13:00 +02:00
Dirk Wetter	61947405e0	Fix missing issuer CN This fixes a problem which was introduced @ `8d8f83ace5`. It caused for some hosts not to parse / display the issuer CN correctly. Also it adds some code in testssl.sh and in a unit test to detect this earlier. In general an output string FIXME will now cause a unit test to fail. This can + should be used at other places too! Fixes #2789	2025-06-10 22:54:11 +02:00
Dirk Wetter	889aedc0e4	Fix parser for server header Do word match and exclude minus sign This fixes #2787 for 3.2.	2025-06-10 21:59:40 +02:00
Dirk Wetter	fbbf68857f	Merge pull request #2785 from testssl/stderr Ensure that stderr is caught / $prg=testssl.sh	2025-05-28 20:16:32 +02:00
Dirk Wetter	ba360bae7e	remove extra quote sign	2025-05-28 10:21:10 +02:00

1 2 3 4 5 ...

5049 Commits