Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-10-31 13:55:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
4,823 Commits 17 Branches 35 Tags
e2accb6442f331829f45472fbedf0f4e420951f2
Commit Graph

4823 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
John Poulin
b84dd06b36 broken markdown 2025-01-28 13:46:12 -05:00
Dirk Wetter
8339a730f5 Merge pull request #2638 from testssl/dependabot/github_actions/docker/build-push-action-6.13.0 
Bump docker/build-push-action from 6.12.0 to 6.13.0
 2025-01-27 21:15:22 +01:00
Dirk Wetter
e068c52e28 Merge pull request #2639 from testssl/fix_ci_runs 
Fix ci runs
 2025-01-27 20:54:29 +01:00
Dirk Wetter
e41b488172 Merge branch 'fix_ci_runs' into dependabot/github_actions/docker/build-push-action-6.13.0 2025-01-27 20:36:49 +01:00
Dirk Wetter
d93549e327 fix match expr 2025-01-27 20:08:11 +01:00
Dirk Wetter
cdf5cf7b97 remove + @ beginning of line 2025-01-27 17:20:39 +01:00
Dirk Wetter
e17bbfd8c6 Merge branch 'fix_ci_runs' into dependabot/github_actions/docker/build-push-action-6.13.0 2025-01-27 16:42:15 +01:00
Dirk Wetter
ef13122f4f fix typo 2025-01-27 16:39:02 +01:00
Dirk Wetter
b984ae5ea2 minor stuff 2025-01-27 16:37:04 +01:00
Dirk Wetter
8e39d161a8 cleaner code 2025-01-27 16:36:42 +01:00
Dirk Wetter
0640eb9004 Several CI fixes 
- don't output stdin on terminal
- adapt to different google.com ip addresses
- cleaner code
 2025-01-27 16:33:58 +01:00
dependabot[bot]
d06d50280d Bump docker/build-push-action from 6.12.0 to 6.13.0 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.12.0 to 6.13.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v6.12.0...v6.13.0)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-01-27 00:27:50 +00:00
Dirk Wetter
04c98d93ab Merge pull request #2628 from testssl/diffing_openssls 
Add unittest for different openssl versions
 2025-01-24 21:38:26 +01:00
Dirk
ce8984706e Finalize unit test 
* pattern search + replace for tls_sockets() vs. openssl
* better error handling for invocations with perl functions system + die
 2025-01-24 20:36:59 +01:00
Dirk
cbaa813a40 Merge branch '3.2' into diffing_openssls 2025-01-24 19:47:40 +01:00
Dirk Wetter
d115b2ebbf Merge pull request #2635 from testssl/fix_2633 
Fix bug when legacy NPN is tested against a TLS 1.3 host
 2025-01-24 19:44:49 +01:00
Dirk
d9b293f6c7 fix typo 2025-01-24 18:51:11 +01:00
Dirk
43a0099fbc Fix bug when legacy NPN is tested against a TLS 1.3 host 
When testing a TLS 1.3 host s_client_options used TLS 1.3 ciphers to test
for NPN. As that is not implemented we nee dto make sure any other version
is used.

This PR ensures that --after testing whether it's a TLS 1.3-only host
where this test doesn't make any sense in the first place.

Fix for #2633
 2025-01-24 18:46:07 +01:00
Dirk Wetter
5c1232b9dc Merge pull request #2566 from testssl/bump_version 
Bump version to 3.2rc4
v3.2rc4 		2025-01-24 15:47:11 +01:00
Dirk
76cdf3166a fix typo 2025-01-24 14:53:52 +01:00
Dirk
bf75a91bc7 Merge branch '3.2' into bump_version 2025-01-24 14:41:21 +01:00
Dirk Wetter
5eeab6484f Merge pull request #2632 from testssl/Tazmaniac-client-renego-refactoring 
Tazmaniac client renego refactoring
 2025-01-24 14:24:43 +01:00
Dirk
002b91192c fix spelling 2025-01-24 13:50:35 +01:00
Dirk
49db77e63a Conflicts resolved 2025-01-24 13:44:19 +01:00
Dirk Wetter
163d744c13 Add recent and bigger changes 
From today back to 1f37a8406f
 2025-01-24 11:32:41 +01:00
Dirk Wetter
0042b6313e s/drwetter/testssl 
For the remaining occurences. Except dockerhub which needs to be solved.
 2025-01-24 11:15:55 +01:00
Dirk Wetter
69d6a50696 Merge branch '3.2' into bump_version 2025-01-24 11:05:00 +01:00
Dirk Wetter
0539688c06 Merge pull request #2631 from testssl/corydalis10-3.2 
Improve CONTRIBUTING.md
 2025-01-23 17:42:29 +01:00
Dirk
b185b1bea9 Fix typo 2025-01-23 17:41:36 +01:00
Dirk
90f1e59e9f Merge #2618 and doing some overdue amendments 2025-01-23 17:37:32 +01:00
Dirk
8f054c6f12 Merge branch '3.2' of https://github.com/corydalis10/testssl.sh into corydalis10-3.2 2025-01-23 16:49:12 +01:00
Dirk Wetter
9e9334f3c8 Merge pull request #2619 from testssl/co_header 
Add more security headers
 2025-01-23 11:47:34 +01:00
Dirk Wetter
4efe324ef7 Fix round bracket and remove obsolete comment 2025-01-23 10:45:15 +01:00
Hyeonho Kang
fb3921cd1b Edit CONTRIBUTING.md 2025-01-23 13:10:12 +09:00
Dirk Wetter
7d919d494c Merge pull request #2629 from testssl/misc 
Remove --nsa in help() and add --forward-secrecy instead
 2025-01-22 23:37:28 +01:00
Dirk
d7da22d598 Finalize check 
* use system with @args so that we can query the return value
* code style improved for readability
* diff shows the filtered difference
* ok instead of cmp_ok to show not the whole content of vars
 2025-01-22 23:33:35 +01:00
Dirk
4df0d9e4c3 Re-added the ) to make the action word (why??) 2025-01-22 23:32:39 +01:00
Dirk
207b902109 Merge branch '3.2' into co_header 2025-01-22 22:50:00 +01:00
Dirk
ad912ea332 Fix typo + tags 2025-01-22 20:05:19 +01:00
Dirk
12036fb6c8 Update baseline scan + add/deprecate security headers 2025-01-22 19:54:34 +01:00
Dirk
a1c2dc7c72 Remove --nsa in help() and add --forward-secrecy instead 
Both are possible to use
 2025-01-22 19:19:16 +01:00
Dirk
ba58458909 Restrict tests to those which use openssl 2025-01-22 18:37:48 +01:00
Dirk
37d987684e remove comment sign from testing 2025-01-22 18:25:54 +01:00
Dirk
a499233df2 Add unittest for diffrent openssl versions 
This adds a unit test to compare a run against google with the supplied openssl
version vs /usr/bin/openssl .

This would fix #2626.

It looks like there are still points to clarify
* NPN output is different (bug)
* Newer openssl version claims it's ECDH 253 instead of ECDH 256.
* Newer openssl version claims for 130x cipher it's ECDH 253, via sockets it´s ECDH/MLKEM. This seems a bug (@dcooper)

A todo is also restricing the unit test to the one where openssl is being used. E.g. the ROBOT check and more aren't done with openssl. So there's no value checking this here.
 2025-01-22 18:12:53 +01:00
Dirk Wetter
17f2a5d5b9 Merge pull request #2622 from dcooper16/draft-kwiatkowski-tls-ecdhe-mlkem 
Support draft-kwiatkowski-tls-ecdhe-mlkem
 2025-01-22 11:03:11 +01:00
Dirk Wetter
023fd0278a Merge pull request #2625 from dcooper16/fix_x5519_and_x448_check 
Fix checks for whether X25519 and X448 are supported
 2025-01-22 11:01:25 +01:00
David Cooper
a85073bf0d Fix checks for whether X25519 and X448 are supported 
In some cases OpenSSL returns an "unsupported" message rather than a "not found" message if X25519 and X448 are not supported. This commit changes the check for whether X5519 and X448 are supported for checking for either response.
 2025-01-21 09:10:33 -08:00
David Cooper
11d7979f41 Support draft-kwiatkowski-tls-ecdhe-mlkem and draft-tls-westerbaan-xyber768d00 
This commit adds support for the three code points in draft-kwiatkowski-tls-ecdhe-mlkem and the code point 0x6399 from draft-tls-westerbaan-xyber768d00. The group 0x6399 uses a pre-standard version of Kyber and is considered obsolete.
 2025-01-21 09:00:21 -08:00
Riccardo Germenia
355b9d2dcc add fix to sockets and move test after original one 2025-01-20 17:27:31 +01:00
Dirk Wetter
0c71658457 Merge pull request #2621 from dcooper16/fix2614 
Fix #2614
 2025-01-17 16:47:27 +01:00