Commit Graph

2601 Commits

Author SHA1 Message Date
Dirk 84a4fafe1e fixed merge conflicts 2017-03-18 12:54:01 +01:00
AlGreed 3437f36f48 Merge branch 'drwetter/2.9dev' into 2.9dev 2017-03-18 09:41:50 +01:00
Dirk Wetter 71f446b170 Merge pull request #662 from dcooper16/normalize_ciphercode_html
Speedup normalize_ciphercode()
2017-03-17 21:20:12 +01:00
Dirk Wetter 1c9670857b Merge pull request #661 from dcooper16/normalize_ciphercode
Speedup normalize_ciphercode()
2017-03-17 21:19:23 +01:00
Dirk Wetter c148a93361 Merge pull request #656 from dcooper16/show_finding
Add spaces in show_finding()
2017-03-17 17:39:34 +01:00
David Cooper c791e5cc0e Speedup normalize_ciphercode()
This PR is the same as #661, except that it applies to the 2.9dev_html branch. It also fixes a bug in `prettyprint_local()` when a pattern to match is provided as input.
2017-03-15 10:32:29 -04:00
David Cooper 875cd43087 Speedup normalize_ciphercode()
While doing some performance testing I discovered that `normalize_ciphercode()` is very slow. This PR simplifies the function and speeds it up significantly. This PR also addresses the TODO item in `normalize_ciphercode()` by eliminating the global variable HEXC.
2017-03-15 10:22:04 -04:00
AlGreed 3122b3b7b3 Removed mistakenly commited code. 2017-03-09 19:10:51 +01:00
AlGreed 6b8de02072 Fixed broken JSON-PRETTY format. Added test to check severity levels 2017-03-09 18:55:04 +01:00
AlGreed 6201348827 Merge branch 'drwetter/2.9dev' into 2.9dev 2017-03-07 11:18:13 +01:00
David Cooper f02948e24a Add spaces in show_finding()
When I view testssl.sh in KDE's text editor (kate), the code after "INFO" line in `show_finding()` isn't highlighted correctly, and the highlighting doesn't correct again until `pr_liteblueln()`. This PR fixes the highlighting issue by adding spaces between "]]" and ")". To be "safe," I also added spaces between "(" and "[[", and similarly added spaces in `is_json_format()`.
2017-03-06 14:37:52 -05:00
Dirk Wetter 939b6f0cb9 Merge pull request #652 from dcooper16/html_headers_and_footers
Fix HTML headers and footers
2017-03-02 09:38:35 +01:00
David Cooper a3794d1f74 Merge branch '2.9dev_html' into html_headers_and_footers 2017-03-01 08:47:25 -05:00
Dirk Wetter 20f29fd780 Merge pull request #651 from dcooper16/html_reserved
Handle HTML reserved characters in headers
2017-03-01 09:40:42 +01:00
David Cooper 3c22511806 Fix HTML headers and footers
This PR ensures that each HTML file produced by testssl.sh only includes a single header, at the top, and a single footer, at the end. It also tries to ensure that the short-version banner is only placed at the top of the HTML file if (1) mass testing is being performed and (2) the results of each test is being placed in a separate file.

It also moves some of the logic out of main and into `html_header()`.
2017-02-28 13:31:06 -05:00
David Cooper 68cf590366 Merge branch '2.9dev_html' of https://github.com/drwetter/testssl.sh into 2.9dev_html 2017-02-28 12:47:45 -05:00
Dirk ca6cb0bf81 updated from #632 from dcooper16/negotiated_cipher 2017-02-28 18:33:17 +01:00
Dirk Wetter 27aa25711d Merge pull request #632 from dcooper16/negotiated_cipher
Negotiated cipher per proto bugfix
2017-02-28 15:42:28 +01:00
David Cooper b793e5f83d Merge branch '2.9dev_html' into html_reserved 2017-02-27 13:27:16 -05:00
David Cooper 3e42b2fde9 Merge branch '2.9dev' into negotiated_cipher 2017-02-27 13:26:15 -05:00
Dirk 79a8a02328 adding spring boot header detection 2017-02-27 19:16:29 +01:00
Dirk ac193a8ef0 adding spring boot header detection 2017-02-27 19:12:59 +01:00
David Cooper 0ada7b100c Handle HTML reserved characters in headers
So far I haven't seen any HTML reserved characters (&, <, >, ", ') in the strings processed by `emphasize_stuff_in_headers()`, so this PR may be unnecessary. However, this PR will ensure that any such characters will be properly escaped in the HTML output.
2017-02-27 11:49:51 -05:00
Dirk Wetter 84d142a6cf Merge pull request #650 from dcooper16/emphasize_stuff_in_headers
Redo emphasize_stuff_in_headers()
2017-02-27 17:33:46 +01:00
David Cooper f53afdc149 Redo emphasize_stuff_in_headers()
This PR re-implements `emphasize_stuff_in_headers()` in the HTML branch to more closely match the version in 2.9dev.
2017-02-27 11:17:19 -05:00
Dirk Wetter 854e55e15b Merge pull request #649 from dcooper16/PR_646
Merge PR #646 into 2.9dev_html
2017-02-27 16:38:59 +01:00
David Cooper 915cadd20d Merge PR #646 into 2.9dev_html
This PR just brings 2.9dev_html up to date with 2.9dev.
2017-02-27 10:34:04 -05:00
David Cooper e3c94d2a92 Merge branch '2.9dev' into negotiated_cipher
Conflicts:
	testssl.sh
2017-02-27 09:06:17 -05:00
Dirk 2232929bc5 Polish #646
"=~" doesn't need quotes if there's a text string one wants to match against (and shellcheck complains
about this)

pr_magenta shouldn't be used anymore as the logic what color we use should be done
some place else.
2017-02-27 13:43:23 +01:00
Dirk Wetter f7c3139545 Merge pull request #646 from dcooper16/rfc-only
Add option to print only the RFC cipher names
2017-02-27 13:30:11 +01:00
Dirk 4727a69a62 fixed segfaults 2017-02-25 17:15:18 +01:00
Dirk 8d66786e42 Just saving my workJust saving my work ...
This branch is for getting the HTML patch from @dcooper16 into 2.9dev

Change to David's PR:
* removed HTMLHEADER. We always want that (in fact for flat JSON this is missing and needs to be added)
* not sure what this change does to --file
* changing of names  They were redundant sometimes (pr_*_term )
* some formatting for readbility

Open points:
* there's a loop and a segfault --> tm_done_best
* HTMLHEADER: --file
* the former sed statement aroung L1900 for the header was way more readable. The combined
  html+terminal version is just too much. Maybe a switch whether HTML is requested
  is better so that this can be separated.
  * Then e.g. "<span style=\"color:olive;font-weight:bold" can be kept in a variable
  * any reason we need the text length here?
* what went into main here is too much. Actuallly what I put already in there bothered
  me as too much logic and not obvious dependencies are in here. Now it's worse :-)
  Can't this be just similar to JSON or CSV -- a seperate function with hooks
  not in main()?
* minor thing: TERM_WIDTH is for HTML is maybe not the best. But that can be
  tackled later
2017-02-25 16:31:30 +01:00
Dirk b10942a92e Merge branch 'generate_html' of https://github.com/dcooper16/testssl.sh into dcooper16-generate_html 2017-02-25 12:21:33 +01:00
Dirk Wetter 1072e41b0b Merge pull request #647 from gniltaws/2.9dev
Add missing herestring redirect (<<<) in find_openssl_binary function
2017-02-24 23:06:20 +01:00
Todd Swatling 12c3de7039 added missing herestring redirect (<<<) in find_openssl_binary function 2017-02-24 15:59:34 -05:00
Todd Swatling 783b909804 removed trailing spaces 2017-02-24 15:56:26 -05:00
Dirk Wetter ca18433959 Update README.md 2017-02-24 17:55:20 +01:00
Dirk Wetter 3f0a98b635 Generated from utils/update_client_sim_data.pl and manually massaged ;-)
Note that the internal data from testssl.sh will disappear
2017-02-24 17:45:23 +01:00
David Cooper 1de12e4b01 Merge branch '2.9dev' into rfc-only 2017-02-24 11:07:28 -05:00
David Cooper 51fb93908b Merge branch '2.9dev' into generate_html
Conflicts:
	testssl.sh
2017-02-24 11:07:00 -05:00
David Cooper bd1f02d83f Merge branch '2.9dev' into negotiated_cipher 2017-02-24 10:57:14 -05:00
Dirk Wetter e7e9a3ed66 addressing #645 before #554 has been addressed 2017-02-24 16:26:22 +01:00
Dirk Wetter 4361bb7cce housekeeping/ cleanup 2017-02-24 16:22:59 +01:00
David Cooper 8a9d3fbd6a Merge branch '2.9dev' into rfc-only 2017-02-23 11:32:16 -05:00
David Cooper 59330a93e5 Merge branch '2.9dev' into generate_html 2017-02-23 11:31:35 -05:00
David Cooper 4c7e89f01c Merge branch '2.9dev' into negotiated_cipher 2017-02-23 11:30:52 -05:00
Dirk b4f59e91be FIX #621 2017-02-23 17:19:52 +01:00
David Cooper 6a1c519acd Add option to print only the RFC cipher names
This PR attempts to address #631. It allows four choices for the `--mapping` option. "openssl" (default), "rfc", "no-openssl", and "no-rfc".

* "openssl" is the current default

* "no-rfc" shows only the OpenSSL names (just as it currently does)

* "rfc" shows the RFC name rather than the OpenSSL name for things that are not in wide now (just as it currently does). But now, in wide mode, it shows the RFC name first (further to the left) and the OpenSSL name second.

* "rfc-only" shows only the RFC name.

If the `--mapping` option is not provided, this is the same as "openssl". If the "cipher-mapping.txt" file cannot be found, then testssl.sh runs as if "no-rfc" had been requested.
2017-02-23 09:31:41 -05:00
David Cooper 5ffd01ed9a Merge branch '2.9dev' into generate_html
Conflicts:
	testssl.sh
2017-02-21 16:59:33 -05:00
David Cooper 7f70df32c9 Merge branch '2.9dev' into negotiated_cipher 2017-02-21 16:57:17 -05:00