faefe62bea
FIX #654 (no logfile when -file is specified)
2017-03-23 16:19:23 +01:00
f8bb74519d
make MSYS2 work again ;-)
2017-03-01 18:33:47 +01:00
9c721a1613
bumping up version to 2.8pre1
...
doing some corrections with shellcheck (see #434 )
updating client simulation (see #394 , #423 ) for a quick solution for 2.8 (#393 )
FIX #407
2017-02-24 16:31:13 +01:00
9d9bfdf369
FIX #641
2017-02-21 17:46:10 +01:00
205c522178
catch border cases better (GOST ONLY, server w handshake limits)
2017-02-21 11:21:35 +01:00
2df7982890
- fix heartbleed detection which sometimes case false positives over slow connections like sattelite links, partially addressing #352
...
- made CCS I more robust, FIX #313 ,
- removed CATs ;-)
- bumped up version to rc4 (like ARCFOUR) ;-)
2017-02-21 10:40:18 +01:00
c4c5130a39
- FIX #591 (and in JSON for HSTS+HPKP too)
...
- HSTS and HPKP have now similar output
2017-01-19 21:09:25 +01:00
89e8fcace3
FIX #566
2017-01-17 14:03:09 +01:00
76b4cac292
add lf before -E
2017-01-17 12:02:05 +01:00
1f76e8fa09
FIX #587
2017-01-16 14:12:32 +01:00
1ca6c130b9
see #575
2016-12-29 00:03:36 +01:00
dacb1611c4
remark4default_cipher in fileout fixed
2016-12-28 23:57:37 +01:00
fd7cd54ca1
- unify timeout msgs on the console
2016-12-20 14:26:12 +01:00
4ff62b9fe8
regression fix #290 , see #549
2016-12-11 18:21:41 +01:00
c985f68533
see #544
2016-12-01 18:21:09 +01:00
c23e097cb8
Merge pull request #525 from tecknicaltom/fix_duplicate_id_client_sim
...
fix a duplicate test id in the client sim section
2016-11-19 20:00:46 +01:00
4510e407fe
fix a duplicate test id in the client sim section
...
The Apple ATS 9 iOS 9 client simulation test had an incorrect short name
which resulted in a duplicate ID in the JSON output
2016-11-16 10:45:13 -08:00
4057bc52ff
Merge pull request #513 from dcooper16/fix_x25519
...
Curve X25519 fixes
2016-11-09 21:19:29 +01:00
43b35b8cc2
Curve X25519 fixes
...
This PR fixes two issues related to curve X25519.
First, while OpenSSL 1.1.0 supports curve X25519, it is not included in the output of `$OPENSSL ecparam -list_curves`. I tried several versions of OpenSSL (and one version of LibreSSL), and every version output either "Error with command" or "unknown option" in response to `$OPENSSL s_client -curves $curve` if it either did not support the `-curves` option or did not support `$curve`. (When the `-curve` option was supported with `$curve`, a "connect" error was output.)
The second issue is that the "Server Temp Key" line in the output of `s_client` is different for curve X25519. For other elliptic curves, the output is
```
Server Temp Key: ECDH, P-256, 256 bits
```
For X25519 it is:
```
Server Temp Key: X25519, 253 bits
```
So, `read_dhbits_from_file()` needs to allow for `$what_dh` being "X25519" rather than "ECDH" and `run_pfs()` needs to allow for the possibility that the curve name will be the first field rather than the second.
2016-11-08 10:10:14 -05:00
4f99d9d658
update
2016-11-07 21:03:45 +01:00
65c03a99ba
update
2016-11-05 15:02:00 +01:00
72ac0734d1
tolower
2016-11-05 14:55:30 +01:00
f18a398ce3
handle better missing ca_hashes.txt
2016-11-04 08:39:14 +01:00
63ec369f34
output polish
2016-10-29 15:37:30 +02:00
df2704dc20
Merge pull request #498 from Sousaphone/master
...
Apple ATS9 client simulation
2016-10-28 21:31:39 +02:00
99300a0059
bump version
2016-10-27 22:02:35 +02:00
00a5d19276
Merge branch 'master' of github.com:drwetter/testssl.sh
2016-10-27 22:00:19 +02:00
337e66fc61
Merge branch 'CA_pinning'
2016-10-27 21:59:42 +02:00
1613bb214e
Merge branch 'master' into CA_pinning
...
Conflicts:
testssl.sh
2016-10-27 21:59:10 +02:00
bfad620bf5
Update Readme.md
2016-10-21 22:16:19 +02:00
217f2fb91a
Apple ATS9 client test
2016-10-19 10:54:37 +02:00
5e5edd5c89
FIX #490
2016-10-15 22:55:24 +02:00
6abca0c598
Merge pull request #495 from mailsvb/minor_display_fix_ssl3_offer
...
remove additional pr_off at the end of sslv2 check
2016-10-14 22:07:19 +02:00
4ce4d922ac
remove additional pr_off at the end of sslv2 check
2016-10-12 22:32:35 +02:00
d32dbdaff3
Updating MS store, sill small, still not automated/cumbersome not sure if ok
2016-10-12 21:15:37 +02:00
6723622024
- do not do HTTP2+SPDY checks if non-STARTTLS but also non-HTTP
...
- ASSUMING_HTTP --> ASSUME_HTTP
- minor cleanups
2016-10-11 22:30:30 +02:00
d59c581700
Update Readme.md
2016-10-11 12:17:33 +02:00
77f98e73e2
medium only for "Secure Client-Initiated Renegotiation" != HTTP
2016-10-10 23:27:34 +02:00
51912944ec
Merge pull request #492 from mailsvb/CA_BUNDLES_PATH
...
fix usage of CA_BUNDLES_PATH env for local ca_bundles
2016-10-09 10:22:22 +02:00
5a967302dc
fix usage of CA_BUNDLES_PATH env for local ca_bundles
2016-10-08 22:50:44 +02:00
1c5eb17729
(saving work): major cleanups for output readability and code
2016-10-06 18:53:25 +02:00
bd64fb4214
minor putput cleanup for headers
2016-10-03 21:17:29 +02:00
f9d44484af
Merge branch 'master' of github.com:drwetter/testssl.sh
2016-10-03 21:01:54 +02:00
9fe87223cc
fix anchor
2016-10-03 20:48:32 +02:00
248351eef5
Update Readme.md
2016-10-03 20:29:50 +02:00
bf1d3933bf
Update Readme.md
2016-10-03 20:28:44 +02:00
878ab519c0
update
2016-10-03 20:21:38 +02:00
19b63aa8a9
duplicate headers fixed, #FIX 488, outstanding: proper treatment of simulatenous Public-Key-Pins|Public-Key-Pins-Report-Only
2016-10-03 18:52:48 +02:00
e2023f51ac
evaluate env TESTSSL_INSTALL_DIR and CA_BUNDLES_PATH for CA bundles and/or RFC/IANA mapping, FIX #475 , #435
2016-10-02 18:15:13 +02:00
eb1f6e05bb
update, thanks to Niko78, see #371
2016-10-02 10:04:25 +02:00
