Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-10-31 13:55:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
568 Commits 17 Branches 35 Tags
fd256a74b1d0f3be5edf975a8ecc3c9ea9f9c907
Commit Graph

568 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dirk
aa546b520e Merge remote-tracking branch 'origin/revert-48-master' 2015-01-07 23:09:57 +01:00
Dirk
8a3e0267ba safer bacth processing if port isn't available 2015-01-06 16:25:19 +01:00
Dirk Wetter
2556377398 Revert "Change question logic on non-SSL port" 2015-01-06 16:10:21 +01:00
Dirk Wetter
e816e4877a Merge pull request #48 from lwindolf/master 
Change question logic on non-SSL port
 2015-01-06 16:01:07 +01:00
Lars Windolf
d1ab23c146 Change question logic on non-SSL port 
Idea is to bail out per default (with WARNINGS=off) this makes batch processing possible
as often testssl.sh hangs for minutes or endless on non-SSL ports.
 2015-01-03 11:41:35 +01:00
Dirk
eae1b2810f - check for CN wrt SNI / no SNI 
- fix different responses for CACert
 2014-12-23 09:59:03 +01:00
Dirk
4aa674d138 - Negotiated cipher per proto 
- nr_ciphers of used openssl version in banner
- spdy_pre check
- -testversion_new --> -testversion
 2014-12-21 23:22:50 +01:00
Dirk
a570d907e9 - Cipher order check! (also for starttls) 
- includes a remark 4 default_cipher (limited sense as client will pick)
- selfsigned certs: error!
- number of local ciphers in check with allciphers
 2014-12-21 00:47:23 +01:00
Dirk
04b6795f94 Merge branch 'master' of github.com:drwetter/testssl.sh 2014-12-19 17:06:37 +01:00
Dirk
21493fb788 - tempfile handling: every function leaves one, if DEBUG is set 
- FIX*2: OPENSSL_CONF/GOST_CONF
 2014-12-19 17:02:26 +01:00
Dirk Wetter
9e53070598 Update Readme.md 2014-12-19 15:52:05 +01:00
Dirk Wetter
c2ef5d1da8 Update Readme.md 2014-12-19 15:51:32 +01:00
Dirk
8635012cf5 - subjectAltName 2014-12-19 07:12:20 +01:00
Dirk
521a7160a9 - NEW: certificate info, details: 
- NEW: CN, SAN
- NEW: OCSP URI
- NEW: CRL distr point
- NEW: Issuer
- NEW: expiration
- NEW: signature algo
- renamed cmdline --simple_preference to --server_defaults
- now we have a TEMPDIR where all files are written toA
- function or handling/removing TMPFILE
 2014-12-18 09:33:24 +01:00
Dirk Wetter
5d66eeef05 Update Readme.md 2014-12-09 14:25:38 +01:00
Dirk
b40c0b7178 - RELEASE: final 2.2 
- change of cmd line order for STARTTLS
- help more clear
 2014-12-08 10:32:51 +01:00
Dirk
b3efb3c4b0 - BUGFIX: potential stalling in HTTP Header query 
- BUGFIX: HTTP specific vuln. won't be checked if service is not http (we still
check crime and also spdy => gmail has spdy for pop and imap)
- Feature: service detection: HTTP, IMAP, POP, SMTP
- alignment in rDNS output corrected
- minor cleanup / improvements
 2014-11-30 01:30:20 +01:00
Dirk
27f06f8d50 - BUGFIX: BSD now has proper heartbleed and ccs injection detection 
- significant code improvement of hex-byte parser <-> socket sender
- BUGFIX: BSD now doesn't put an extra \n if rfc map file is missing
- bumped to 2.1rc3, hoping that'll be the last
 2014-11-27 21:33:33 +01:00
Dirk
c034cd8a95 - for colors: double square brackets (might save a fork to "[ or "test" 
- in terms of debugging cleaned up listciphers/std_cipherlists
- in other terms too
 2014-11-25 13:12:24 +01:00
Dirk Wetter
5228986b25 Update Readme.md 2014-11-24 16:43:11 +01:00
Dirk Wetter
b242876597 Merge pull request #37 from yurivict/master 
Fixed errors when COLOR=0 caused 'printf' to break due to leading dashes interpreted as command line options
 2014-11-24 15:16:42 +01:00
Yuri
19f936bece Fixed the problem when COLOR=0 caused 'printf' to break due to leading dashes interpreted as command line options. 2014-11-22 12:15:47 -08:00
Dirk Wetter
7cf2030c20 Merge pull request #36 from PeterMosmans/bugfix 
Fixed minor redirection typo for 'which' command
 2014-11-22 18:31:09 +01:00
Peter Mosmans
c3ab016164 Fixed minor redirection typo for 'which' command 2014-11-22 12:57:36 +10:00
Dirk
4c3cc0df8e - increase first read buffer -- otherwise it's how up at hb reply and lead to false positives 2014-11-20 18:55:51 +01:00
Dirk
d4265742b1 color codes for protocols and default ciphers reflect better a rating 
- fix: heartbleed function needed a $TMPFILE for determining the TLS protocol
 - version bumped to 2.1rc2
 2014-11-20 10:46:55 +01:00
Dirk
5dd4a8f3fa - fix in cleanup (while debug) 
- wrong cmd line option --> help instread of error
 2014-11-19 22:23:13 +01:00
Dirk
05877dca93 - protocol check stream lined: similar now for every protocol 
- NPN/SPDY is not green anymore
 2014-11-19 18:04:43 +01:00
Dirk
d77b667489 - protocol w/o cipher (only SSLv2 so far) 
- for EVERY protocol now check whether $openssl supports it
- better fail for PFS if there are no local ciphers
 2014-11-19 17:08:59 +01:00
Dirk
52ef1fe684 @oparoz 2014-11-19 13:26:48 +01:00
Dirk
99e472ac01 - banner (opensssl version build date, platform) slightly changed 
- even clearer warning upon old openssl version (MacOSX!)
- oparoz hexdump patch
- heartbleed doenst do a precheck anymore --> just sockets as it may lead to false negatives
  if the client was complied with it disabled (FreeBSD)
 2014-11-19 13:22:22 +01:00
Dirk
f2c44803ed - FreeBSD fixes (getent, printf) 2014-11-18 23:14:17 +01:00
Dirk
59bdf48823 - Peter 2014-11-18 20:24:10 +01:00
Dirk
41a480abb4 small cleanup 2014-11-18 20:23:17 +01:00
Dirk
8756151a26 Merge branch 'master' of github.com:drwetter/testssl.sh 2014-11-18 16:40:14 +01:00
Dirk Wetter
3d6eda97de Merge pull request #30 from PeterMosmans/cleanup 
Make sure that cleanup() function is always called
 2014-11-18 16:39:32 +01:00
Dirk Wetter
f067944f2a Merge pull request #29 from PeterMosmans/msys 
Added compatilibility with MSYS2 on Windows
 2014-11-18 16:30:18 +01:00
Dirk
7b45311c30 - stripping of leading 0 in testssl.sh needed to be reflected by this file 2014-11-18 11:04:57 +01:00
Dirk
049a945abc - prettyprint_local now also can do word pattern matching 
- help improved
- put the stripping of leading 0 into normalize_cipher_code where it belonged
- the latter makes a modified mapping-rfc.txt necessary!
 2014-11-18 11:03:03 +01:00
Dirk
f45d85617b - hexcode in neat list now w/o leading 0 
- help cleaned up and clearer (& removing tabs)
- test_just_one with headline
 2014-11-18 10:29:11 +01:00
Peter Mosmans
de0b4313b8 Make sure that cleanup() function is always called 
Added {HEADERFILE_BREACH} to temporary files that should be removed
Removed obsolete cleanup calls
 2014-11-18 14:30:48 +11:00
Peter Mosmans
15f23f1fec Added compatilibility with MSYS2 on Windows 2014-11-18 13:30:56 +11:00
Dirk
cf8fa2c3f3 - version bumped to 2.1rc1, better layout for chacha (albeit bit ugly), better layout for all ciphers, test_just_one w/ headline 2014-11-18 01:36:29 +01:00
Dirk
16279267ea - sockread w/ sleep 
- ccs better documented + more verbose during debug
 2014-11-18 00:26:58 +01:00
Dirk Wetter
2e6c0a45cd Update CREDITS.md 2014-11-17 18:59:57 +01:00
Dirk
7414b5b310 next step in color handling: 2=full color, 1: b/w, 0: no ESC codes at all 2014-11-17 18:49:56 +01:00
Dirk
eee56b4bd4 2014-11-17 18:47:39 +01:00
Dirk
fc4c2e5446 - omit the "**" in non colored mode 
- query COLOR properly (env)
 2014-11-17 17:43:59 +01:00
Dirk
a7bbc6c39a warning upon "no ssl enabled server" clearer; we check only for return code of s_client. Fails if certificate needed 2014-11-17 17:05:43 +01:00
Dirk
b2cd4bfd4c better documentation 2014-11-03 21:45:48 +01:00