Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-04-15 22:16:07 +02:00
Code Issues Packages Projects Releases Wiki Activity

Commit Graph

  • a2b6a740a4 Update Readme.md Dirk Wetter 2015-07-21 10:34:08 +02:00
  • 3f804a75c1 Update CREDITS.md Dirk Wetter 2015-07-21 10:32:31 +02:00
  • 069f5592ac Merge pull request #143 from f-s/master Dirk Wetter 2015-07-21 10:27:43 +02:00
  • 9b92a04261 Update CREDITS.md Dirk Wetter 2015-07-21 10:25:46 +02:00
  • 5af2d72323 Update CREDITS.md Dirk Wetter 2015-07-21 10:25:17 +02:00
  • 3d5d1e18ed Merge pull request #142 from jonorossi/bash3-support-on-osx Dirk Wetter 2015-07-21 10:01:30 +02:00
  • 5d76119660 Arm compile added f-s 2015-07-21 08:29:45 +02:00
  • 298a91d743 Fix bash 3 support Jonathon Rossi 2015-07-21 15:11:20 +10:00
  • 1954f9eaa8 - new naming scheme of copied binaries - two GOST ciphers included - error handling improved Dirk Wetter 2015-07-20 21:46:04 +02:00
  • 8c858dbe3c yet another GOST fine tuning thing Dirk Wetter 2015-07-20 20:49:31 +02:00
  • d6b96a3e65 GOST, minor tuning Dirk Wetter 2015-07-20 19:34:42 +02:00
  • 32a29ff615 addiotnal citation for GOST Dirk Wetter 2015-07-20 19:06:53 +02:00
  • e5d8d8f115 Merge branch 'master' of github.com:drwetter/testssl.sh Dirk Wetter 2015-07-20 16:57:40 +02:00
  • ddcef43be5 * 2 GOST cipher added * layout hover, alternate lines Dirk Wetter 2015-07-20 16:57:08 +02:00
  • 66e479c056 GOST additions Dirk Wetter 2015-07-20 15:28:55 +02:00
  • f81b3a5c25 * GOST ciphers sometimes missing during scan * help was not precise wrt some arg w no params Dirk Wetter 2015-07-20 14:05:35 +02:00
  • 0215de3c89 ssl3 and trace enabled Dirk Wetter 2015-07-20 12:48:24 +02:00
  • 66f0b22adb word match for -V / -x now only for non-numbers: testssh.sh -x cc google.com tests for chaha ciphers (before only word matching was done e.g.: testssl.sh -x ECDH chase.com Dirk Wetter 2015-07-17 15:58:07 +02:00
  • 473c9c1e3a Merge branch 'master' of github.com:drwetter/testssl.sh Dirk Wetter 2015-07-17 14:58:37 +02:00
  • d9b9d2c2fb * path display error in banner fixed Dirk Wetter 2015-07-17 14:58:12 +02:00
  • cda5eff12e * STARTTLS_SLEEP * resolved misleading output STARTTLS + socket * fixed poodle ciphers in code (but not used yet) Dirk Wetter 2015-07-17 14:33:23 +02:00
  • adba3fab4d typo Dirk Wetter 2015-07-17 13:29:17 +02:00
  • f04ee57e79 * display shortend path to $OPENSSL in banner Dirk Wetter 2015-07-17 13:25:39 +02:00
  • a9685fe205 Update Readme.md Dirk Wetter 2015-07-17 12:10:42 +02:00
  • f63ebc2109 Merge pull request #136 from oliof/patch-2 Dirk Wetter 2015-07-17 11:40:20 +02:00
  • c9e9ef9433 Merge pull request #135 from oliof/patch-1 Dirk Wetter 2015-07-17 11:39:43 +02:00
  • 6b473952a3 Update Readme.md Harald Wagener 2015-07-17 11:08:10 +02:00
  • 4df61eed14 Update testssl.sh Harald Wagener 2015-07-17 11:05:07 +02:00
  • 594996883f Merge branch 'master' of github.com:drwetter/testssl.sh Dirk Wetter 2015-07-17 11:04:21 +02:00
  • bb5dd5224e Dirk Wetter 2015-07-17 11:04:01 +02:00
  • 0b4ab796df - license update Dirk Wetter 2015-07-17 11:01:33 +02:00
  • c343b9105a Update Readme.md Dirk Wetter 2015-07-17 10:55:15 +02:00
  • b16033c666 Update Readme.md Dirk Wetter 2015-07-17 10:51:28 +02:00
  • dc23c9fbbb Update Readme.md Dirk Wetter 2015-07-17 10:50:50 +02:00
  • 6cb8c6b506 - Darwin binary Dirk Wetter 2015-07-17 10:48:26 +02:00
  • b941443049 - the vanilla binaries are needless Dirk Wetter 2015-07-16 23:05:44 +02:00
  • 54290b220a - Provide Darwin binaries and paths thereto - provide also other static bins in $PWD/bin Dirk Wetter 2015-07-16 23:01:10 +02:00
  • b157a26632 * EV certificate detection * SSLv2 + STARTTLS protocol check always uses sockets now * STARTTLS protocol now returns over sockets the TLS time (if available) * few LibreSSL output oddities fixes * output corrections for STARTTLS * additional path for binaries (we change the path soon but leave both in the code for now) Dirk Wetter 2015-07-16 17:58:03 +02:00
  • f44954ae0e - clarify licenses for openssl Dirk Wetter 2015-07-16 17:49:17 +02:00
  • 4c033bc0cc * header flags added Dirk 2015-07-14 20:44:04 +02:00
  • 2e40c2bde6 * misleading warning for DH bits for Negotiated cipher omitted if no DH or EC and OPENSSL <= 1.0.1 Dirk 2015-07-14 19:58:04 +02:00
  • 32325d0643 * fix for scanning an IP address only * server_preference: cipher adjusted * some [[ and ]] in loops, hoping to speed up processing a bit * cosmetic stuff Dirk 2015-07-14 17:13:58 +02:00
  • 2ae8f2d6e3 fix regression: port 25 is the one for --mx Dirk 2015-07-14 12:35:26 +02:00
  • 0b1c0dca46 FIX #132 (see also discussions in #133 Dirk 2015-07-13 23:41:49 +02:00
  • dfc37bc892 workaround / FIX #134 (OPENSSL_CONF destroyed lookup via host/dig/nslookup Dirk 2015-07-13 23:24:23 +02:00
  • f95326cf21 * Liferay in header will be marked in yellow * more tries to find openssl binaries (also those in git) Dirk 2015-07-12 18:46:27 +02:00
  • 3cf891bd5e * FIX #131 (EC certificate key size was critized) * FIX: if request w/o SNI didn't succeed it resulted in an ugly openssl error message * FIX #51 (we try to initialize GOST engine before showing the banner) Dirk 2015-07-10 10:23:10 +02:00
  • f1d8471a3d * heartbleed and ccs check enabled per default for STARTTLS * performance improvements for sockets+STARTTLS (still only enabled via EXPERIMENTAL=yes) Dirk Wetter 2015-07-08 21:30:31 +02:00
  • ba09b84648 reflect progress on STARTTLS+sockets Dirk Wetter 2015-07-08 11:35:29 +02:00
  • d3b8f8e0a2 cosmetic corrections (output) Dirk Wetter 2015-07-08 11:34:45 +02:00
  • 5944c35075 * EXPERIMETAL=yes is used, testssl.sh uses for protocols, heartbleed, ccs sockets also for STARTTLS! * it's slow though (to be improved) * renamed vars for proxy * cleanups Dirk Wetter 2015-07-07 22:59:31 +02:00
  • fef9afe288 * protocol checks work now! * generic jabber support now! * jabber domain support Dirk Wetter 2015-07-06 22:04:07 +02:00
  • d1442d8ca9 don't need it Dirk Wetter 2015-07-06 22:03:41 +02:00
  • 1983658f9c Update Readme.md Dirk Wetter 2015-07-06 20:49:58 +02:00
  • 179d8700d1 * NEW: xmpphost support * FIX for regression (80e26a75ef62885d9fd187ad3ffe2df259580ff1), config file GOST Dirk Wetter 2015-07-06 20:42:43 +02:00
  • 016b488ae3 New set of binaries with a built date and "my" patch https://github.com/PeterMosmans/openssl/pull/23 Dirk Wetter 2015-07-06 20:37:57 +02:00
  • e614887cb8 renamed files Dirk Wetter 2015-07-06 20:33:43 +02:00
  • 942ceb04d9 FIX "built on: reproducible build, date unspecified" problem Dirk Wetter 2015-07-06 20:33:05 +02:00
  • 0e1a7002b9 FIX "built on: reproducible build, date unspecified" problem Dirk Wetter 2015-07-06 20:22:45 +02:00
  • c08baa94b3 * CHANGE: some tuning variable are now booleans (see help) * help() to reflect this * cleanups Dirk Wetter 2015-07-06 10:10:46 +02:00
  • 80e26a75ef * Warning if LibreSSL is used #126 * FIX for screwed up output for fixed ciphers (FREAK, LOGJAM), see also #126 * GOST support now doesn't complain if MY confif file aleady exists (minor fix) Dirk 2015-07-02 16:39:41 +02:00
  • 1186bf4229 - try to interpret server protocol (SMTP, FTP,...) handshake Dirk 2015-07-01 19:50:38 +02:00
  • 39a0da31e5 - echo host:port Dirk 2015-07-01 19:48:33 +02:00
  • d44cff9a81 Merge branch 'master' of github.com:drwetter/testssl.sh Dirk 2015-07-01 18:51:18 +02:00
  • c2f8e23441 Rename ccs-injection.sh to ccs-injection.bash Dirk Wetter 2015-07-01 18:50:45 +02:00
  • 21119d6d01 works also for nntp,ftp,imap,pop,xmpp +starttls now Dirk 2015-07-01 13:01:16 +02:00
  • 83dc3f707f - works now also for SMTP+STARTTLS Dirk 2015-07-01 10:16:01 +02:00
  • bfdc95f3dc Rename bash-heartbleed.changelog.txt to heartbleed.bash.changelog.txt Dirk Wetter 2015-07-01 10:12:03 +02:00
  • 4363229a01 Rename bash-heartbleed.sh to heartbleed.bash Dirk Wetter 2015-07-01 10:11:20 +02:00
  • 0bd46058a1 Update Readme.md Dirk Wetter 2015-06-29 23:46:39 +02:00
  • 31431a62cf Update Readme.md Dirk Wetter 2015-06-29 23:37:18 +02:00
  • b797ebaba2 Merge branch 'master' of github.com:drwetter/testssl.sh Dirk 2015-06-29 23:35:05 +02:00
  • 24cdfded56 see #124 (John more to the top though) Dirk 2015-06-29 23:31:51 +02:00
  • 5acfc93d79 * couple of checks for new proxy option from John Newbigin #124 * minor cleanups for #124 Dirk 2015-06-29 23:28:37 +02:00
  • ddd680ac93 * merge #124 from jnewbigin * fix my run time error Dirk 2015-06-29 22:29:15 +02:00
  • 15a672b521 * assertion vs. condition fixed Dirk 2015-06-29 10:41:56 +02:00
  • b2ebd7640d Update Readme.md Dirk Wetter 2015-06-28 14:05:25 +02:00
  • 93f5b8216d * FIX #125 * beautified some code / function names Dirk 2015-06-28 13:52:42 +02:00
  • 5d78c9421f * first tls_low_byte is now always 01 in TLS 1.0 --> TLS 1.2 (see openssl) * removing TLS 1.2 check from sockets as IIS has a problem with it Dirk 2015-06-24 11:08:09 +02:00
  • e121f944e9 * FIX: added missed downgrade (ret=2) in socket protcol check * resorted helper functions to top * cleanups (ok, renamed some functions) Dirk 2015-06-23 21:54:47 +02:00
  • b575710634 * FIX in --ip=one * straighthen help() * FIX ret value for no response in parse_tls_serverhello Dirk 2015-06-23 12:58:40 +02:00
  • ae8f998f8f * help corrected, -e is standard Dirk 2015-06-23 07:56:56 +02:00
  • a6c5a2af0d * handshake works now with SNI Dirk 2015-06-22 23:19:08 +02:00
  • d3c793e6bc * help without <> now and | * socket SNI issue: As it turns out Apache 2.2/2.4 is not behaving according to https://tools.ietf.org/html/rfc6066#section-3 . Dirk 2015-06-22 18:32:40 +02:00
  • 58a6f501b5 - better addressed no clear fallback repsonses, see #121 Dirk 2015-06-20 19:36:11 +02:00
  • 633cdc209b - NEW: IP address detection now in HTTP header - NEW: Varnish and Squid header detected - NEW: option --ip=one is a shortcut and means just test the first ip - CSP Report-Only in security headers - New: Varnish and Squid header detected, OWA header - all single tests in bold now - no support for TLS 1.2 spits out "NOT ok" as it is not ok - Medium ciphers and DES ciphers are not having aNULL and aDH ciphers anymore and have different colors --> ratings - http-date is now in http header(), tls_time in server_defaults() - http header reply is indented to same row as server defaults - http status code is displayed clearly now - BUGFIX: IPv6 address wasn't displayed - cleanup - application banner now in two lines if needed - try a second time to get a http header if first one fails - fix: case where % sign in ip address made prinf hiccup (sanitized) - fix: $url was in some functions empty - fixed bug where some headers were displayed twice Dirk 2015-06-19 20:36:32 +02:00
  • 59299ce9e1 - FIX #119 (sed -E fails for old sed versions) - std_cipherlists tuned - fix for selfsigned certs (missed sometimes because of trailing space) Dirk 2015-06-17 11:33:29 +02:00
  • 06899f3cbf - introduced Reverse Proxy header - FIX for OWA header - beautfied some header funcs - fixed GET_REQ1?/HEAD_REQ1? Dirk 2015-06-16 23:00:47 +02:00
  • 478b8afac7 FIX: bail out better if $NODE doesn't resolve cipher lists now wth plural ending added Liferay-Portal + X-OWA-Version for application banner new http_header (still leaving old one in) readability improvements Dirk 2015-06-16 19:53:40 +02:00
  • e16ccd06b6 - testing all IP addresses of a node works now (refactoring of parse_hn_port into three functions) FIX #96 - SNI is unset if STARTTLS is set - some BSD fixes (sed) Dirk 2015-06-16 14:04:44 +02:00
  • ac92ffb3c2 Merge branch 'master' of github.com:drwetter/testssl.sh Dirk 2015-06-15 12:13:45 +02:00
  • 4432faf497 "--ip" works now (see help) little cleanups Dirk 2015-06-15 12:13:16 +02:00
  • 3ca2b4d8a1 Update Readme.md Dirk Wetter 2015-06-15 11:29:05 +02:00
  • 46c43ee53f Merge branch 'master' of github.com:drwetter/testssl.sh Dirk 2015-06-11 21:41:53 +02:00
  • a98b67013a FIX #116 CRIME is lightred/litegreen as it is not that bad as ccs or heartbleed resorted some functions Dirk 2015-06-11 21:41:25 +02:00
  • 7be69786b8 Update Readme.md Dirk Wetter 2015-06-11 19:32:14 +02:00
  • bdff6ba1bd - TLS_FALLBACK* was missing in the help #22 #118 Dirk 2015-06-11 18:46:22 +02:00
  • f9e4526f70 - polish of #118 - FIX #22 Dirk 2015-06-11 18:33:06 +02:00
  • c39b69a45f Merge pull request #118 from JonnyHightower/master Dirk Wetter 2015-06-11 18:30:07 +02:00
  • dc548f1cfc Added check for TLS_FALLBACK_SCSV support in local OpenSSL binary. In TLS_FALLBACK_SCSV check, added unique socket address to temporary file name in order to support multiple simultaneous instances. JonnyHightower 2015-06-10 17:38:39 +01:00