Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-01-03 23:39:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Commit Graph

  • 39657e0fd3 - Darwin binary Dirk Wetter 2015-07-17 10:48:26 +0200
  • b941443049 - the vanilla binaries are needless Dirk Wetter 2015-07-16 23:05:44 +0200
  • 00f70c1962 - the vanilla binaries are needless Dirk Wetter 2015-07-16 23:05:44 +0200
  • 54290b220a - Provide Darwin binaries and paths thereto - provide also other static bins in $PWD/bin Dirk Wetter 2015-07-16 23:01:10 +0200
  • 370bcc3339 - Provide Darwin binaries and paths thereto - provide also other static bins in $PWD/bin Dirk Wetter 2015-07-16 23:01:10 +0200
  • b157a26632 * EV certificate detection * SSLv2 + STARTTLS protocol check always uses sockets now * STARTTLS protocol now returns over sockets the TLS time (if available) * few LibreSSL output oddities fixes * output corrections for STARTTLS * additional path for binaries (we change the path soon but leave both in the code for now) Dirk Wetter 2015-07-16 17:58:03 +0200
  • f9fd900e0f * EV certificate detection * SSLv2 + STARTTLS protocol check always uses sockets now * STARTTLS protocol now returns over sockets the TLS time (if available) * few LibreSSL output oddities fixes * output corrections for STARTTLS * additional path for binaries (we change the path soon but leave both in the code for now) Dirk Wetter 2015-07-16 17:58:03 +0200
  • f44954ae0e - clarify licenses for openssl Dirk Wetter 2015-07-16 17:49:17 +0200
  • 5bb68e4bc6 - clarify licenses for openssl Dirk Wetter 2015-07-16 17:49:17 +0200
  • 4c033bc0cc * header flags added Dirk 2015-07-14 20:44:04 +0200
  • 24b8164243 * header flags added Dirk 2015-07-14 20:44:04 +0200
  • 2e40c2bde6 * misleading warning for DH bits for Negotiated cipher omitted if no DH or EC and OPENSSL <= 1.0.1 Dirk 2015-07-14 19:58:04 +0200
  • 8f9dfdf0a5 * misleading warning for DH bits for Negotiated cipher omitted if no DH or EC and OPENSSL <= 1.0.1 Dirk 2015-07-14 19:58:04 +0200
  • 32325d0643 * fix for scanning an IP address only * server_preference: cipher adjusted * some [[ and ]] in loops, hoping to speed up processing a bit * cosmetic stuff Dirk 2015-07-14 17:13:58 +0200
  • bdc1146137 * fix for scanning an IP address only * server_preference: cipher adjusted * some [[ and ]] in loops, hoping to speed up processing a bit * cosmetic stuff Dirk 2015-07-14 17:13:58 +0200
  • 2ae8f2d6e3 fix regression: port 25 is the one for --mx Dirk 2015-07-14 12:35:26 +0200
  • 8713ff8a37 fix regression: port 25 is the one for --mx Dirk 2015-07-14 12:35:26 +0200
  • 0b1c0dca46 FIX #132 (see also discussions in #133 Dirk 2015-07-13 23:41:49 +0200
  • 1ae4b121c4 FIX #132 (see also discussions in #133 Dirk 2015-07-13 23:41:49 +0200
  • 16e40462b8 Merge 7a4106e839 into 42ecd1b9dd #132 thomassa 2015-07-13 21:41:19 +0000
  • 2097059728 Merge eaf1c97d47 into 42ecd1b9dd #133 thomassa 2015-07-13 21:36:05 +0000
  • dfc37bc892 workaround / FIX #134 (OPENSSL_CONF destroyed lookup via host/dig/nslookup Dirk 2015-07-13 23:24:23 +0200
  • 42ecd1b9dd workaround / FIX #134 (OPENSSL_CONF destroyed lookup via host/dig/nslookup Dirk 2015-07-13 23:24:23 +0200
  • f95326cf21 * Liferay in header will be marked in yellow * more tries to find openssl binaries (also those in git) Dirk 2015-07-12 18:46:27 +0200
  • 768cc55cb4 * Liferay in header will be marked in yellow * more tries to find openssl binaries (also those in git) Dirk 2015-07-12 18:46:27 +0200
  • eaf1c97d47 Fix list-reversal #133 Thomas Sanders 2015-07-10 18:08:59 +0100
  • 7a4106e839 Fix list-reversal (and comment) #132 Thomas Sanders 2015-07-10 17:57:48 +0100
  • 3cf891bd5e * FIX #131 (EC certificate key size was critized) * FIX: if request w/o SNI didn't succeed it resulted in an ugly openssl error message * FIX #51 (we try to initialize GOST engine before showing the banner) Dirk 2015-07-10 10:23:10 +0200
  • 2157342d89 * FIX #131 (EC certificate key size was critized) * FIX: if request w/o SNI didn't succeed it resulted in an ugly openssl error message * FIX #51 (we try to initialize GOST engine before showing the banner) Dirk 2015-07-10 10:23:10 +0200
  • f1d8471a3d * heartbleed and ccs check enabled per default for STARTTLS * performance improvements for sockets+STARTTLS (still only enabled via EXPERIMENTAL=yes) Dirk Wetter 2015-07-08 21:30:31 +0200
  • 3d277b5129 * heartbleed and ccs check enabled per default for STARTTLS * performance improvements for sockets+STARTTLS (still only enabled via EXPERIMENTAL=yes) Dirk Wetter 2015-07-08 21:30:31 +0200
  • ba09b84648 reflect progress on STARTTLS+sockets Dirk Wetter 2015-07-08 11:35:29 +0200
  • 4f348dad22 reflect progress on STARTTLS+sockets Dirk Wetter 2015-07-08 11:35:29 +0200
  • d3b8f8e0a2 cosmetic corrections (output) Dirk Wetter 2015-07-08 11:34:45 +0200
  • 02450ef491 cosmetic corrections (output) Dirk Wetter 2015-07-08 11:34:45 +0200
  • 5944c35075 * EXPERIMETAL=yes is used, testssl.sh uses for protocols, heartbleed, ccs sockets also for STARTTLS! * it's slow though (to be improved) * renamed vars for proxy * cleanups Dirk Wetter 2015-07-07 22:59:31 +0200
  • eb49c37718 * EXPERIMETAL=yes is used, testssl.sh uses for protocols, heartbleed, ccs sockets also for STARTTLS! * it's slow though (to be improved) * renamed vars for proxy * cleanups Dirk Wetter 2015-07-07 22:59:31 +0200
  • fef9afe288 * protocol checks work now! * generic jabber support now! * jabber domain support Dirk Wetter 2015-07-06 22:04:07 +0200
  • 5fe9cf7d7e * protocol checks work now! * generic jabber support now! * jabber domain support Dirk Wetter 2015-07-06 22:04:07 +0200
  • d1442d8ca9 don't need it Dirk Wetter 2015-07-06 22:03:41 +0200
  • 9857d42920 don't need it Dirk Wetter 2015-07-06 22:03:41 +0200
  • 1983658f9c Update Readme.md Dirk Wetter 2015-07-06 20:49:58 +0200
  • b17961e048 Update Readme.md Dirk Wetter 2015-07-06 20:49:58 +0200
  • 179d8700d1 * NEW: xmpphost support * FIX for regression (80e26a75ef), config file GOST Dirk Wetter 2015-07-06 20:42:43 +0200
  • b742c54358 * NEW: xmpphost support * FIX for regression (80e26a75ef), config file GOST Dirk Wetter 2015-07-06 20:42:43 +0200
  • 016b488ae3 New set of binaries with a built date and "my" patch https://github.com/PeterMosmans/openssl/pull/23 Dirk Wetter 2015-07-06 20:37:57 +0200
  • f28782c73b New set of binaries with a built date and "my" patch https://github.com/PeterMosmans/openssl/pull/23 Dirk Wetter 2015-07-06 20:37:57 +0200
  • e614887cb8 renamed files Dirk Wetter 2015-07-06 20:33:43 +0200
  • 7824900abd renamed files Dirk Wetter 2015-07-06 20:33:43 +0200
  • 942ceb04d9 FIX "built on: reproducible build, date unspecified" problem Dirk Wetter 2015-07-06 20:33:05 +0200
  • 0e1a7002b9 FIX "built on: reproducible build, date unspecified" problem Dirk Wetter 2015-07-06 20:22:45 +0200
  • c08baa94b3 * CHANGE: some tuning variable are now booleans (see help) * help() to reflect this * cleanups Dirk Wetter 2015-07-06 10:10:46 +0200
  • bb71084818 Merge 1d77372562 into 80e26a75ef #128 NV 2015-07-05 17:14:08 +0000
  • 1d77372562 Add --assuming-not-http for turning off HTTP checks #128 NV 2015-07-06 01:56:02 +0900
  • 80e26a75ef * Warning if LibreSSL is used #126 * FIX for screwed up output for fixed ciphers (FREAK, LOGJAM), see also #126 * GOST support now doesn't complain if MY confif file aleady exists (minor fix) Dirk 2015-07-02 16:39:41 +0200
  • 1186bf4229 - try to interpret server protocol (SMTP, FTP,...) handshake Dirk 2015-07-01 19:50:38 +0200
  • 39a0da31e5 - echo host:port Dirk 2015-07-01 19:48:33 +0200
  • d44cff9a81 Merge branch 'master' of github.com:drwetter/testssl.sh Dirk 2015-07-01 18:51:18 +0200
  • c2f8e23441 Rename ccs-injection.sh to ccs-injection.bash Dirk Wetter 2015-07-01 18:50:45 +0200
  • 21119d6d01 works also for nntp,ftp,imap,pop,xmpp +starttls now Dirk 2015-07-01 13:01:16 +0200
  • 83dc3f707f - works now also for SMTP+STARTTLS Dirk 2015-07-01 10:16:01 +0200
  • bfdc95f3dc Rename bash-heartbleed.changelog.txt to heartbleed.bash.changelog.txt Dirk Wetter 2015-07-01 10:12:03 +0200
  • 4363229a01 Rename bash-heartbleed.sh to heartbleed.bash Dirk Wetter 2015-07-01 10:11:20 +0200
  • 0bd46058a1 Update Readme.md Dirk Wetter 2015-06-29 23:46:39 +0200
  • 31431a62cf Update Readme.md Dirk Wetter 2015-06-29 23:37:18 +0200
  • b797ebaba2 Merge branch 'master' of github.com:drwetter/testssl.sh Dirk 2015-06-29 23:35:05 +0200
  • 24cdfded56 see #124 (John more to the top though) Dirk 2015-06-29 23:31:51 +0200
  • 5acfc93d79 * couple of checks for new proxy option from John Newbigin #124 * minor cleanups for #124 Dirk 2015-06-29 23:28:37 +0200
  • ddd680ac93 * merge #124 from jnewbigin * fix my run time error Dirk 2015-06-29 22:29:15 +0200
  • 15a672b521 * assertion vs. condition fixed Dirk 2015-06-29 10:41:56 +0200
  • b2ebd7640d Update Readme.md Dirk Wetter 2015-06-28 14:05:25 +0200
  • 93f5b8216d * FIX #125 * beautified some code / function names Dirk 2015-06-28 13:52:42 +0200
  • 8d00f6dba2 Merge 8086a6c5ec into 58a6f501b5 #124 jnewbigin 2015-06-25 00:25:06 +0000
  • 8086a6c5ec Use better terminology #124 John Newbigin 2015-06-25 08:54:08 +1000
  • f0fa2861e4 Check proxy connect code John Newbigin 2015-06-25 08:51:30 +1000
  • 85feae9bf0 Add instructions John Newbigin 2015-06-25 08:36:19 +1000
  • 057c97f002 Add proxy support John Newbigin 2015-06-25 08:33:00 +1000
  • 5d78c9421f * first tls_low_byte is now always 01 in TLS 1.0 --> TLS 1.2 (see openssl) * removing TLS 1.2 check from sockets as IIS has a problem with it Dirk 2015-06-24 11:08:09 +0200
  • e121f944e9 * FIX: added missed downgrade (ret=2) in socket protcol check * resorted helper functions to top * cleanups (ok, renamed some functions) Dirk 2015-06-23 21:54:47 +0200
  • b575710634 * FIX in --ip=one * straighthen help() * FIX ret value for no response in parse_tls_serverhello Dirk 2015-06-23 12:58:40 +0200
  • ae8f998f8f * help corrected, -e is standard Dirk 2015-06-23 07:56:56 +0200
  • a6c5a2af0d * handshake works now with SNI Dirk 2015-06-22 23:19:08 +0200
  • d3c793e6bc * help without <> now and | * socket SNI issue: As it turns out Apache 2.2/2.4 is not behaving according to https://tools.ietf.org/html/rfc6066#section-3 . Dirk 2015-06-22 18:32:40 +0200
  • 58a6f501b5 - better addressed no clear fallback repsonses, see #121 Dirk 2015-06-20 19:36:11 +0200
  • 633cdc209b - NEW: IP address detection now in HTTP header - NEW: Varnish and Squid header detected - NEW: option --ip=one is a shortcut and means just test the first ip - CSP Report-Only in security headers - New: Varnish and Squid header detected, OWA header - all single tests in bold now - no support for TLS 1.2 spits out "NOT ok" as it is not ok - Medium ciphers and DES ciphers are not having aNULL and aDH ciphers anymore and have different colors --> ratings - http-date is now in http header(), tls_time in server_defaults() - http header reply is indented to same row as server defaults - http status code is displayed clearly now - BUGFIX: IPv6 address wasn't displayed - cleanup - application banner now in two lines if needed - try a second time to get a http header if first one fails - fix: case where % sign in ip address made prinf hiccup (sanitized) - fix: $url was in some functions empty - fixed bug where some headers were displayed twice Dirk 2015-06-19 20:36:32 +0200
  • 59299ce9e1 - FIX #119 (sed -E fails for old sed versions) - std_cipherlists tuned - fix for selfsigned certs (missed sometimes because of trailing space) Dirk 2015-06-17 11:33:29 +0200
  • 06899f3cbf - introduced Reverse Proxy header - FIX for OWA header - beautfied some header funcs - fixed GET_REQ1?/HEAD_REQ1? Dirk 2015-06-16 23:00:47 +0200
  • 478b8afac7 FIX: bail out better if $NODE doesn't resolve cipher lists now wth plural ending added Liferay-Portal + X-OWA-Version for application banner new http_header (still leaving old one in) readability improvements Dirk 2015-06-16 19:53:40 +0200
  • e16ccd06b6 - testing all IP addresses of a node works now (refactoring of parse_hn_port into three functions) FIX #96 - SNI is unset if STARTTLS is set - some BSD fixes (sed) Dirk 2015-06-16 14:04:44 +0200
  • ac92ffb3c2 Merge branch 'master' of github.com:drwetter/testssl.sh Dirk 2015-06-15 12:13:45 +0200
  • 4432faf497 "--ip" works now (see help) little cleanups Dirk 2015-06-15 12:13:16 +0200
  • 3ca2b4d8a1 Update Readme.md Dirk Wetter 2015-06-15 11:29:05 +0200
  • 46c43ee53f Merge branch 'master' of github.com:drwetter/testssl.sh Dirk 2015-06-11 21:41:53 +0200
  • a98b67013a FIX #116 CRIME is lightred/litegreen as it is not that bad as ccs or heartbleed resorted some functions Dirk 2015-06-11 21:41:25 +0200
  • 7be69786b8 Update Readme.md Dirk Wetter 2015-06-11 19:32:14 +0200
  • bdff6ba1bd - TLS_FALLBACK* was missing in the help #22 #118 Dirk 2015-06-11 18:46:22 +0200
  • f9e4526f70 - polish of #118 - FIX #22 Dirk 2015-06-11 18:33:06 +0200
  • c39b69a45f Merge pull request #118 from JonnyHightower/master Dirk Wetter 2015-06-11 18:30:07 +0200
  • dc548f1cfc Added check for TLS_FALLBACK_SCSV support in local OpenSSL binary. In TLS_FALLBACK_SCSV check, added unique socket address to temporary file name in order to support multiple simultaneous instances. #118 JonnyHightower 2015-06-10 17:38:39 +0100
  • 8acc17b4bc - ease of making openssl binary with make-openssl.sh - Hint where the Readme is - removal of old binaries Dirk 2015-06-10 08:15:28 +0200