e5a015b842- workaround for issue #58, same in http_header - FIX: if a web site returned IMAP e.g. in HTML code it may have led to the assumption IMAP is the service ;-/
Dirk
2015-02-13 16:01:46 +01:00
d15d5b0c6f- FIX regression: CRIME check - FIX: port ended up sometimes as URL part - also if it runs http a line is displayed as confirmation that HTTP was detected
Dirk
2015-02-12 13:40:53 +01:00
db99cc8c0c- new build with proper banner string
Dirk
2015-02-12 11:12:49 +01:00
7d6adee53fUpdate Readme.md
Dirk Wetter
2015-02-12 10:50:52 +01:00
bc1cf841e3Update Readme.md
Dirk Wetter
2015-02-12 09:45:26 +01:00
d9e4873fda- WORKAROUND for bug in PeterMosmans OPENSSL chacha/poly version: not testing EXPORT40/EXPORT then
Dirk
2015-02-12 09:32:47 +01:00
d98aa626e7- NEW: check for Secure Client-Initiated Renegotiation - debugging #1: PS4 and debugme - debugging statement tmpfile_handle where missing #2
Dirk
2015-02-11 09:43:04 +01:00
c80fc50728Update Readme.md
Dirk Wetter
2015-02-10 13:18:02 +01:00
d4c3266486- sha2 like mozilla
Dirk
2015-02-10 12:43:08 +01:00
32ca73f982Merge branch 'master' of github.com:drwetter/testssl.sh
Dirk
2015-02-10 12:40:14 +01:00
d5c4aca6f0Update Readme.md
Dirk Wetter
2015-02-10 12:39:54 +01:00
30b7390654Update Readme.md
Dirk Wetter
2015-02-10 12:39:20 +01:00
bbb832ae59Update Readme.md
Dirk Wetter
2015-02-10 12:39:02 +01:00
1e75ac8be3- vanilla as a workaround for bug #38
Dirk
2015-02-10 12:37:03 +01:00
80c21abcacUpdate Readme.md
Dirk Wetter
2015-02-10 12:34:35 +01:00
f47b589fe9Update Readme.md
Dirk Wetter
2015-02-10 12:20:59 +01:00
76ad830d1aUpdate Readme.md
Dirk Wetter
2015-02-10 12:00:02 +01:00
2272a34557Update Readme.md
Dirk Wetter
2015-02-10 11:59:47 +01:00
ed04b636da- starttls for ldap now also supported
Dirk
2015-02-09 14:02:02 +01:00
0b23307683Merge pull request #57 from schuetzm/patch-1
Dirk Wetter
2015-02-09 13:52:11 +01:00
4fc8111c0aTrivial typo fix
Marc Schütz
2015-02-07 17:30:36 +01:00
857880218dUpdate Readme.md
Dirk Wetter
2015-02-05 10:06:27 +01:00
2b35b66551Delete openssl32-1.0.2pm.chacha+poly
Dirk Wetter
2015-02-05 10:02:54 +01:00
e0429cc3feUpdate Readme.md
Dirk Wetter
2015-02-05 09:22:01 +01:00
f30d7568e7- checking protoype of tls sockets but not called/working yet - small fixes $DEBUG
Dirk
2015-02-04 09:48:34 +01:00
1b8d96f1d8- NEW: certificate fingerprints + serial
Dirk
2015-02-03 23:46:47 +01:00
d2b833b2fa- TLS 1.0/1.1 is not green anymore, only TLS 1.2 is the real one! - no bold for 3DES and medium - nslookup for MSYS2 etc. having no hosts (and fixing error message if host doesn't exist)
Dirk
2015-02-03 23:20:59 +01:00
188e7f9095Merge branch 'master' of github.com:drwetter/testssl.sh
Dirk
2015-01-30 16:27:27 +01:00
4f1ca24bd2FIX: experiration threshold < 30 days
Dirk
2015-01-30 16:26:55 +01:00
0ea64faa12Update Readme.md
Dirk Wetter
2015-01-30 10:35:07 +01:00
85bc14c946- FIX: STARTTLS is the criteria for using bash sslv2 or not, not the service
Dirk
2015-01-29 23:24:49 +01:00
16c804d4caFIX: BEAST (supports higher protocols only when CBC ciphers detected) - FIX: URL in app banner - cosmetic issue: display also if one cookie was issue the number 1
Dirk
2015-01-29 23:20:58 +01:00
89012a7a42* NEW: protocol check SSLv2 in bash sockets per default (HTTP) (fallback to openssl with SSL_NATIVE=1)
Dirk
2015-01-29 10:46:16 +01:00
b2e8e0175a@nvsofts for LibreSSL patch
Dirk
2015-01-29 09:34:32 +01:00
5e864c28b4* NEW: emphasize any numbers in http header output * internal renaming of color functions ( --> pr_*) * new color switches (tput) * $COLOR is treated as integer not string * for some issues color adjusted accordingly (red --> brown/yellow)
Dirk
2015-01-29 09:33:35 +01:00
3abaad5eb1Merge branch 'master' of github.com:drwetter/testssl.sh
Dirk
2015-01-28 15:31:13 +01:00
c01576c2d4Merge pull request #53 from gitter-badger/gitter-badge
Dirk Wetter
2015-01-28 09:28:50 +01:00
5163d10a66Merge pull request #54 from nvsofts/fix_libressl_gost
Dirk Wetter
2015-01-28 09:24:32 +01:00
e3a66f5a70Fix GOST handling in LibreSSL
NV
2015-01-28 14:17:27 +09:00
cf038a3cfeAdded Gitter badge
The Gitter Badger
2015-01-27 22:45:51 +00:00
dedb95b122Update Readme.md
Dirk Wetter
2015-01-26 12:37:00 +01:00
d35e2f95b8fix for wrong # of HttpOnly cookie
Dirk
2015-01-23 15:09:35 +01:00
84caf9ffd1fix for double line and double application banner
Dirk
2015-01-23 12:17:27 +01:00
f3eb84c078Merge branch 'master' of github.com:drwetter/testssl.sh
Dirk
2015-01-23 12:02:12 +01:00
baadfd0492BREACH is not labeled as experimental anymore as it works reliably - so is heartbleed - FIX: shopt is removed in rc4 as most of the bash shells segfault here (bug!) - not tested anymore for HTTP within starttls, instead displaying here a line
Dirk
2015-01-23 12:01:32 +01:00
6c6511ddb2- VERBOSE -eq 1 is now DEBUG -eq 2 (VERBOSE completely removed) - DEBUG has now four modes 1: just keep files 2: VERBOSE -eq 1 3: head hexdumps and other stuff, 4: full debugging - env and internal stuff $TEMPDIR
Dirk
2015-01-21 12:53:00 +01:00
d825bd85f7Update Readme.md
Dirk Wetter
2015-01-20 22:13:15 +01:00
82764845f2Merge branch 'master' of github.com:drwetter/testssl.sh
Dirk
2015-01-20 22:10:22 +01:00
d5924eedc4- BEAST finally works - handling of spaces in output - different ciphers - FIX: setopt also for RC4 (proper handling of ret value)
Dirk
2015-01-20 21:59:21 +01:00
28330dc6fcfirst prototype BEAST | FIX: maketempf in initialize_engine | FIX: exit statements in main w/ more meaning/shorter
Dirk
2015-01-20 21:51:49 +01:00
1032c3756aUpdate Readme.md
Dirk Wetter
2015-01-16 17:18:38 +01:00
b0c6062cb7Update Readme.md
Dirk Wetter
2015-01-16 17:16:22 +01:00
5853202efdfine tuning on banner
Dirk
2015-01-15 20:29:46 +01:00
4c6f0d9a50- FIX: grep -a if we hit binary content with http_header (also if otherwise specified) - NEW: can specify URL (used for header matters and breach) - FIX: better handling of >1 cookies
Dirk
2015-01-14 12:23:53 +01:00
3d81a7b5ec* NEW: cookie flags (experimental) [URL is missing] * FIX: 30x handling for http_header (hint for final URL if stalled) * FIX: proper display of app-banners if >1
Dirk
2015-01-14 09:48:44 +01:00
44d8f67998SNI is not anymore 2do (removed misleading comment)
Dirk
2015-01-12 23:28:38 +01:00
84204a80a3debugging more fine grained
Dirk
2015-01-12 23:15:26 +01:00
ac6a67a299now with SNI!
Dirk
2015-01-12 22:56:15 +01:00
f0747dd2fcnow checker fo SSLv3 to TLSV1.2 (SNI missing for now)
Dirk
2015-01-10 22:08:11 +01:00
cedeff2b42typo in tempdir led to missing gost cipher
Dirk
2015-01-08 14:16:22 +01:00
446f7bf152working prototype for SSLv2 client hello + parsing server hello in bash
Dirk
2015-01-07 23:57:16 +01:00
8a3e0267basafer bacth processing if port isn't available
Dirk
2015-01-06 16:25:19 +01:00
2556377398Revert "Change question logic on non-SSL port"
Dirk Wetter
2015-01-06 16:10:21 +01:00
e816e4877aMerge pull request #48 from lwindolf/master
Dirk Wetter
2015-01-06 16:01:07 +01:00
d1ab23c146Change question logic on non-SSL port
Lars Windolf
2015-01-03 11:41:35 +01:00
eae1b2810f- check for CN wrt SNI / no SNI - fix different responses for CACert
Dirk
2014-12-23 09:59:03 +01:00
4aa674d138- Negotiated cipher per proto - nr_ciphers of used openssl version in banner - spdy_pre check - -testversion_new --> -testversion
Dirk
2014-12-21 23:22:50 +01:00
a570d907e9- Cipher order check! (also for starttls) - includes a remark 4 default_cipher (limited sense as client will pick) - selfsigned certs: error! - number of local ciphers in check with allciphers
Dirk
2014-12-21 00:47:23 +01:00
04b6795f94Merge branch 'master' of github.com:drwetter/testssl.sh
Dirk
2014-12-19 17:06:37 +01:00
21493fb788- tempfile handling: every function leaves one, if DEBUG is set - FIX*2: OPENSSL_CONF/GOST_CONF
Dirk
2014-12-19 17:02:26 +01:00
9e53070598Update Readme.md
Dirk Wetter
2014-12-19 15:52:05 +01:00
c2ef5d1da8Update Readme.md
Dirk Wetter
2014-12-19 15:51:32 +01:00
521a7160a9- NEW: certificate info, details: - NEW: CN, SAN - NEW: OCSP URI - NEW: CRL distr point - NEW: Issuer - NEW: expiration - NEW: signature algo - renamed cmdline --simple_preference to --server_defaults - now we have a TEMPDIR where all files are written toA - function or handling/removing TMPFILE
Dirk
2014-12-18 09:33:24 +01:00
5d66eeef05Update Readme.md
Dirk Wetter
2014-12-09 14:25:38 +01:00
b40c0b7178- RELEASE: final 2.2 - change of cmd line order for STARTTLS - help more clear
Dirk
2014-12-08 10:32:51 +01:00
b3efb3c4b0- BUGFIX: potential stalling in HTTP Header query - BUGFIX: HTTP specific vuln. won't be checked if service is not http (we still check crime and also spdy => gmail has spdy for pop and imap) - Feature: service detection: HTTP, IMAP, POP, SMTP - alignment in rDNS output corrected - minor cleanup / improvements
Dirk
2014-11-30 01:30:20 +01:00
27f06f8d50- BUGFIX: BSD now has proper heartbleed and ccs injection detection - significant code improvement of hex-byte parser <-> socket sender - BUGFIX: BSD now doesn't put an extra \n if rfc map file is missing - bumped to 2.1rc3, hoping that'll be the last
Dirk
2014-11-27 21:33:33 +01:00
c034cd8a95- for colors: double square brackets (might save a fork to "[ or "test" - in terms of debugging cleaned up listciphers/std_cipherlists - in other terms too
Dirk
2014-11-25 13:12:24 +01:00
5228986b25Update Readme.md
Dirk Wetter
2014-11-24 16:43:11 +01:00
b242876597Merge pull request #37 from yurivict/master
Dirk Wetter
2014-11-24 15:16:42 +01:00
19f936beceFixed the problem when COLOR=0 caused 'printf' to break due to leading dashes interpreted as command line options.
Yuri
2014-11-22 12:15:47 -08:00
7cf2030c20Merge pull request #36 from PeterMosmans/bugfix
Dirk Wetter
2014-11-22 18:31:09 +01:00
c3ab016164Fixed minor redirection typo for 'which' command
Peter Mosmans
2014-11-22 12:57:36 +10:00
Dirk
Marc Schütz
NV
The Gitter Badger
Lars Windolf
Dirk
Yuri
Peter Mosmans