mirror of
				https://github.com/drwetter/testssl.sh.git
				synced 2025-10-25 14:00:59 +02:00 
			
		
		
		
	Merge branch 'master' into openss2rfc_rfc2openssl
This commit is contained in:
		
						commit
						42674ef2b8
					
				
							
								
								
									
										18
									
								
								Readme.md
									
									
									
									
									
								
							
							
						
						
									
										18
									
								
								Readme.md
									
									
									
									
									
								
							| @ -56,18 +56,18 @@ Done so far: | ||||
|   https://github.com/drwetter/testssl.sh/issues/11 | ||||
| * works on servers requiring a x509 certificate for authentication | ||||
| * SSL Session ID check | ||||
| * avahi/mDNS based name resolution | ||||
| * Avahi/mDNS based name resolution | ||||
| * HTTP2/ALPN protocol check | ||||
| * Logging to a file / dir | ||||
| * Logging to JSON + CSV | ||||
| * check for multiple server certificates | ||||
| * browser cipher simulation | ||||
| * assistance for color-blind users | ||||
| * Even more compatibility improvements for FreeBSD, RH-ish and F5 systems | ||||
| * Check for multiple server certificates | ||||
| * Browser cipher simulation | ||||
| * Assistance for color-blind users | ||||
| * Even more compatibility improvements for FreeBSD, RH-ish, F5 and Cisco systems | ||||
| * Considerable speed improvements for each cipher runs (-e/-E) | ||||
| * more robust socket interface | ||||
| * More robust socket interface | ||||
| * OpenSSL 1.1.0 compliant | ||||
| * whole number of busg squashed | ||||
| * Whole number of bugs squashed | ||||
| 
 | ||||
| Update notification here or @ [twitter](https://twitter.com/drwetter). | ||||
| 
 | ||||
| @ -89,8 +89,8 @@ Help is needed here. | ||||
| 
 | ||||
| #### Bug reports | ||||
| 
 | ||||
| Please file bugs in the issue tracker. Do not forget to provide detailed information, see https://github.com/drwetter/testssl.sh/wiki/Findings-and-HowTo-Fix-them#file-a-proper-bug-report | ||||
| Nobody can read your thoughts -- yet. | ||||
| Please file bugs in the issue tracker. Do not forget to provide detailed information, see https://github.com/drwetter/testssl.sh/wiki/Bug-reporting. (Nobody can read your thoughts  | ||||
| -- yet. And only agencies your screen) ;-) | ||||
| 
 | ||||
| ---- | ||||
| 
 | ||||
|  | ||||
| @ -336,16 +336,16 @@ xC0AC  TLS_ECDHE_ECDSA_WITH_AES_128_CCM | ||||
| xC0AD  TLS_ECDHE_ECDSA_WITH_AES_256_CCM  | ||||
| xC0AE  TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 | ||||
| xC0AF  TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 | ||||
| xCCA8  TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305 | ||||
| xCCA9  TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 | ||||
| xCCAA  TLS_DHE_RSA_WITH_CHACHA20_POLY1305 | ||||
| xCCAB  TLS_PSK_WITH_CHACHA20_POLY1305 | ||||
| xCCAC  TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305 | ||||
| xCCAD  TLS_DHE_PSK_WITH_CHACHA20_POLY1305 | ||||
| xCCAE  TLS_RSA_PSK_WITH_CHACHA20_POLY1305 | ||||
| xCC13  OLD_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 | ||||
| xCC14  OLD_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 | ||||
| xCC15  OLD_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 | ||||
| xCCA8  TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 | ||||
| xCCA9  TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 | ||||
| xCCAA  TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 | ||||
| xCCAB  TLS_PSK_WITH_CHACHA20_POLY1305_SHA256 | ||||
| xCCAC  TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 | ||||
| xCCAD  TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 | ||||
| xCCAE  TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256 | ||||
| xCC13  TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256_2013 | ||||
| xCC14  TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256_2013 | ||||
| xCC15  TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256_2013 | ||||
| xFEFE  SSL_RSA_FIPS_WITH_DES_CBC_SHA | ||||
| xFEFF  SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA | ||||
| xFFE0  SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA | ||||
|  | ||||
							
								
								
									
										15
									
								
								testssl.sh
									
									
									
									
									
								
							
							
						
						
									
										15
									
								
								testssl.sh
									
									
									
									
									
								
							| @ -3468,15 +3468,18 @@ certificate_info() { | ||||
|      fi | ||||
|      fileout "${json_prefix}cn" "$cnok" "$cnfinding" | ||||
| 
 | ||||
|      sans=$($OPENSSL x509 -in $HOSTCERT -noout -text 2>>$ERRFILE | grep -A3 "Subject Alternative Name" | grep "DNS:" | \ | ||||
|           sed -e 's/DNS://g' -e 's/ //g' -e 's/,/ /g' -e 's/othername:<unsupported>//g') | ||||
| #                                                       ^^^ CACert | ||||
|      sans=$($OPENSSL x509 -in $HOSTCERT -noout -text 2>>$ERRFILE | grep -A3 "Subject Alternative Name" | \ | ||||
|           egrep "DNS:|IP Address:|email:|URI:|DirName:|Registered ID:" | \ | ||||
|           sed -e 's/ *DNS://g' -e 's/ *IP Address://g' -e 's/ *email://g' -e 's/ *URI://g' -e 's/ *DirName://g' \ | ||||
|               -e 's/ *Registered ID://g' -e 's/,/\n/g' \ | ||||
|               -e 's/ *othername:<unsupported>//g' -e 's/ *X400Name:<unsupported>//g' -e 's/ *EdiPartyName:<unsupported>//g') | ||||
| #                   ^^^ CACert | ||||
|      out "$indent"; pr_bold " subjectAltName (SAN)         " | ||||
|      if [[ -n "$sans" ]]; then | ||||
|           for san in $sans; do | ||||
|                pr_dquoted "$san" | ||||
|           while read san; do | ||||
|                [[ -n "$san" ]] && pr_dquoted "$san" | ||||
|                out " " | ||||
|           done | ||||
|           done <<< "$sans" | ||||
|           fileout "${json_prefix}san" "INFO" "subjectAltName (SAN) : $sans" | ||||
|      else | ||||
|           out "-- " | ||||
|  | ||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user