Testssl.sh Versions Save

While a few minor things are planned for the 3.2 final version here's a release of our RC which includes a log of fixes and at least the following improvements over 3.0.x:

• Rating (SSL Labs only at the moment)
• Extend Server (cipher) preference: always now in wide mode instead of running all ciphers in the end (per default)
• Remove "negotiated cipher / protocol"
• Provide a better verdict wrt to server order: Now per protocol and ciphers are weighted for each protocol
• Switched to multi-stage docker image with opensuse base to avoid musl libc issues, performance gain also
• Improved compatibility with OpenSSL 3.0
• Improved compatibility with Open/LibreSSL versions not supporting TLS 1.0-1.1 anymore
• Renamed PFS/perfect forward secrecy --> FS/forward secrecy
• Cipher list straightening
• Improved mass testing
• Better align colors of ciphers with standard cipherlists
• Save a few cycles for ROBOT
• Several ciphers more colorized
• Percent output char problem fixed
• Several display/output fixes
• BREACH check: list all compression methods and add brotli
• Test for old winshock vulnerability
• Test for STARTTLS injection vulnerabilities (SMTP, POP3, IMAP)
• STARTTLS: XMPP server support, plus new set of OpenSSL-bad binaries
• Several code improvements to STARTTLS, also better detection when no STARTTLS is offered
• STARTTLS on active directory service support
• Security fixes: DNS and other input from servers
• Don't penalize missing trust in rating when CA not in Java store
• Added support for certificates with EdDSA signatures and public keys
• Extract CA list shows supported certification authorities sent by the server
• TLS 1.2 and TLS 1.3 sig algs added
• Check for ffdhe groups
• Show server supported signature algorithms
• --add-ca can also now be a directory with *.pem files
• Warning of 398 day limit for certificates issued after 2020/9/1
• Added environment variable for amount of attempts for ssl renegotiation check
• Added --user-agent argument to support using a custom User Agent
• Added --overwrite argument to support overwriting output files without warning
• Headerflag X-XSS-Protection is now labeled as INFO
• Strict parser for HSTS
• DNS via proxy improvements
• Client simulation runs in wide mode which is even better readable
• Added --reqheader to support custom headers in HTTP requests
• Test for support for RFC 8879 certificate compression
• Deprecating --fast and --ssl-native (warning but still av)
• Compatible to GNU grep 3.8
• Don't use external pwd command anymore
• Doesn't hang anymore when there's no local resolver

Thanks to all who contributed! See CREDITS.md file.

You are encouraged to switch to 3.2.

• Fix grep 3.8 warnings on fgrep and unneeded escapes of hyphen, slash, space (Geert)
• Fix alignment for cipher output (David)
• News binaries (Darwin from Barry), carry now the appendix -bad and fixes a security problem. Backport from higher OpenSSL version to support xmpp-server
• Fix CT (David)
• Fix decryption of TLS 1.3 response (David)
• Upgrade Dockerfile to Alpine to 3.15
• Fix pretty JSON formatting when warning is issued (David)
• Update of certificate stores
• Major update of client simulation (9 new simulations , >4 removed in default run)
• Fix CRIME output on servers only supporting TLS 1.3 (Tomasz)
• Fix censys link
• Fix some handshake problems w $OPENSSL ciphers, extend determine_optimal_sockets_params() to more ciphers, fix PROTOS_OFFERED (David)
• Relax STARTTLS FTP requirement so that it doesn't require TLS after AUTH
• Fix run_server_preference() with no default protocol (David)
• Fix getting CRL / NO_SESSION_ID under some circumstances (David)
• Improve/fix OpenSSL 3.0 compatibility (David)
• Fix formatting to documentation
• Add FFDHE groups to supported_groups (David)
• Include RSA-PSS in ClientHello (David)

You are encouraged to switch to 3.2 as this might be the latest maintenance release. Especially distributions.

• Fix "ID resumption test failed" bug under Darwin
• Fix "locale error message when en_US.UTF-8 isn't available" bug
• Fix "Darwin / LibreSSL startup problem" which leads to a question upfront
• Make upfront handshake tests more compatible by adding </dev/null (David)
• Take 'HTTP Age' HTTP header into account when determine HTTP time (Wahnes)
• Fix JSON header (structured JSON output) name (David)
• Robustness: Update reset_hostdepended_vars() for mass tests (David)
• Simplify determination of git stuff (Matthias)
• Fix "newline to spaces" in JSON and CSV findings (David)
• Fix "Bad file descriptor with --connect-timeout option"
• SSLv2 fixes, OpenSSL fixes 3.X (David)
• Improve cipher_pref_check() for detecting prioritization of ChaCha ciphers
• Simplify + speed up pre-check
• Addressing lame DNS responses on WSL
• Fix big serial # issue in certs
• Fix invalid JSON when certificate issuer containing non-ASCII chars

• Bugfix: Remove DST x3 Root CA which lead to trust issues for servers using a Letsencrypt certificate (Miguel Jacq)
• Bugfix: Newer openssl.cnf break detection of openssl binary
• Codespell introduction and implementation for GHA CI (Dimitri Papadopoulo)
• Documenation update to reflect renaming standard ciphers to cipher categories
• Ignore usage of ~/.digrc where possible
• Fixing host information in JSON output when using STARTTLS XMPP (David Cooper)
• Migration off travis-ci.org to Github actions (GHA) (Mikel Olasagasti Uranga)
• Use GHA to build Docker images (Jauder Ho)
• TLS 1.3 improvements wrt server certificates (David Cooper)
• Bugfix: Order of -U --ids-friendly doesn't matter anymore
• Disable ANSI codes when TERM=screen
• Upgrade docker base image to Alpine 3.12
• Improved SSL/TLS port detection in nmap greppable files using as input to testssl.sh
• Bugfix when nmap files had .txt extension
• Display certficate time in UTC
• Use _uname -n`` instead of hostname --> POSIX (Geert Hendrickx)
• Few output fixes (David Cooper / myself)

This is the final release of 3.0.

After making several RCs it's now time to do a release. Here are the major changes with respect to 2.9.5:

• Full support of TLS 1.3, shows also drafts supported
• Extended protocol downgrade checks
• ROBOT check
• Better TLS extension support
• Better OpenSSL 1.1.1 and higher versions support as well as LibreSSL >3
• More robustness for OpenBSD
• DNS over Proxy and other proxy improvements
• Decoding of unencrypted BIG IP cookies
• Initial client certificate support
• Warning of 825 day limit for certificates issued after 2018/3/1
• Socket timeouts (--connect-timeout)
• IDN/IDN2 servername/URI + emoji support, supposed libidn/idn2 is installed and DNS resolver is recent) support
• Initial support for certificate compression
• Better JSON output: renamed IDs and findings shorter/better parsable, also includes certficate
• JSON output now valid also for non-responding servers
• Testing now per default 370 ciphers
• Further improving the robustness of TLS sockets (sending and parsing)
• Support of supplying timeout value for openssl connect -- useful for batch/mass scanning
• File input for serial or parallel mass testing can be also in nmap grep(p)able (-oG) format
• LOGJAM: now checking also for DH and FFDHE groups (TLS 1.2)
• PFS: Display of elliptical curves supported, DH and FFDHE groups (TLS 1.2 + TLS 1.3)
• Check for session resumption (Ticket, ID)
• TLS Robustness check GREASE and more
• Server preference distinguishes between TLS 1.3 and lower protocols
• Mark TLS 1.0 and TLS 1.1 as deprecated
• Does a few startup checks which make later tests easier and faster (determine_optimal_\*())
• Expect-CT header detection
• --phone-out does certificate revocation checks via OCSP (LDAP+HTTP) and with CRL
• --phone-out checks whether the private key has been compromised via https://pwnedkeys.com/
• Missing SAN warning
• Added support for private CAs
• Way better handling of connectivity problems (counting those, if threshold exceeded -> bye)
• Fixed TCP fragmentation
• Added --ids-friendly switch
• Exit codes better: 0 for running without error, 1+n for small errors, >240 for major errors.
• Better error msg suppression (not fully installed OpenSSL)
• Better parsing of HTTP headers & better output of longer HTTP headers
• Display more HTTP security headers
• HTTP Basic Auth support for HTTP header
• experimental "eTLS" detection
• Dockerfile and repo @ docker hub with that file (see above)
• Java Root CA store added
• Better support for XMPP via STARTTLS & faster
• Certificate check for to-name in stream of XMPP
• Support for NNTP and LMTP via STARTTLS, fixes for MySQL and PostgresQL
• Support for SNI and STARTTLS
• More robustness for any STARTTLS protocol (fall back to plaintext while in TLS caused problems)
• Renegotiation checks improved, also no false potive for Node.js anymore
• Major update of client simulations with self-collected up-to-date data
• Update of CA certificate stores
• Lots of bug fixes
• More travis/CI checks -- still place for improvements
• Bigger man page review

Each release candidate actually brought a load of improvements.

If you like this program we would appreciate donations (see https://testssl.sh/#donations) for a coffee, beer, wine, single malt -- or if you just say "Thank you". This keeps us motivated further continuing the development.

"Us" is mainly David Cooper, without him the program haven not been boldy going where it is now and myself. Also we received a lot of contributions for which are very thankful for. Please keep on contributing!

Legal disclaimer: This program is licensed under GPLv2. Please note also that if you're using the program for a paid or free public service you need mention where you got this program from.

Another maintenance release of the stable branch 3.0 with the following changes:

• Fix off by one error in HSTS (now: 180 instead of 179 days)
• Fix minor output inconsistency in JSON output (Chad)
• Improve compatibility for OpenSSL 3.0 (David Cooper)
• Fix localization issue for ciphers where e.g. in Swedish W is being treated as a variant of V so that the W in TLS_ECDHE_RSA_WITH* didn't match the bash pattern
• Fixes in file openssl-iana.mapping.html (Elfranne)
• Fix quoting for CVE+JSON output in run_heartbleed()
• Fix trailing dot issue in hostnames
• Fix improper proper halving of the dates for Let's Encrypt certificates
• Documentation update for docker

Details see git log.

This version is a quick fix for a regression of detecting SSLv2 ciphers in a basic function. Please upgrade.

Details see git log.

Please use 3.0.4. instead

Another maintenance release of the stable branch 3.0 with the following changes:

• Update certificate stores
• manpage fix (Karl)
• minor speedups for some vulnerability tests
• bash 5.1 fix
• Secure Client-Initiated Renegotiation false positive fix
• BREACH is now medium
• invalid JSON fix and other JSON improvements (David)
• Adding native Android 7 handshake instead of Chrome which has TLS 1.3 (Christoph)
• Header flag X-XSS-Protection is now labled as INFO
• No cyan colors in HHHTP header flags anymore, colons added
• Dockerfile improvments

Details see git log.

This is another bugfix release of the stable branch 3.0 with roughly the following changes:

• Remove potential licensing conflicts (Dirk)
• Fix situations when TLS 1.3 is used for Ticketbleed check (David)
• Improved compatibility with LibreSSL 3.0 (David)
• Add brotil compression to BREACH (Dirk)
• Faster and more robust XMPP STARTTLS handshakes (Dirk)
• More robust STARTTLS handshakes (David)
• Fix Dockerfile (Dirk)
• Fix outputs, sometimes misleading (David, Dirk)

Details see git log.

This is a bugfix release of the stable branch 3.0 with roughly the following changes:

• Fix hang in BEAST check when there are ciphers starting with SSL_* but which are no SSLv2 cipher (David)
• Fix bug in setting DISPLAY_CIPHERNAMES when $CIPHERS_BY_STRENGTH_FILE is not a/v. (David)
• Fix basic auth LF problem (Manuel)
• Fix printing percent chars (David)
• Fix minor HTML generation bug (David)
• Fix security bug: sanitizing DNS input (Dirk)
• make --ids-friendly work again (Dirk)
• Update sneaky user agent (Dirk)
• Update links in code comments (Jaroslav)
• Cosmetic code updates (David, Dirk)
• Fix output bug when >1 PTR records returned (Dirk)
• More output fixes (David, Dirk)

Details see git log.