Update upstream source from tag 'upstream/2.0.0_beta6'
Update to upstream version '2.0.0~beta6'
with Debian dir eca676aec03e775e257ccf3f64f1df1a56400138
Sophie Brun
3 years ago
0 | 0 |
Changelog
|
1 | 1 |
=========
|
|
2 |
Version: 2.0.0-beta6
|
|
3 |
Date : 02/07/2020
|
|
4 |
Author : rbsec <[email protected]>
|
|
5 |
Changes: The following are a list of changes
|
|
6 |
> Report servers that accept any signature algorithm in the XML
|
|
7 |
|
|
8 |
Version: 2.0.0-beta5
|
|
9 |
Date : 30/06/2020
|
|
10 |
Author : rbsec <[email protected]>
|
|
11 |
Changes: The following are a list of changes
|
|
12 |
> Remove the "Signature Algorithm:" text and spacing from the XML.
|
|
13 |
|
2 | 14 |
Version: 2.0.0-beta4
|
3 | 15 |
Date : 10/06/2020
|
4 | 16 |
Author : rbsec <[email protected]>
|
24 | 24 |
* `short` for the default output.
|
25 | 25 |
* `full` for when `--show-certificate` is used.
|
26 | 26 |
* There will potentially be more than one certificate of each type returned on servers that have multiple certificates with different signature algorithms (see discussion in issue [#208](https://github.com/rbsec/sslscan/issues/208)).
|
|
27 |
* The `<signature-algorithm>` element in a `<certificate>` no longer contains the "Signature Algorithm:" prefix, or the spacing and newline.
|
27 | 28 |
|
28 | 29 |
If you are using the XML output, then you may need to make changes to your parser.
|
29 | 30 |
|
1976 | 1976 |
|
1977 | 1977 |
if (options->xmlOutput)
|
1978 | 1978 |
{
|
1979 | |
printf_xml(" <signature-algorithm>");
|
1980 | |
X509_signature_print(fileBIO, palg, NULL);
|
1981 | |
printf_xml("</signature-algorithm>\n");
|
|
1979 |
printf_xml(" <signature-algorithm>%s</signature-algorithm>\n", certAlgorithm);
|
1982 | 1980 |
}
|
1983 | 1981 |
}
|
1984 | 1982 |
|
|
5742 | 5740 |
/* If the server accepted our bogus signature ID, then we can conclude that it will accept all of them (and not test any further). Some servers in the wild do this for some reason... */
|
5743 | 5741 |
if (sig_id == BOGUS_SIG_ALG_ID) {
|
5744 | 5742 |
printf("%s%s Server accepts all signature algorithms.%s\n", getPrintableTLSName(tls_version), COL_YELLOW, RESET);
|
|
5743 |
printf_xml(" <connection-signature-algorithm sslversion=\"%s\" name=\"ANY\" id=\"0xfdff\" />\n", getPrintableTLSName(tls_version));
|
5745 | 5744 |
goto done;
|
5746 | 5745 |
} else {
|
5747 | 5746 |
printf("%s %s%s%s\n", getPrintableTLSName(tls_version), color, sig_name, RESET);
|