testssl.sh-3.2.2-1.1 RPM for noarch

From OpenSuSE Ports Tumbleweed for noarch

testssl.sh is a free command line tool which checks a server's service on
any port for the support of TLS/SSL ciphers, protocols as well as some
cryptographic flaws.

Provides

• testssl.sh

Requires

• /usr/bin/bash
• bash >= 3.2
• bind-utils
• openssl
• rpmlib(CompressedFileNames) <= 3.0.4-1
• rpmlib(FileDigests) <= 4.6.0-1
• rpmlib(PayloadFilesHavePrefix) <= 4.0-1
• rpmlib(PayloadIsZstd) <= 5.4.18-1

License

GPL-2.0-or-later

Changelog

* Thu Sep 18 2025 Martin Hauke <mardnh@gmx.de>
  - Update to version 3.2.2
    * Modify grading for incomplete chain.
    * Add sectigo CA E46 and R46 for Linux.pem.
    * Make code2network() faster by using bash instead of tr.
    * Fix not working --disable-rating switch.
    * feat: bump ssllabs rating guide to 2009r.
    * Fix displayed message when IPv6 needs to be tested too.
    * Fix garbled screen when HTTP Age is not a non-negative int.
* Wed Jun 18 2025 Martin Hauke <mardnh@gmx.de>
  - Update to version 3.2.1
    * Add Android15 handshake simulation.
    * Fix missing line feed in run_breach() failure output.
    * Fix CCS injection regression.
    * Fix parser for server header.
    * Fix missing issuer CN.
    * Fix OPENSSL_CONF problem for OPENSSL2.
* Wed Apr 23 2025 Martin Hauke <mardnh@gmx.de>
  - Update to version 3.2.0
    * https://github.com/testssl/testssl.sh/blob/3.2/CHANGELOG.md
  - Update patch:
    * testssl.sh-2.9.95-set-install-dir.patch
* Wed Jul 24 2024 Martin Hauke <mardnh@gmx.de>
  - Update to version 3.0.9
    * Fix bash 5 issue when encountering a short server key extension
    * Fix HTML issue when using bash 5
    * CAA DNS records are now not being queried when nodns is set
    * MongoDB identification fix
    * Sanity check when user has broken umask to avoid runtime errors
    * Fix for newer grep versions
    * Address weird globbing in bash 3.0
    * Fix regexp in STARTTLS detection
    * Secure renegotiation fix: SNI
    * Ensure control chars from HTTP header don't end up in html,csv
      or json
    * Add sha1WithRSA to sha1WithRSAEncryption for certificates
    * Fix potential infinite loop in run_pfs()
* Mon Feb 26 2024 pgajdos@suse.com
  - Use %autosetup macro. Allows to eliminate the usage of deprecated
    %patchN
* Wed Sep 28 2022 Jeff Kowalczyk <jkowalczyk@suse.com>
  - Update to version 3.0.8
    * Fix grep 3.8 warnings on fgrep and unneeded escapes of hyphen, slash, space (Geert)
    * Fix alignment for cipher output (David)
    * News binaries (Darwin from Barry), carry now the appendix -bad and fixes a security problem.
    * Backport from higher OpenSSL version to support xmpp-server
    * Fix CT (David)
    * Fix decryption of TLS 1.3 response (David)
    * Upgrade Dockerfile to Alpine to 3.15
    * Fix pretty JSON formatting when warning is issued (David)
    * Update of certificate stores
    * Major update of client simulation (9 new simulations , >4 removed in default run)
    * Fix CRIME output on servers only supporting TLS 1.3 (Tomasz)
    * Fix censys link
    * Fix ome handshake problems w $OPENSSL ciphers, extend determine_optimal_sockets_params() to more
    * ciphers, fix PROTOS_OFFERED (David)
    * Relax STARTTLS FTP requirement so that it doesn't require TLS after AUTH
    * Fix run_server_preference() with no default protocol (David)
    * Fix getting CRL / NO_SESSION_ID under some circumstances (David)
    * Improve/fix OpenSSL 3.0 compatibility (David)
    * Fix formatting to documentation
    * Add FFDHE groups to supported_groups (David)
    * Include RSA-PSS in ClientHello (David)
  - Requires: bind-utils for required tools dig, host and nslookup
* Sat Aug 13 2022 Jeff Kowalczyk <jkowalczyk@suse.com>
  - Update to version 3.0.7
    * Fix "ID resumption test failed" bug under Darwin
    * Fix "locale error message when en_US.UTF-8 isn't available" bug
    * Fix "Darwin / LibreSSL startup problem" which leads to a question upfront
    * Make upfront handshake tests more compatible by adding </dev/null
    * Take 'HTTP Age' HTTP header into account when determine HTTP time
    * Fix JSON header (structured JSON output) name
    * Robustness: Update reset_hostdepended_vars() for mass tests
    * Simplify determination of git stuff
    * Fix "newline to spaces" in JSON and CSV findings
    * Fix "Bad file descriptor with --connect-timeout option"
    * SSLv2 fixes, OpenSSL fixes 3.X
    * Improve cipher_pref_check() for detecting prioritization of ChaCha ciphers
    * Simplify + speed up pre-check
    * Addressing lame DNS responses on WSL
    * Fix big serial # issue in certs
    * Fix invalid JSON when certificate issuer containing non-ASCII chars
* Sun Oct 03 2021 Martin Hauke <mardnh@gmx.de>
  - Update to version 3.0.6
    * Bugfix: Remove DST x3 Root CA which lead to trust issues for
      servers using a Letsencrypt certificate (Miguel Jacq)
    * Bugfix: Newer openssl.cnf break detection of openssl binary
    * Documenation update to reflect renaming standard ciphers to
      cipher categories
    * Ignore usage of ~/.digrc where possible
    * Fixing host information in JSON output when using STARTTLS
      XMPP
    * TLS 1.3 improvements wrt server certificates
    * Bugfix: Order of -U --ids-friendly doesn't matter anymore
    * Disable ANSI codes when TERM=screen
    * Improved SSL/TLS port detection in nmap greppable files
      using as input to testssl.sh
    * Bugfix when nmap files had .txt extension
    * Display certficate time in UTC
    * Use _uname -n`` instead of hostname --> POSIX
    * Few output fixes
* Mon May 10 2021 Martin Hauke <mardnh@gmx.de>
  - Update to version 3.0.5
    * Fix off by one error in HSTS (now: 180 instead of 179 days)
    * Fix minor output inconsistency in JSON output (Chad)
    * Improve compatibility for OpenSSL 3.0 (David Cooper)
    * Fix localization issue for ciphers where e.g. in Swedish W is
      being treated as a variant of V so that the W in
      TLS_ECDHE_RSA_WITH* didn't match the bash pattern
    * Fixes in file openssl-iana.mapping.html (Elfranne)
    * Fix quoting for CVE+JSON output in run_heartbleed()
    * Fix trailing dot issue in hostnames
    * Fix improper proper halving of the dates for Let's Encrypt
      certificates
* Thu Nov 26 2020 Matthias Fehring <buschmann23@opensuse.org>
  - Update to version 3.0.4
    * This version is a quick fix for a regression of detecting SSLv2
      ciphers in a basic function.

Files

/usr/bin/testssl.sh
/usr/share/doc/packages/testssl.sh
/usr/share/doc/packages/testssl.sh/CHANGELOG.md
/usr/share/doc/packages/testssl.sh/CREDITS.md
/usr/share/doc/packages/testssl.sh/Readme.md
/usr/share/licenses/testssl.sh
/usr/share/licenses/testssl.sh/LICENSE
/usr/share/man/man1/testssl.sh.1.gz
/usr/share/testssl-sh
/usr/share/testssl-sh/etc
/usr/share/testssl-sh/etc/Apple.pem
/usr/share/testssl-sh/etc/DST Root CA X3.txt
/usr/share/testssl-sh/etc/Java.pem
/usr/share/testssl-sh/etc/Linux.pem
/usr/share/testssl-sh/etc/Microsoft.pem
/usr/share/testssl-sh/etc/Mozilla.pem
/usr/share/testssl-sh/etc/README.md
/usr/share/testssl-sh/etc/SSLSocketClient.java
/usr/share/testssl-sh/etc/ca_hashes.txt
/usr/share/testssl-sh/etc/cipher-mapping.txt
/usr/share/testssl-sh/etc/client-simulation.txt
/usr/share/testssl-sh/etc/client-simulation.wiresharked.md
/usr/share/testssl-sh/etc/client-simulation.wiresharked.txt
/usr/share/testssl-sh/etc/common-primes.txt
/usr/share/testssl-sh/etc/curves-mapping.txt
/usr/share/testssl-sh/etc/curves.txt
/usr/share/testssl-sh/etc/openssl.cnf
/usr/share/testssl-sh/etc/tls_data.txt

Generated by rpm2html 1.8.1

Fabrice Bellet, Sun Nov 2 22:37:57 2025