From 52a089b6ae997d92458401e7cd4ac3c8a2216a5b Mon Sep 17 00:00:00 2001 From: Mauri Miettinen Date: Mon, 1 Aug 2016 13:00:54 +0300 Subject: [PATCH] Added missing results --- stubs/FSharp-net/results.txt | 100 +++++++---------------------------- stubs/c-openssl/results.txt | 87 +++++++----------------------- stubs/cSharp-Net/results.txt | 100 +++++++---------------------------- stubs/go-nethttp/results.txt | 13 ++--- stubs/vb-net/results.txt | 99 +++++++--------------------------- 5 files changed, 87 insertions(+), 312 deletions(-) diff --git a/stubs/FSharp-net/results.txt b/stubs/FSharp-net/results.txt index 22196f2..91c9552 100644 --- a/stubs/FSharp-net/results.txt +++ b/stubs/FSharp-net/results.txt @@ -1,81 +1,21 @@ -``` -Mono JIT compiler version 4.5.2 -F# Compiler for F# 4.1 - -Do not use old compilers if it is not required for some reason. -For example Mono JIT compiler version 4.2.1 which is the currently (7.20.2016) default version -when installed using apt-get FAILS the expired certificate test. - -``` - -``` - platform: Linux (Ubuntu 16.04) -runner: trytls 0.1.0 (CPython 2.7.12, OpenSSL 1.0.2g-fips) -stub: FSharp-Net 'Run.exe' - PASS expired certificate [reject expired.badssl.com:443] - PASS wrong hostname in certificate [reject wrong.host.badssl.com:443] - PASS self-signed certificate [reject self-signed.badssl.com:443] - PASS SHA-256 signature [accept sha256.badssl.com:443] - FAIL 1000 subjectAltNames [accept 1000-sans.badssl.com:443] - PASS incomplete chain of trust [reject incomplete-chain.badssl.com:443] - PASS Superfish CA [reject superfish.badssl.com:443] - PASS eDellRoot CA [reject edellroot.badssl.com:443] - PASS DSDTestProvider CA [reject dsdtestprovider.badssl.com:443] - PASS protect against an OS X vulnerability [reject www.ssllabs.com:10443] - PASS protect against the FREAK attack [reject www.ssllabs.com:10444] - PASS protect against the Logjam attack [reject www.ssllabs.com:10445] - SKIP valid localhost certificate [accept localhost:36162] - SKIP invalid localhost certificate [reject localhost:44585] - SKIP use only the given CA bundle, not system's [reject sha256.badssl.com:443] - -``` - -``` - -platform: Linux (Ubuntu 16.04) -runner: simplerunner -stub: FSharp-Net 'Run.exe' - -[F#-Net][ PASS ][ACCEPT][ Valid cert ][google.com] - -[F#-Net][ PASS ][REJECT][ dh480 ][dh480.badssl.com] -[F#-Net][ PASS ][REJECT][ dsdtestprovider ][dsdtestprovider.badssl.com] -[F#-Net][ PASS ][REJECT][ edellroot ][edellroot.badssl.com] -[F#-Net][ PASS ][REJECT][ expired ][expired.badssl.com] -[F#-Net][ PASS ][REJECT][ self-signed ][self-signed.badssl.com] -[F#-Net][ PASS ][REJECT][ superfish ][superfish.badssl.com] -[F#-Net][ PASS ][REJECT][ untrusted-root ][untrusted-root.badssl.com] -[F#-Net][ PASS ][REJECT][ wrong host ][wrong.host.badssl.com] -[F#-Net][ PASS ][ACCEPT][ sha-256 ][sha256.badssl.com] -[F#-Net][ PASS ][ACCEPT][ supports SNI ][badssl.com] -[F#-Net][ OK? ][ UNSUPPORTED ][ disable ca-bundles ][badssl.com] -[F#-Net][ OK? ][REJECT][ dh1024 ][dh1024.badssl.com] -[F#-Net][ OK? ][REJECT][ dh-small-subgroup ][dh-small-subgroup.badssl.com] -[F#-Net][ OK? ][REJECT][ incomplete-chain ][incomplete-chain.badssl.com] -[F#-Net][ OK? ][REJECT][ mozilla-intermediate ][mozilla-intermidiate.badssl.com] -[F#-Net][ OK? ][REJECT][ mozilla-modern ][mozilla-modern.badssl.com] -[F#-Net][ OK? ][REJECT][ subdomain.preloaded-hsts ][subdomain.preloaded-hsts.badssl.com] -[F#-Net][ OK? ][ACCEPT][ cbc ][cbc.badssl.com] -[F#-Net][ OK? ][ACCEPT][ hsts ][hsts.badssl.com] -[F#-Net][ OK? ][ACCEPT][ mixed ][mixed.badssl.com] -[F#-Net][ OK? ][ACCEPT][ mixed-favicon ][mixed-favicon.badssl.com] -[F#-Net][ OK? ][ACCEPT][ mixed-script ][mixed-script.badssl.com] -[F#-Net][ OK? ][ACCEPT][ mozilla-old ][mozilla-old.badssl.com] -[F#-Net][ OK? ][ACCEPT][ pinning-test ][pinning-test.badssl.com] -[F#-Net][ OK? ][ACCEPT][ preloaded-hsts ][preloaded-hsts.badssl.com] -[F#-Net][ OK? ][ACCEPT][ rc4 ][rc4.badssl.com] -[F#-Net][ OK? ][ACCEPT][ rsa8192 ][rsa8192.badssl.com] -[F#-Net][ OK? ][ACCEPT][ sha1-2016 ][sha1-2016.badssl.com] -[F#-Net][ OK? ][ACCEPT][ sha1-2017 ][sha1-2017.badssl.com] -[F#-Net][ OK? ][ACCEPT][ upgrade ][upgrade.badssl.com] -[F#-Net][ OK? ][ACCEPT][ very ][very.badssl.com] -[F#-Net][ FAIL ][REJECT][ 10000-sans (Bad in ten years) ][10000-sans.badssl.com] -[F#-Net][ FAIL ][REJECT][ 1000-sans ][1000-sans.badssl.com] -[F#-Net][ FAIL ][REJECT][ dh2048 ][dh2048.badssl.com] - -[F#-Net][ PASS ][REJECT][ OS X vulnerability ][www.ssllabs.com] -[F#-Net][ PASS ][REJECT][ Freak ][www.ssllabs.com] -[F#-Net][ PASS ][REJECT][ Logjam ][www.ssllabs.com] - -``` +runner: trytls 0.2.0 (CPython 2.7.12, OpenSSL 1.1.0-pre6-dev) +stub: mono 'Run.exe' +PASS support for TLS server name indication (SNI) [accept badssl.com:443] +PASS expired certificate [reject expired.badssl.com:443] +PASS wrong hostname in certificate [reject wrong.host.badssl.com:443] +PASS self-signed certificate [reject self-signed.badssl.com:443] +PASS SHA-256 signature [accept sha256.badssl.com:443] +FAIL 1000 subjectAltNames [accept 1000-sans.badssl.com:443] +PASS incomplete chain of trust [reject incomplete-chain.badssl.com:443] +PASS Superfish CA [reject superfish.badssl.com:443] +PASS eDellRoot CA [reject edellroot.badssl.com:443] +PASS DSDTestProvider CA [reject dsdtestprovider.badssl.com:443] +PASS protect against Apple's TLS vulnerability CVE-2014-1266 [reject www.ssllabs.com:10443] +PASS protect against the FREAK attack [reject www.ssllabs.com:10444] +PASS protect against the Logjam attack [reject www.ssllabs.com:10445] +PASS protect against FREAK attack (test server 1) [reject cve.freakattack.com:443] +PASS protect against FREAK attack (test server 2) [reject cve2.freakattack.com:443] +SKIP valid localhost certificate [accept localhost:45876] +SKIP invalid localhost certificate [reject localhost:41046] +SKIP use only the given CA bundle, not system's [reject sha256.badssl.com:443] diff --git a/stubs/c-openssl/results.txt b/stubs/c-openssl/results.txt index 6fc7924..54598c2 100644 --- a/stubs/c-openssl/results.txt +++ b/stubs/c-openssl/results.txt @@ -1,68 +1,21 @@ -``` -openssl: OpenSSL 1.1.0-pre6-dev -gcc (Ubuntu 5.4.0-6ubuntu1~16.04.1) 5.4.0 20160609 - platform: Linux (Ubuntu 16.04) -runner: bashtls -stub: c-openssl -``` - -``` -[c-openssl][ PASS ][ACCEPT][ Valid cert ][google.com] -[c-openssl][ PASS ][REJECT][ OS X vulnerability ][www.ssllabs.com] -[c-openssl][ PASS ][REJECT][ Freak ][www.ssllabs.com] -[c-openssl][ PASS ][REJECT][ Logjam ][www.ssllabs.com] -[c-openssl][ PASS ][ACCEPT][ supports SNI ][badssl.com] -[c-openssl][ PASS ][REJECT][ expired ][expired.badssl.com] -[c-openssl][ PASS ][REJECT][ wrong host ][wrong.host.badssl.com] -[c-openssl][ PASS ][REJECT][ self-signed ][self-signed.badssl.com] -[c-openssl][ PASS ][ACCEPT][ sha-256 ][sha256.badssl.com] -[c-openssl][ PASS ][ACCEPT][ 1000-sans ][1000-sans.badssl.com] -[c-openssl][ FAIL ][REJECT][ 10000-sans (Bad in ten years) ][10000-sans.badssl.com] -[c-openssl][ PASS ][REJECT][ incomplete-chain ][incomplete-chain.badssl.com] -[c-openssl][ OK? ][ACCEPT][ pinning-test ][pinning-test.badssl.com] -[c-openssl][ PASS ][REJECT][ superfish ][superfish.badssl.com] -[c-openssl][ PASS ][REJECT][ edellroot ][edellroot.badssl.com] -[c-openssl][ PASS ][REJECT][ dsdtestprovider ][dsdtestprovider.badssl.com] -[c-openssl][ PASS ][REJECT][ disable ca-bundles ][badssl.com] -[c-openssl][ PASS ][REJECT][ correct cn, wrong san ][localhost] -[c-openssl][ PASS ][REJECT][ expired cert ][localhost] -[c-openssl][ PASS ][REJECT][ sslv2 supported ][localhost] -[c-openssl][ PASS ][REJECT][ sslv3 supported ][localhost] -[c-openssl][ PASS ][REJECT][ supports 'ADH' ][localhost] -[c-openssl][ PASS ][REJECT][ supports 'AECDH' ][localhost] -[c-openssl][ PASS ][REJECT][ supports 'AECDH' ][localhost] -[c-openssl][ PASS ][REJECT][ supports 'DES' ][localhost] -[c-openssl][ PASS ][REJECT][ supports 'ECDSA' ][localhost] -[c-openssl][ PASS ][REJECT][ supports 'insecure' ciphers ][localhost] -[c-openssl][ PASS ][REJECT][ supports 'MD5' ][localhost] -[c-openssl][ PASS ][REJECT][ supports 'NULL' ][localhost] -[c-openssl][ PASS ][REJECT][ supports 'RC4' ][localhost] -[c-openssl][ PASS ][REJECT][ wrong hostname ][localhost] -[c-openssl][ PASS ][ACCEPT][ correct cert ][localhost] -[c-openssl][ PASS ][ACCEPT][ supports '3DES' ][localhost] -[c-openssl][ PASS ][ACCEPT][ supports 'AES' ][localhost] -[c-openssl][ PASS ][ACCEPT][ supports 'AES128' ][localhost] -[c-openssl][ PASS ][ACCEPT][ supports 'AES256' ][localhost] -[c-openssl][ PASS ][ACCEPT][ supports 'DH' ][localhost] -[c-openssl][ PASS ][ACCEPT][ supports 'ECDH' ][localhost] -[c-openssl][ PASS ][ACCEPT][ supports 'EDH' ][localhost] -[c-openssl][ PASS ][ACCEPT][ supports high(>128 bit) 'secure' ciphers ][localhost] -[c-openssl][ PASS ][ACCEPT][ supports 'RSA' ][localhost] -[c-openssl][ PASS ][ACCEPT][ supports 'SHA' ][localhost] -[c-openssl][ PASS ][ACCEPT][ supports 'SHA256' ][localhost] -[c-openssl][ PASS ][ACCEPT][ supports 'SHA384' ][localhost] -[c-openssl][ PASS ][ACCEPT][ supports ssl in at least some level ][localhost] -[c-openssl][ PASS ][ACCEPT][ tlsv1.1 supported ][localhost] -[c-openssl][ PASS ][ACCEPT][ tlsv1.2 supported ][localhost] -[c-openssl][ PASS ][ACCEPT][ tlsv1 supported ][localhost] -[c-openssl][ OK? ][REJECT][ supports 'DSS' ][localhost] -[c-openssl][ OK? ][REJECT][ supports 'ECDSA' ][localhost] -[c-openssl][ OK? ][REJECT][ supports medium(~128 bit) 'secure' ciphers ][localhost] -[c-openssl][ OK? ][REJECT][ supports 'PSK' ][localhost] -[c-openssl][ OK? ][REJECT][ supports 'SEED' ][localhost] -[c-openssl][ OK? ][REJECT][ supports 'SRP' ][localhost] -[c-openssl][ OK? ][ACCEPT][ correct cn, no san ][localhost] -[c-openssl][ FAIL ][REJECT][ supports 'CAMELLIA128' ][localhost] -[c-openssl][ FAIL ][REJECT][ supports 'CAMELLIA256' ][localhost] -``` +runner: trytls 0.2.0 (CPython 2.7.12, OpenSSL 1.1.0-pre6-dev) +stub: './run' +SKIP support for TLS server name indication (SNI) [accept badssl.com:443] +SKIP expired certificate [reject expired.badssl.com:443] +SKIP wrong hostname in certificate [reject wrong.host.badssl.com:443] +SKIP self-signed certificate [reject self-signed.badssl.com:443] +SKIP SHA-256 signature [accept sha256.badssl.com:443] +SKIP 1000 subjectAltNames [accept 1000-sans.badssl.com:443] +SKIP incomplete chain of trust [reject incomplete-chain.badssl.com:443] +SKIP Superfish CA [reject superfish.badssl.com:443] +SKIP eDellRoot CA [reject edellroot.badssl.com:443] +SKIP DSDTestProvider CA [reject dsdtestprovider.badssl.com:443] +SKIP protect against Apple's TLS vulnerability CVE-2014-1266 [reject www.ssllabs.com:10443] +SKIP protect against the FREAK attack [reject www.ssllabs.com:10444] +SKIP protect against the Logjam attack [reject www.ssllabs.com:10445] +SKIP protect against FREAK attack (test server 1) [reject cve.freakattack.com:443] +SKIP protect against FREAK attack (test server 2) [reject cve2.freakattack.com:443] +PASS valid localhost certificate [accept localhost:36226] +PASS invalid localhost certificate [reject localhost:32865] +PASS use only the given CA bundle, not system's [reject sha256.badssl.com:443] diff --git a/stubs/cSharp-Net/results.txt b/stubs/cSharp-Net/results.txt index 6f07edb..fd7db95 100644 --- a/stubs/cSharp-Net/results.txt +++ b/stubs/cSharp-Net/results.txt @@ -1,81 +1,21 @@ -``` -Mono JIT compiler version 4.5.2 -Mono C# compiler version 4.5.2.0 - -Do not use old compilers if it is not required for some reason. -For example Mono JIT compiler version 4.2.1 which is the currently (7.20.2016) default version -when installed using apt-get FAILS the expired certificate test. - -``` - -``` - platform: Linux (Ubuntu 16.04) -runner: trytls 0.1.0 (CPython 2.7.12, OpenSSL 1.0.2g-fips) -stub: cSharp-Net 'Run.exe' - PASS expired certificate [reject expired.badssl.com:443] - PASS wrong hostname in certificate [reject wrong.host.badssl.com:443] - PASS self-signed certificate [reject self-signed.badssl.com:443] - PASS SHA-256 signature [accept sha256.badssl.com:443] - FAIL 1000 subjectAltNames [accept 1000-sans.badssl.com:443] - PASS incomplete chain of trust [reject incomplete-chain.badssl.com:443] - PASS Superfish CA [reject superfish.badssl.com:443] - PASS eDellRoot CA [reject edellroot.badssl.com:443] - PASS DSDTestProvider CA [reject dsdtestprovider.badssl.com:443] - PASS protect against an OS X vulnerability [reject www.ssllabs.com:10443] - PASS protect against the FREAK attack [reject www.ssllabs.com:10444] - PASS protect against the Logjam attack [reject www.ssllabs.com:10445] - SKIP valid localhost certificate [accept localhost:36162] - SKIP invalid localhost certificate [reject localhost:44585] - SKIP use only the given CA bundle, not system's [reject sha256.badssl.com:443] - -``` - -``` - -platform: Linux (Ubuntu 16.04) -runner: simplerunner -stub: cSharp-Net 'run.exe' - -[C#-Net][ PASS ][ACCEPT][ Valid cert ][google.com] - -[C#-Net][ PASS ][REJECT][ dh480 ][dh480.badssl.com] -[C#-Net][ PASS ][REJECT][ dsdtestprovider ][dsdtestprovider.badssl.com] -[C#-Net][ PASS ][REJECT][ edellroot ][edellroot.badssl.com] -[C#-Net][ PASS ][REJECT][ expired ][expired.badssl.com] -[C#-Net][ PASS ][REJECT][ self-signed ][self-signed.badssl.com] -[C#-Net][ PASS ][REJECT][ superfish ][superfish.badssl.com] -[C#-Net][ PASS ][REJECT][ untrusted-root ][untrusted-root.badssl.com] -[C#-Net][ PASS ][REJECT][ wrong host ][wrong.host.badssl.com] -[C#-Net][ PASS ][ACCEPT][ sha-256 ][sha256.badssl.com] -[C#-Net][ PASS ][ACCEPT][ supports SNI ][badssl.com] -[C#-Net][ OK? ][ UNSUPPORTED ][ disable ca-bundles ][badssl.com] -[C#-Net][ OK? ][REJECT][ dh1024 ][dh1024.badssl.com] -[C#-Net][ OK? ][REJECT][ dh-small-subgroup ][dh-small-subgroup.badssl.com] -[C#-Net][ OK? ][REJECT][ incomplete-chain ][incomplete-chain.badssl.com] -[C#-Net][ OK? ][REJECT][ mozilla-intermediate ][mozilla-intermidiate.badssl.com] -[C#-Net][ OK? ][REJECT][ mozilla-modern ][mozilla-modern.badssl.com] -[C#-Net][ OK? ][REJECT][ subdomain.preloaded-hsts ][subdomain.preloaded-hsts.badssl.com] -[C#-Net][ OK? ][ACCEPT][ cbc ][cbc.badssl.com] -[C#-Net][ OK? ][ACCEPT][ hsts ][hsts.badssl.com] -[C#-Net][ OK? ][ACCEPT][ mixed ][mixed.badssl.com] -[C#-Net][ OK? ][ACCEPT][ mixed-favicon ][mixed-favicon.badssl.com] -[C#-Net][ OK? ][ACCEPT][ mixed-script ][mixed-script.badssl.com] -[C#-Net][ OK? ][ACCEPT][ mozilla-old ][mozilla-old.badssl.com] -[C#-Net][ OK? ][ACCEPT][ pinning-test ][pinning-test.badssl.com] -[C#-Net][ OK? ][ACCEPT][ preloaded-hsts ][preloaded-hsts.badssl.com] -[C#-Net][ OK? ][ACCEPT][ rc4 ][rc4.badssl.com] -[C#-Net][ OK? ][ACCEPT][ rsa8192 ][rsa8192.badssl.com] -[C#-Net][ OK? ][ACCEPT][ sha1-2016 ][sha1-2016.badssl.com] -[C#-Net][ OK? ][ACCEPT][ sha1-2017 ][sha1-2017.badssl.com] -[C#-Net][ OK? ][ACCEPT][ upgrade ][upgrade.badssl.com] -[C#-Net][ OK? ][ACCEPT][ very ][very.badssl.com] -[C#-Net][ FAIL ][REJECT][ 10000-sans (Bad in ten years) ][10000-sans.badssl.com] -[C#-Net][ FAIL ][REJECT][ 1000-sans ][1000-sans.badssl.com] -[C#-Net][ FAIL ][REJECT][ dh2048 ][dh2048.badssl.com] - -[C#-Net][ PASS ][REJECT][ OS X vulnerability ][www.ssllabs.com] -[C#-Net][ PASS ][REJECT][ Freak ][www.ssllabs.com] -[C#-Net][ PASS ][REJECT][ Logjam ][www.ssllabs.com] - -``` +runner: trytls 0.2.0 (CPython 2.7.12, OpenSSL 1.1.0-pre6-dev) +stub: mono 'run.exe' +PASS support for TLS server name indication (SNI) [accept badssl.com:443] +PASS expired certificate [reject expired.badssl.com:443] +PASS wrong hostname in certificate [reject wrong.host.badssl.com:443] +PASS self-signed certificate [reject self-signed.badssl.com:443] +PASS SHA-256 signature [accept sha256.badssl.com:443] +FAIL 1000 subjectAltNames [accept 1000-sans.badssl.com:443] +PASS incomplete chain of trust [reject incomplete-chain.badssl.com:443] +PASS Superfish CA [reject superfish.badssl.com:443] +PASS eDellRoot CA [reject edellroot.badssl.com:443] +PASS DSDTestProvider CA [reject dsdtestprovider.badssl.com:443] +PASS protect against Apple's TLS vulnerability CVE-2014-1266 [reject www.ssllabs.com:10443] +PASS protect against the FREAK attack [reject www.ssllabs.com:10444] +PASS protect against the Logjam attack [reject www.ssllabs.com:10445] +PASS protect against FREAK attack (test server 1) [reject cve.freakattack.com:443] +PASS protect against FREAK attack (test server 2) [reject cve2.freakattack.com:443] +SKIP valid localhost certificate [accept localhost:39737] +SKIP invalid localhost certificate [reject localhost:32835] +SKIP use only the given CA bundle, not system's [reject sha256.badssl.com:443] diff --git a/stubs/go-nethttp/results.txt b/stubs/go-nethttp/results.txt index 3e5c18a..099a903 100644 --- a/stubs/go-nethttp/results.txt +++ b/stubs/go-nethttp/results.txt @@ -1,7 +1,7 @@ -``` platform: Linux (Ubuntu 16.04) -runner: trytls 0.1.0 (CPython 2.7.12, OpenSSL 1.0.2g-fips) +runner: trytls 0.2.0 (CPython 2.7.12, OpenSSL 1.1.0-pre6-dev) stub: go run 'run.go' +PASS support for TLS server name indication (SNI) [accept badssl.com:443] PASS expired certificate [reject expired.badssl.com:443] PASS wrong hostname in certificate [reject wrong.host.badssl.com:443] PASS self-signed certificate [reject self-signed.badssl.com:443] @@ -11,10 +11,11 @@ PASS incomplete chain of trust [reject incomplete-chain.badssl.com:443] PASS Superfish CA [reject superfish.badssl.com:443] PASS eDellRoot CA [reject edellroot.badssl.com:443] PASS DSDTestProvider CA [reject dsdtestprovider.badssl.com:443] -PASS protect against an OS X vulnerability [reject www.ssllabs.com:10443] +PASS protect against Apple's TLS vulnerability CVE-2014-1266 [reject www.ssllabs.com:10443] PASS protect against the FREAK attack [reject www.ssllabs.com:10444] PASS protect against the Logjam attack [reject www.ssllabs.com:10445] -SKIP valid localhost certificate [accept localhost:45675] -SKIP invalid localhost certificate [reject localhost:38316] +PASS protect against FREAK attack (test server 1) [reject cve.freakattack.com:443] +PASS protect against FREAK attack (test server 2) [reject cve2.freakattack.com:443] +SKIP valid localhost certificate [accept localhost:41714] +SKIP invalid localhost certificate [reject localhost:33175] SKIP use only the given CA bundle, not system's [reject sha256.badssl.com:443] -``` diff --git a/stubs/vb-net/results.txt b/stubs/vb-net/results.txt index 4426eda..8a3e991 100644 --- a/stubs/vb-net/results.txt +++ b/stubs/vb-net/results.txt @@ -1,81 +1,22 @@ -``` -Mono JIT compiler version 4.5.2 -Visual Basic.Net Compiler version 0.0.0.5943 (Mono 4.0.1 - tarball) - -Do not use old compilers if it is not required for some reason. -For example Mono JIT compiler version 4.2.1 which is the currently (7.20.2016) default version -when installed using apt-get FAILS the expired certificate test. - -``` - -``` - -platform: Linux (Ubuntu 16.04) -runner: trytls 0.1.0 (CPython 2.7.12, OpenSSL 1.0.2g-fips) -stub: VB-Net 'Run.exe' - PASS expired certificate [reject expired.badssl.com:443] - PASS wrong hostname in certificate [reject wrong.host.badssl.com:443] - PASS self-signed certificate [reject self-signed.badssl.com:443] - PASS SHA-256 signature [accept sha256.badssl.com:443] - FAIL 1000 subjectAltNames [accept 1000-sans.badssl.com:443] - PASS incomplete chain of trust [reject incomplete-chain.badssl.com:443] - PASS Superfish CA [reject superfish.badssl.com:443] - PASS eDellRoot CA [reject edellroot.badssl.com:443] - PASS DSDTestProvider CA [reject dsdtestprovider.badssl.com:443] - PASS protect against an OS X vulnerability [reject www.ssllabs.com:10443] - PASS protect against the FREAK attack [reject www.ssllabs.com:10444] - PASS protect against the Logjam attack [reject www.ssllabs.com:10445] - SKIP valid localhost certificate [accept localhost:36162] - SKIP invalid localhost certificate [reject localhost:44585] - SKIP use only the given CA bundle, not system's [reject sha256.badssl.com:443] - -``` - -``` platform: Linux (Ubuntu 16.04) -runner: simplerunner -stub: VB-Net 'Run.exe' - -[VB-Net][ PASS ][ACCEPT][ Valid cert ][google.com] - -[VB-Net][ PASS ][REJECT][ dh480 ][dh480.badssl.com] -[VB-Net][ PASS ][REJECT][ dsdtestprovider ][dsdtestprovider.badssl.com] -[VB-Net][ PASS ][REJECT][ edellroot ][edellroot.badssl.com] -[VB-Net][ PASS ][REJECT][ expired ][expired.badssl.com] -[VB-Net][ PASS ][REJECT][ self-signed ][self-signed.badssl.com] -[VB-Net][ PASS ][REJECT][ superfish ][superfish.badssl.com] -[VB-Net][ PASS ][REJECT][ untrusted-root ][untrusted-root.badssl.com] -[VB-Net][ PASS ][REJECT][ wrong host ][wrong.host.badssl.com] -[VB-Net][ PASS ][ACCEPT][ sha-256 ][sha256.badssl.com] -[VB-Net][ PASS ][ACCEPT][ supports SNI ][badssl.com] -[VB-Net][ OK? ][ UNSUPPORTED ][ disable ca-bundles ][badssl.com] -[VB-Net][ OK? ][REJECT][ dh1024 ][dh1024.badssl.com] -[VB-Net][ OK? ][REJECT][ dh-small-subgroup ][dh-small-subgroup.badssl.com] -[VB-Net][ OK? ][REJECT][ incomplete-chain ][incomplete-chain.badssl.com] -[VB-Net][ OK? ][REJECT][ mozilla-intermediate ][mozilla-intermidiate.badssl.com] -[VB-Net][ OK? ][REJECT][ mozilla-modern ][mozilla-modern.badssl.com] -[VB-Net][ OK? ][REJECT][ subdomain.preloaded-hsts ][subdomain.preloaded-hsts.badssl.com] -[VB-Net][ OK? ][ACCEPT][ cbc ][cbc.badssl.com] -[VB-Net][ OK? ][ACCEPT][ hsts ][hsts.badssl.com] -[VB-Net][ OK? ][ACCEPT][ mixed ][mixed.badssl.com] -[VB-Net][ OK? ][ACCEPT][ mixed-favicon ][mixed-favicon.badssl.com] -[VB-Net][ OK? ][ACCEPT][ mixed-script ][mixed-script.badssl.com] -[VB-Net][ OK? ][ACCEPT][ mozilla-old ][mozilla-old.badssl.com] -[VB-Net][ OK? ][ACCEPT][ pinning-test ][pinning-test.badssl.com] -[VB-Net][ OK? ][ACCEPT][ preloaded-hsts ][preloaded-hsts.badssl.com] -[VB-Net][ OK? ][ACCEPT][ rc4 ][rc4.badssl.com] -[VB-Net][ OK? ][ACCEPT][ rsa8192 ][rsa8192.badssl.com] -[VB-Net][ OK? ][ACCEPT][ sha1-2016 ][sha1-2016.badssl.com] -[VB-Net][ OK? ][ACCEPT][ sha1-2017 ][sha1-2017.badssl.com] -[VB-Net][ OK? ][ACCEPT][ upgrade ][upgrade.badssl.com] -[VB-Net][ OK? ][ACCEPT][ very ][very.badssl.com] -[VB-Net][ FAIL ][REJECT][ 10000-sans (Bad in ten years) ][10000-sans.badssl.com] -[VB-Net][ FAIL ][REJECT][ 1000-sans ][1000-sans.badssl.com] -[VB-Net][ FAIL ][REJECT][ dh2048 ][dh2048.badssl.com] - -[VB-Net][ PASS ][REJECT][ OS X vulnerability ][www.ssllabs.com] -[VB-Net][ PASS ][REJECT][ Freak ][www.ssllabs.com] -[VB-Net][ PASS ][REJECT][ Logjam ][www.ssllabs.com] - -``` +runner: trytls 0.2.0 (CPython 2.7.12, OpenSSL 1.1.0-pre6-dev) +stub: mono 'Run.exe' +PASS support for TLS server name indication (SNI) [accept badssl.com:443] +PASS expired certificate [reject expired.badssl.com:443] +PASS wrong hostname in certificate [reject wrong.host.badssl.com:443] +PASS self-signed certificate [reject self-signed.badssl.com:443] +PASS SHA-256 signature [accept sha256.badssl.com:443] +FAIL 1000 subjectAltNames [accept 1000-sans.badssl.com:443] +PASS incomplete chain of trust [reject incomplete-chain.badssl.com:443] +PASS Superfish CA [reject superfish.badssl.com:443] +PASS eDellRoot CA [reject edellroot.badssl.com:443] +PASS DSDTestProvider CA [reject dsdtestprovider.badssl.com:443] +PASS protect against Apple's TLS vulnerability CVE-2014-1266 [reject www.ssllabs.com:10443] +PASS protect against the FREAK attack [reject www.ssllabs.com:10444] +PASS protect against the Logjam attack [reject www.ssllabs.com:10445] +PASS protect against FREAK attack (test server 1) [reject cve.freakattack.com:443] +PASS protect against FREAK attack (test server 2) [reject cve2.freakattack.com:443] +SKIP valid localhost certificate [accept localhost:44164] +SKIP invalid localhost certificate [reject localhost:37063] +SKIP use only the given CA bundle, not system's [reject sha256.badssl.com:443]