#!/bin/sh # This program is free software: you can redistribute it and/or modify it under # the terms of the GNU Affero General Public License as published by the Free # Software Foundation, either version 3 of the License, or (at your option) any # later version. # # This program is distributed in the hope that it will be useful, but WITHOUT # ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS # FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more # details. readonly red=$(tput setaf 1) readonly green=$(tput setaf 2) readonly normal=$(tput sgr0) main() { # Handle opts while getopts ":hp:" opt do case "$opt" in h) usage && exit 0 ;; p) port=$OPTARG ;; *) printf "Invalid option passed: %s\n" "$OPTARG" >&2 ;; esac done shift $(( OPTIND - 1 )) [ -z "$port" ] && port=443 # Show usage when no arguments are passed if [ $# -lt 1 ] then usage && exit 0 fi domain_length=0 # Calculate longest domain name for domain in "$@" do if [ ${#domain} -gt $domain_length ] then domain_length=${#domain} fi done # Print out TLS compatability matrix for domain in "$@" do printf "%${domain_length}s:%d" "$domain" "$port" printf " %s${normal}" "$(openssl_tls_1_0 "$domain" && printf "%s" "${green}1.0" || printf "%s" "${red}1.0")" printf " %s${normal}" "$(openssl_tls_1_1 "$domain" && printf "%s" "${green}1.1" || printf "%s" "${red}1.1")" printf " %s${normal}" "$(openssl_tls_1_2 "$domain" && printf "%s" "${green}1.2" || printf "%s" "${red}1.2")" printf " %s${normal}" "$(openssl_tls_1_3 "$domain" && printf "%s" "${green}1.3" || printf "%s" "${red}1.3")" printf "\n" done } openssl_tls_1_0() { printf "\n" | openssl s_client -tls1 -connect "$1:$port" > /dev/null 2>&1 } openssl_tls_1_1() { printf "\n" | openssl s_client -tls1_1 -connect "$1:$port" > /dev/null 2>&1 } openssl_tls_1_2() { printf "\n" | openssl s_client -tls1_2 -connect "$1:$port" > /dev/null 2>&1 } openssl_tls_1_3() { printf "\n" | openssl s_client -tls1_3 -connect "$1:$port" > /dev/null 2>&1 } usage() { cat <