blob: a38a8f181dbd6e5d66e05a1a2b0c12cb4e102a30 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
|
#!/bin/sh
# This program is free software: you can redistribute it and/or modify it under
# the terms of the GNU Affero General Public License as published by the Free
# Software Foundation, either version 3 of the License, or (at your option) any
# later version.
#
# This program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
# details.
readonly red=$(tput setaf 1)
readonly green=$(tput setaf 2)
readonly normal=$(tput sgr0)
main()
{
# Handle opts
while getopts ":hp:" opt
do
case "$opt" in
h) usage && exit 0 ;;
p) port=$OPTARG ;;
*)
printf "Invalid option passed: %s\n" "$OPTARG" >&2
;;
esac
done
shift $(( OPTIND - 1 ))
[ -z "$port" ] && port=443
# Show usage when no arguments are passed
if [ $# -lt 1 ]
then
usage && exit 0
fi
domain_length=0
# Calculate longest domain name
for domain in "$@"
do
if [ ${#domain} -gt $domain_length ]
then
domain_length=${#domain}
fi
done
# Print out TLS compatability matrix
for domain in "$@"
do
printf "%${domain_length}s:%d" "$domain" "$port"
printf " %s${normal}" "$(openssl_tls_1_0 "$domain" && printf "%s" "${green}1.0" || printf "%s" "${red}1.0")"
printf " %s${normal}" "$(openssl_tls_1_1 "$domain" && printf "%s" "${green}1.1" || printf "%s" "${red}1.1")"
printf " %s${normal}" "$(openssl_tls_1_2 "$domain" && printf "%s" "${green}1.2" || printf "%s" "${red}1.2")"
printf " %s${normal}" "$(openssl_tls_1_3 "$domain" && printf "%s" "${green}1.3" || printf "%s" "${red}1.3")"
printf "\n"
done
}
openssl_tls_1_0()
{
printf "\n" | openssl s_client -tls1 -connect "$1:$port" > /dev/null 2>&1
}
openssl_tls_1_1()
{
printf "\n" | openssl s_client -tls1_1 -connect "$1:$port" > /dev/null 2>&1
}
openssl_tls_1_2()
{
printf "\n" | openssl s_client -tls1_2 -connect "$1:$port" > /dev/null 2>&1
}
openssl_tls_1_3()
{
printf "\n" | openssl s_client -tls1_3 -connect "$1:$port" > /dev/null 2>&1
}
usage()
{
cat <<EOF
Usage:
${0##*/} -h
Check a server for supported TLS versions.
Options:
-h Show this help text and exit.
-p Set the port to test on. Defaults to 443.
EOF
}
main "$@"
|