Skip to content

@drwetter drwetter released this Dec 11, 2019 · 107 commits to 3.0 since this release

This is the sixth release candidate of 3.0 to reflect recent improvements. All distributors and others who use it also for production-like environment are encouraged to switch to this branch as 2.9.5 is not supported anymore. Bug fixing will take place in 3.0* only. This is a stable release.

This release contains some new features and more bug fixes:

  • Socket timeouts (--connect-timeout)
  • IDN/IDN2 servername support
  • support
  • Initial support for certificate compression
  • Initial client certificate support
  • Better indentation for HTTP header outputs
  • Better parsing of HTTP headers
  • Penalize absence of TLS 1.2 anymore if server supports TLS 1.3 only
  • Several improvements related to protocol determination and downgrade responses
  • Some logic related using TLS 1.3 aware OpenSSL binaries more or less automagically
  • Internal improvements to server preference checks
  • Lots of internal and some speed improvements in "pre-flight checks" (comes before outputting any test)
  • Mark TLS 1.0 and TLS 1.1 as deprecated
  • Support newer OpenSSL/LibreSSL versions
  • Improved detection of wrong user input when file was supplied for --csv,--json and --html
  • Update client handshakes with newer client data and deprecate other clients
  • Regression in CAA RR fixed
  • Session resumption fixes
  • Session ticket fixes
  • Fixes for STARTTLS MySQL and PostgreSQL
  • Unit tests for (almost) every STARTTLS protocol supported
  • A lot of minor fixes

This program is licensed under GPLv2. Please note also that if you're using the program for a paid or free public service you need mention where you got this program from.

If you like this program we would appreciate donations (see for a coffee, beer, wine, whisky -- or if you just say "Thank you". This keeps us motivated further continuing development.

Assets 2
You can’t perform that action at this time.