The web app running howsmyssl.com
Go HTML Shell
Latest commit a7d3896 Dec 29, 2016 @jmhodges committed on GitHub remove unused v1beta3 logging library (#153)
Permalink
Failed to load latest commit information.
config add test for Probably Okay golden path (#116) May 24, 2016
gzip correctly gzip static files (#64) Apr 7, 2016
static lingo about non-profit and student programs (#108) May 18, 2016
templates make TLS 1.3 okay (#120) Jul 26, 2016
tls reenable Beast mitigation detection (#114) May 22, 2016
vendor remove unused v1beta3 logging library (#153) Dec 29, 2016
.dockerignore add .dockerignore and correct docker push script Apr 13, 2016
.gitignore adding initial web site and api Oct 27, 2013
.travis.yml bump to Go 1.7.4 (#146) Dec 1, 2016
Dockerfile bump to Go 1.7.4 (#146) Dec 1, 2016
LICENSE add MIT license Nov 2, 2013
README.md remove extraneous ` in README Apr 27, 2015
all_suites.go add another CHACHA20_POLY1305 cipher suites (#144) Nov 3, 2016
allow.go use 0.0.0.0 in Allower for busted IPs (#152) Dec 27, 2016
allow_test.go make origin config file specify domains to block (#105) May 18, 2016
client_info.go make TLS 1.3 okay (#120) Jul 26, 2016
conn.go correct unknown timeout stat (#112) May 22, 2016
howsmyssl-gcloud-credentials.json.enc deploy to other cluster (#87) Apr 29, 2016
howsmyssl.go correct onerror callback to capture the right err (#150) Dec 27, 2016
index_test.go Allow headless operation (#117) Oct 12, 2016
insecure_suites.go add a few more insecure cipher suites (#129) Aug 15, 2016
stat_writer.go add request stats Dec 23, 2013
tls_test.go add test for Probably Okay golden path (#116) May 24, 2016
travis_docker_push.sh work harder to detect busted gcloud dirs (#147) Dec 2, 2016

README.md

howsmyssl

howsmyssl is the web app behind https://howsmyssl.com.

Orientation

This is a Go project.

The HTML code goes in templates/. Templates are generated with Go's html/template package. Determining the client's security is done in client_info.go.

This project requires Go 1.2 to build with TLS 1.1 and 1.2 support. go build will generate a static binary called howsmyssl. This repo is go get'able, of course.

It has a fork of the Go crypto/tls library at ./tls/ in order to add a ServerHandshake and expose the ClientHello struct.

It's been useful to me to use justrun to recompile the project while modifying the template. Typical use is simply:

justrun -c "go build && ./howsmyssl" -i howsmyssl . templates/

(Justrun has the benefit of controlling the lifecycle of a process, unlike most other file watch utilities.)