Skip to content

@nabla-c0d3 nabla-c0d3 released this Nov 11, 2020 · 1 commit to release since this release

  • Added support for scanning for supported elliptic curves (#447):
$ python -m sslyze --elliptic_curves

 * Elliptic Curve Key Exchange:
       Supported curves:                  prime256v1, secp384r1, secp521r1, X25519
       Rejected curves:                   sect163r2, secp160r1, sect233k1, X448, secp160r2, sect233r1, secp192k1,
sect239k1, secp224k1, sect193r1, sect283k1, secp224r1, sect163k1, sect283r1, secp256k1, secp160k1, 
sect409k1, prime192v1, sect409r1, sect163r1, sect193r2, sect571k1, sect571r1
  • Added support for cryptography 3.x (#455).
  • Fixed various crashes (#458, #459).
Assets 3

@nabla-c0d3 nabla-c0d3 released this Jun 28, 2020

  • Significantly reduced memory usage when using SSLyze in a Python application.
Assets 3

@nabla-c0d3 nabla-c0d3 released this Jun 13, 2020

  • Fixed crashes when scanning Amazon Cloudfront due to TLS 1.3 (#445).
  • Fixed a crash when scanning a server with an Ed25519 certificate (#444).
  • The CLI will now run --regular if no scan options were supplied: python -m sslyze (#440)
Assets 3

@nabla-c0d3 nabla-c0d3 released this May 31, 2020

  • Fixed a crash when scanning Amazon Cloudfront for Heartbleed and CCS Injection (#437).
  • The Python API now exposes a JsonEncoder to make it easy to serialize a ServerScanResult to JSON (#439).
Assets 3
May 31, 2020

@nabla-c0d3 nabla-c0d3 released this May 10, 2020

  • Fixed crashes when running SSLyze on localized (ie. non-english) versions of Windows (#434).
Assets 3

@nabla-c0d3 nabla-c0d3 released this Apr 27, 2020

  • Fixed bug with Heartbleed and CCS Injection checks (#202 )
  • Fix crashes with servers that have connectivity issues (#433, #430 )
Assets 3

@nabla-c0d3 nabla-c0d3 released this Apr 19, 2020

  • Improved check for HTTP security headers by adding support for HTTP redirections (#393 ).
  • Fixed bug causing some results to not be returned when scanning multiple servers (#429 ).
  • Added support for more versions of the cryptography package for better compatibility (#428 ).
  • Fixed crash when scanning a server with a certificate that has duplicate X509 extensions (#420 )
Assets 3

@nabla-c0d3 nabla-c0d3 released this Apr 3, 2020

Assets 3

@nabla-c0d3 nabla-c0d3 released this Mar 30, 2020

Big internal refactoring focused on modernizing the code base (dataclasses, type annotations, etc.) and improving the speed and reliability of the scan results.

  • The Python API and the format of the outputs have been drastically improved and simplified, but are not backward-compatible with older versions of SSLyze.
  • Python 3.8 is now supported, and Python 3.6 is no longer supported.
  • Huge improvements to the reliability of the scans:
    • The number of concurrent connections per single server can now be controlled and is set to 5 by default (#385).
    • This limit is enforced regardless of the number of scan commands queued for the server, and drastically reduces the number of scans that fail due to a slow server or a slow connection.
  • Various improvements to cipher suites scanning:
    • The size of the cipher's suite key is now always returned.
    • The (EC) Diffie-Helmann parameters negotiated during the TLS handshake are now returned (#394).
  • Various improvements to server certificate checks:
    • Servers that expose multiple leaf certificates and chains are now supported (#326).
    • Bug fix for Symantec CA deprecation (#406).
  • SSLyze is now compatible with PEP 561 for type checking with mypy.
  • Various improvements to the JSON output:
    • The format of the JSON output now exactly matches the format of the Python output (which is fully documented).
    • Better parsing of Subject and Issuer fields in certificates (#404).
  • Support for XML output was removed.
Assets 2
You can’t perform that action at this time.