pyrox.dev / nixpkgs
lol
fork atom

testssl.sh: init at 2.9.5-1

Add testssl.sh which is a nice utility for testing TLS/SSL
capabilities of servers without having to use any kind of
web-service. It's very useful for testing setups of services before
deployment and such.

Elis Hirwing 02d9d40d 8525b78d

+58
unified split
+1
lib/maintainers.nix
··· 190 erikryb = "Erik Rybakken <erik.rybakken@math.ntnu.no>"; 191 ertes = "Ertugrul Söylemez <esz@posteo.de>"; 192 ethercrow = "Dmitry Ivanov <ethercrow@gmail.com>"; 193 exi = "Reno Reckling <nixos@reckling.org>"; 194 exlevan = "Alexey Levan <exlevan@gmail.com>"; 195 expipiplus1 = "Joe Hermaszewski <nix@monoid.al>";
··· 190 erikryb = "Erik Rybakken <erik.rybakken@math.ntnu.no>"; 191 ertes = "Ertugrul Söylemez <esz@posteo.de>"; 192 ethercrow = "Dmitry Ivanov <ethercrow@gmail.com>"; 193 + etu = "Elis Hirwing <elis@hirwing.se>"; 194 exi = "Reno Reckling <nixos@reckling.org>"; 195 exlevan = "Alexey Levan <exlevan@gmail.com>"; 196 expipiplus1 = "Joe Hermaszewski <nix@monoid.al>";
+45
pkgs/applications/networking/testssl/default.nix
···
··· 1 + { stdenv, fetchFromGitHub, pkgs }: 2 + 3 + stdenv.mkDerivation rec { 4 + version = "2.9.5-1"; 5 + name = "testssl.sh-${version}"; 6 + 7 + src = fetchFromGitHub { 8 + owner = "drwetter"; 9 + repo = "testssl.sh"; 10 + rev = "v${version}"; 11 + sha256 = "0hz6g685jwl0c0jrdca746425xpwiwc8lnlc2gigga5hkcq8qzl9"; 12 + }; 13 + 14 + nativeBuildInputs = with pkgs; [ 15 + makeWrapper 16 + ]; 17 + 18 + patches = [ ./testssl.patch ]; 19 + 20 + pwdBinPath = "${stdenv.lib.makeBinPath (with pkgs; [ coreutils ])}/pwd"; 21 + opensslBinPath = "${stdenv.lib.makeBinPath (with pkgs; [ openssl ])}/openssl"; 22 + postPatch = '' 23 + sed -i -e "s|/bin/pwd|${pwdBinPath}|g" \ 24 + -e "s|TESTSSL_INSTALL_DIR:-\"\"|TESTSSL_INSTALL_DIR:-\"$out\"|g" \ 25 + -e "s|OPENSSL:-\"\"|OPENSSL:-\"${opensslBinPath}\"|g" \ 26 + testssl.sh 27 + ''; 28 + 29 + installPhase = '' 30 + mkdir -p $out/bin $out/etc 31 + cp -r etc/ $out/ 32 + cp testssl.sh $out/bin/testssl.sh 33 + ''; 34 + 35 + meta = with stdenv.lib; { 36 + description = "CLI tool to check a server's TLS/SSL capabilities"; 37 + longDescription = '' 38 + CLI tool which checks a server's service on any port for the support of 39 + TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more. 40 + ''; 41 + homepage = https://testssl.sh/; 42 + license = licenses.gpl2; 43 + maintainers = [ maintainers.etu ]; 44 + }; 45 + }
+10
pkgs/applications/networking/testssl/testssl.patch
···
··· 1 + --- testssl/testssl.sh 2017-09-24 16:53:29.395263437 +0200 2 + +++ testssl-new/testssl.sh 2017-09-24 16:53:41.221154492 +0200 3 + @@ -165,6 +165,7 @@ 4 + # following variables make use of $ENV, e.g. OPENSSL=<myprivate_path_to_openssl> ./testssl.sh <host> 5 + # 0 means (normally) true here. Some of the variables are also accessible with a command line switch, see --help 6 + declare -x OPENSSL OPENSSL_TIMEOUT 7 + +OPENSSL=${OPENSSL:-""} 8 + FAST_SOCKET=${FAST_SOCKET:-false} # EXPERIMENTAL feature to accelerate sockets -- DO NOT USE it for production 9 + COLOR=${COLOR:-2} # 2: Full color, 1: b/w+positioning, 0: no ESC at all 10 + COLORBLIND=${COLORBLIND:-false} # if true, swap blue and green in the output
+2
pkgs/top-level/all-packages.nix
··· 16549 16550 twmn = libsForQt5.callPackage ../applications/misc/twmn { }; 16551 16552 umurmur = callPackage ../applications/networking/umurmur { }; 16553 16554 unigine-valley = callPackage ../applications/graphics/unigine-valley { };
··· 16549 16550 twmn = libsForQt5.callPackage ../applications/misc/twmn { }; 16551 16552 + testssl = callPackage ../applications/networking/testssl { }; 16553 + 16554 umurmur = callPackage ../applications/networking/umurmur { }; 16555 16556 unigine-valley = callPackage ../applications/graphics/unigine-valley { };