Taras, On Thu, Jun 7, 2012 at 8:13 AM, Taras <ox...@oxdef.info> wrote: > Andres, > > >>> Please, see last version of sslCertificate. It looks like now you >>> are satisfied? :) Can I merge it with trunk? >> >> >> I would love to see unittests, but ok, please merge to trunk :) > > Done. About unittests...if we will find ssl test site then we can use it. In > another case code for tests will be bigger then code of the plugin (running > ssl server with custom certificate for each case) :(
Just commited the simplest unit-test possible for the sslCertificate plugin [0] which can be extended by adding more certificates and setting new SSL protocols for the server. I finally used a simple socket server with a ssl wrapper to "emulate" an HTTP server. [0] sourceforge.net/apps/trac/w3af/changeset/5058 Regards, > >> >>> >>>>> * Try to make the descriptions for the info/vuln objects more >>>>> "complete" such as: >>>>> - desc = 'The target host "%s" has SSL version 2 enabled which is >>>>> known to be insecure.' >>> >>> >>> Done. >>> >>> -- >>> Taras >>> http://oxdef.info >> >> >> >> > > > -- > Taras > http://oxdef.info -- Andrés Riancho Project Leader at w3af - http://w3af.org/ Web Application Attack and Audit Framework Twitter: @w3af GPG: 0x93C344F3 ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ W3af-develop mailing list W3af-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-develop
