From 1b7653e438af9e96ad4b31613bdbff0eff871311 Mon Sep 17 00:00:00 2001 From: Dirk Wetter Date: Sat, 11 Jun 2016 09:08:51 +0200 Subject: [PATCH 1/2] Update Readme.md --- Readme.md | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/Readme.md b/Readme.md index 6853fc6..e44643d 100644 --- a/Readme.md +++ b/Readme.md @@ -56,18 +56,18 @@ Done so far: https://github.com/drwetter/testssl.sh/issues/11 * works on servers requiring a x509 certificate for authentication * SSL Session ID check -* avahi/mDNS based name resolution +* Avahi/mDNS based name resolution * HTTP2/ALPN protocol check * Logging to a file / dir * Logging to JSON + CSV -* check for multiple server certificates -* browser cipher simulation -* assistance for color-blind users -* Even more compatibility improvements for FreeBSD, RH-ish and F5 systems +* Check for multiple server certificates +* Browser cipher simulation +* Assistance for color-blind users +* Even more compatibility improvements for FreeBSD, RH-ish, F5 and Cisco systems * Considerable speed improvements for each cipher runs (-e/-E) -* more robust socket interface +* More robust socket interface * OpenSSL 1.1.0 compliant -* whole number of busg squashed +* Whole number of bugs squashed Update notification here or @ [twitter](https://twitter.com/drwetter). @@ -89,8 +89,8 @@ Help is needed here. #### Bug reports -Please file bugs in the issue tracker. Do not forget to provide detailed information, see https://github.com/drwetter/testssl.sh/wiki/Findings-and-HowTo-Fix-them#file-a-proper-bug-report -Nobody can read your thoughts -- yet. +Please file bugs in the issue tracker. Do not forget to provide detailed information, see https://github.com/drwetter/testssl.sh/wiki/Bug-reporting. (Nobody can read your thoughts +-- yet. And only agencies your screen) ;-) ---- From a06c71d91548e5918adcad9b4788c9f9ad00c787 Mon Sep 17 00:00:00 2001 From: Peter Mosmans Date: Mon, 13 Jun 2016 10:34:04 +1000 Subject: [PATCH 2/2] Updated ChaCha20 cipher names See https://tools.ietf.org/html/draft-ietf-tls-chacha20-poly1305-04 (the latest version as of this writing is 04). The previous version received the suffix _2013. See https://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-04 --- etc/mapping-rfc.txt | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/etc/mapping-rfc.txt b/etc/mapping-rfc.txt index 3a1d092..3ae12d6 100644 --- a/etc/mapping-rfc.txt +++ b/etc/mapping-rfc.txt @@ -336,16 +336,16 @@ xC0AC TLS_ECDHE_ECDSA_WITH_AES_128_CCM xC0AD TLS_ECDHE_ECDSA_WITH_AES_256_CCM xC0AE TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 xC0AF TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 -xCCA8 TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305 -xCCA9 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 -xCCAA TLS_DHE_RSA_WITH_CHACHA20_POLY1305 -xCCAB TLS_PSK_WITH_CHACHA20_POLY1305 -xCCAC TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305 -xCCAD TLS_DHE_PSK_WITH_CHACHA20_POLY1305 -xCCAE TLS_RSA_PSK_WITH_CHACHA20_POLY1305 -xCC13 OLD_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 -xCC14 OLD_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 -xCC15 OLD_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 +xCCA8 TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 +xCCA9 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 +xCCAA TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 +xCCAB TLS_PSK_WITH_CHACHA20_POLY1305_SHA256 +xCCAC TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 +xCCAD TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 +xCCAE TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256 +xCC13 TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256_2013 +xCC14 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256_2013 +xCC15 TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256_2013 xFEFE SSL_RSA_FIPS_WITH_DES_CBC_SHA xFEFF SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA xFFE0 SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA