From 7be262f287277b1eb30a6d9857fccac8037ea9da Mon Sep 17 00:00:00 2001
From: Dirk <dirk@testssl.sh>
Date: Thu, 9 Sep 2021 21:50:03 +0200
Subject: [PATCH 1/2] Fix minor inconsistency in description of cipher
 categories

A longer while back the section ~ "Testing standard ciphers" was
renamed to "Testing cipher categories". However the internal help
didn't reflect that.

This fixes that, including an addtion to the documentation.

Note: the help still lists "-s --std, --standard" as a cmd line
switch.
---
 doc/testssl.1      | 2 +-
 doc/testssl.1.html | 2 +-
 doc/testssl.1.md   | 2 +-
 testssl.sh         | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/doc/testssl.1 b/doc/testssl.1
index 4148b35..d72b183 100644
--- a/doc/testssl.1
+++ b/doc/testssl.1
@@ -188,7 +188,7 @@ Any single check switch supplied as an argument prevents testssl\.sh from doing
 \fB\-E, \-\-cipher\-per\-proto\fR is similar to \fB\-e, \-\-each\-cipher\fR\. It checks each of the possible ciphers, here: per protocol\. If you want to display each cipher tested you need to add \fB\-\-show\-each\fR\. The output is sorted by security strength, it lists the encryption bits though\.
 .
 .P
-\fB\-s, \-\-std, \-\-standard\fR tests certain lists of cipher suites by strength\. Those lists are (\fBopenssl ciphers $LIST\fR, $LIST from below:)
+\fB\-s, \-\-std, \-\-standard\fR tests certain lists of cipher suites / cipher categories by strength\. Those lists are (\fBopenssl ciphers $LIST\fR, $LIST from below:)
 .
 .IP "\(bu" 4
 \fBNULL encryption ciphers\fR: \'NULL:eNULL\'
diff --git a/doc/testssl.1.html b/doc/testssl.1.html
index 6ef185c..2d57fa5 100644
--- a/doc/testssl.1.html
+++ b/doc/testssl.1.html
@@ -231,7 +231,7 @@ ADDITIONAL_CA_FILES is the environment variable for this.</p>
 
 <p><code>-E, --cipher-per-proto</code>  is similar to <code>-e, --each-cipher</code>. It checks each of the possible ciphers, here: per protocol. If you want to display each cipher tested you need to add <code>--show-each</code>. The output is sorted by security strength, it lists the encryption bits though.</p>
 
-<p><code>-s, --std, --standard</code>   tests certain lists of cipher suites by strength. Those lists are (<code>openssl ciphers $LIST</code>, $LIST from below:)</p>
+<p><code>-s, --std, --standard</code>   tests certain lists of cipher suites / cipher catagories by strength. Those lists are (<code>openssl ciphers $LIST</code>, $LIST from below:)</p>
 
 <ul>
 <li><code>NULL encryption ciphers</code>: 'NULL:eNULL'</li>
diff --git a/doc/testssl.1.md b/doc/testssl.1.md
index 4ae0ea6..e1f5afe 100644
--- a/doc/testssl.1.md
+++ b/doc/testssl.1.md
@@ -154,7 +154,7 @@ Any single check switch supplied as an argument prevents testssl.sh from doing a
 
 `-E, --cipher-per-proto`  is similar to `-e, --each-cipher`. It checks each of the possible ciphers, here: per protocol. If you want to display each cipher tested you need to add `--show-each`. The output is sorted by security strength, it lists the encryption bits though.
 
-`-s, --std, --standard`   tests certain lists of cipher suites by strength. Those lists are (`openssl ciphers $LIST`, $LIST from below:)
+`-s, --std, --standard`   tests certain lists of cipher suites / cipher catagories by strength. Those lists are (`openssl ciphers $LIST`, $LIST from below:)
 
 * `NULL encryption ciphers`: 'NULL:eNULL'
 * `Anonymous NULL ciphers`: 'aNULL:ADH'
diff --git a/testssl.sh b/testssl.sh
index 7295f33..0749e0c 100755
--- a/testssl.sh
+++ b/testssl.sh
@@ -17242,7 +17242,7 @@ help() {
 single check as <options>  ("$PROG_NAME URI" does everything except -E and -g):
      -e, --each-cipher             checks each local cipher remotely
      -E, --cipher-per-proto        checks those per protocol
-     -s, --std, --standard         tests certain lists of cipher suites by strength
+     -s, --std, --standard         tests standard cipher categories by strength
      -p, --protocols               checks TLS/SSL protocols (including SPDY/HTTP2)
      -g, --grease                  tests several server implementation bugs like GREASE and size limitations
      -S, --server-defaults         displays the server's default picks and certificate info

From a239ac7a6a32617f2a2062d62ab3e8670b691f69 Mon Sep 17 00:00:00 2001
From: Dirk <dirk@testssl.sh>
Date: Thu, 9 Sep 2021 23:21:08 +0200
Subject: [PATCH 2/2] Fix GHA (starttls nntp)

using another IP
---
 t/25_baseline_starttls.t | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/t/25_baseline_starttls.t b/t/25_baseline_starttls.t
index 3513eb2..beafc2b 100755
--- a/t/25_baseline_starttls.t
+++ b/t/25_baseline_starttls.t
@@ -130,7 +130,7 @@ unlike($openssl_out, qr/$openssl_regex_bl/, "");
 $tests++;
 
 
-$uri="news.newsguy.com:119";
+$uri="140.238.219.117:119";
 
 # unlink "tmp.json";
 printf "\n%s\n", "STARTTLS NNTP unit tests via sockets --> $uri ...";