Merge pull request #1981 from drwetter/fix_1978

Fix minor inconsistency in description of cipher categories
This commit is contained in:
Dirk Wetter 2021-09-10 08:09:21 +02:00 committed by GitHub
commit 1d4acd9027
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 7 additions and 6 deletions

View File

@ -196,7 +196,7 @@ Any single check switch supplied as an argument prevents testssl\.sh from doing
\fB\-E, \-\-cipher\-per\-proto\fR is similar to \fB\-e, \-\-each\-cipher\fR\. It checks each of the possible ciphers, here: per protocol\. If you want to display each cipher tested you need to add \fB\-\-show\-each\fR\. The output is sorted by security strength, it lists the encryption bits though\. \fB\-E, \-\-cipher\-per\-proto\fR is similar to \fB\-e, \-\-each\-cipher\fR\. It checks each of the possible ciphers, here: per protocol\. If you want to display each cipher tested you need to add \fB\-\-show\-each\fR\. The output is sorted by security strength, it lists the encryption bits though\.
. .
.P .P
\fB\-s, \-\-std, \-\-standard\fR tests certain lists of cipher suites by strength\. Those lists are (\fBopenssl ciphers $LIST\fR, $LIST from below:) \fB\-s, \-\-std, \-\-categories\fR tests certain lists of cipher suites / cipher categories by strength\. (\fB\-\-standard\fR is deprecated\.) Those lists are (\fBopenssl ciphers $LIST\fR, $LIST from below:)
. .
.IP "\(bu" 4 .IP "\(bu" 4
\fBNULL encryption ciphers\fR: \'NULL:eNULL\' \fBNULL encryption ciphers\fR: \'NULL:eNULL\'

View File

@ -236,7 +236,7 @@ containing files with a .pem extension, a single file or multiple files as a com
<p><code>-E, --cipher-per-proto</code> is similar to <code>-e, --each-cipher</code>. It checks each of the possible ciphers, here: per protocol. If you want to display each cipher tested you need to add <code>--show-each</code>. The output is sorted by security strength, it lists the encryption bits though.</p> <p><code>-E, --cipher-per-proto</code> is similar to <code>-e, --each-cipher</code>. It checks each of the possible ciphers, here: per protocol. If you want to display each cipher tested you need to add <code>--show-each</code>. The output is sorted by security strength, it lists the encryption bits though.</p>
<p><code>-s, --std, --standard</code> tests certain lists of cipher suites by strength. Those lists are (<code>openssl ciphers $LIST</code>, $LIST from below:)</p> <p><code>-s, --std, --categories</code> tests certain lists of cipher suites / cipher catagories by strength. (<code>--standard</code> is deprecated.) Those lists are (<code>openssl ciphers $LIST</code>, $LIST from below:)</p>
<ul> <ul>
<li><code>NULL encryption ciphers</code>: 'NULL:eNULL'</li> <li><code>NULL encryption ciphers</code>: 'NULL:eNULL'</li>

View File

@ -161,7 +161,7 @@ Any single check switch supplied as an argument prevents testssl.sh from doing a
`-E, --cipher-per-proto` is similar to `-e, --each-cipher`. It checks each of the possible ciphers, here: per protocol. If you want to display each cipher tested you need to add `--show-each`. The output is sorted by security strength, it lists the encryption bits though. `-E, --cipher-per-proto` is similar to `-e, --each-cipher`. It checks each of the possible ciphers, here: per protocol. If you want to display each cipher tested you need to add `--show-each`. The output is sorted by security strength, it lists the encryption bits though.
`-s, --std, --standard` tests certain lists of cipher suites by strength. Those lists are (`openssl ciphers $LIST`, $LIST from below:) `-s, --std, --categories` tests certain lists of cipher suites / cipher catagories by strength. (`--standard` is deprecated.) Those lists are (`openssl ciphers $LIST`, $LIST from below:)
* `NULL encryption ciphers`: 'NULL:eNULL' * `NULL encryption ciphers`: 'NULL:eNULL'
* `Anonymous NULL ciphers`: 'aNULL:ADH' * `Anonymous NULL ciphers`: 'aNULL:ADH'

View File

@ -143,7 +143,7 @@ unlike($openssl_out, qr/$openssl_regex_bl/, "");
$tests++; $tests++;
$uri="news.newsguy.com:119"; $uri="140.238.219.117:119";
# unlink "tmp.json"; # unlink "tmp.json";
printf "\n%s\n", "STARTTLS NNTP unit tests via sockets --> $uri ..."; printf "\n%s\n", "STARTTLS NNTP unit tests via sockets --> $uri ...";

View File

@ -19467,7 +19467,7 @@ help() {
single check as <options> ("$PROG_NAME URI" does everything except -E and -g): single check as <options> ("$PROG_NAME URI" does everything except -E and -g):
-e, --each-cipher checks each local cipher remotely -e, --each-cipher checks each local cipher remotely
-E, --cipher-per-proto checks those per protocol -E, --cipher-per-proto checks those per protocol
-s, --std, --standard tests certain lists of cipher suites by strength -s, --std, --categories tests standard cipher categories by strength
-f, --fs, --nsa checks forward secrecy settings -f, --fs, --nsa checks forward secrecy settings
-p, --protocols checks TLS/SSL protocols (including SPDY/HTTP2) -p, --protocols checks TLS/SSL protocols (including SPDY/HTTP2)
-g, --grease tests several server implementation bugs like GREASE and size limitations -g, --grease tests several server implementation bugs like GREASE and size limitations
@ -22243,7 +22243,8 @@ parse_cmd_line() {
-p|--protocols) -p|--protocols)
do_protocols=true do_protocols=true
;; ;;
-s|--std|--standard) -s|--std|--standard|--categories)
# --standard is deprecated
do_cipherlists=true do_cipherlists=true
;; ;;
-S|--server[-_]defaults) -S|--server[-_]defaults)