From 1f8e65104cfce068441428e73ce51c355b910405 Mon Sep 17 00:00:00 2001
From: Dirk Wetter <dirk@testssl.sh>
Date: Tue, 8 Sep 2020 22:08:05 +0200
Subject: [PATCH] Add winshock to documentation

---
 doc/testssl.1      | 3 +++
 doc/testssl.1.html | 2 ++
 doc/testssl.1.md   | 2 ++
 3 files changed, 7 insertions(+)

diff --git a/doc/testssl.1 b/doc/testssl.1
index 916b5b7..66ac0ac 100644
--- a/doc/testssl.1
+++ b/doc/testssl.1
@@ -385,6 +385,9 @@ Security headers (X\-Frame\-Options, X\-XSS\-Protection, Expect\-CT,\.\.\. , CSP
 \fB\-L, \-\-lucky13\fR Checks for LUCKY13 vulnerability\. It checks for the presence of CBC ciphers in TLS versions 1\.0 \- 1\.2\.
 .
 .P
+\fB\-WS, \-\-winshock\fR Checks for Winshock vulnerability\. It tests for absence of GCM ciphers which were introduced in the fix and correlates that with the server banner\.
+.
+.P
 \fB\-4, \-\-rc4, \-\-appelbaum\fR Checks which RC4 stream ciphers are being offered\.
 .
 .SS "OUTPUT OPTIONS"
diff --git a/doc/testssl.1.html b/doc/testssl.1.html
index 484eef6..c299029 100644
--- a/doc/testssl.1.html
+++ b/doc/testssl.1.html
@@ -340,6 +340,8 @@ Also for multiple server certificates are being checked for as well as for the c
 
 <p><code>-L, --lucky13</code>                 Checks for LUCKY13 vulnerability. It checks for the presence of CBC ciphers in TLS versions 1.0 - 1.2.</p>
 
+<p><code>-WS, --winshock</code>               Checks for Winshock vulnerability. It tests for absence of GCM ciphers which were introduced in the fix and correlates that with the server banner.</p>
+
 <p><code>-4, --rc4, --appelbaum</code>        Checks which RC4 stream ciphers are being offered.</p>
 
 <h3 id="OUTPUT-OPTIONS">OUTPUT OPTIONS</h3>
diff --git a/doc/testssl.1.md b/doc/testssl.1.md
index 4e21868..73341d3 100644
--- a/doc/testssl.1.md
+++ b/doc/testssl.1.md
@@ -254,6 +254,8 @@ Also for multiple server certificates are being checked for as well as for the c
 
 `-L, --lucky13`                 Checks for LUCKY13 vulnerability. It checks for the presence of CBC ciphers in TLS versions 1.0 - 1.2.
 
+`-WS, --winshock`               Checks for Winshock vulnerability. It tests for absence of GCM ciphers which were introduced in the fix and correlates that with the server banner.
+
 `-4, --rc4, --appelbaum`        Checks which RC4 stream ciphers are being offered.