diff --git a/t/baseline_data/default_testssl.csvfile b/t/baseline_data/default_testssl.csvfile index 3b50649..f43bbb9 100644 --- a/t/baseline_data/default_testssl.csvfile +++ b/t/baseline_data/default_testssl.csvfile @@ -100,36 +100,36 @@ "LUCKY13","testssl.sh/81.169.235.32","443","LOW","potentially vulnerable, uses TLS CBC ciphers","CVE-2013-0169","CWE-310" "winshock","testssl.sh/81.169.235.32","443","OK","not vulnerable","CVE-2014-6321","CWE-94" "RC4","testssl.sh/81.169.235.32","443","OK","not vulnerable","CVE-2013-2566 CVE-2015-2808","CWE-310" -"clientsimulation-android_70","testssl.sh/81.169.235.32","443","INFO","TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384","","" -"clientsimulation-android_81","testssl.sh/81.169.235.32","443","INFO","TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384","","" -"clientsimulation-android_90","testssl.sh/81.169.235.32","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","","" -"clientsimulation-android_X","testssl.sh/81.169.235.32","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","","" -"clientsimulation-android_11_12","testssl.sh/81.169.235.32","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","","" -"clientsimulation-android_13_14","testssl.sh/81.169.235.32","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","","" -"clientsimulation-android_15_16","testssl.sh/81.169.235.32","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","","" -"clientsimulation-chromium_137_win11","testssl.sh/81.169.235.32","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","","" -"clientsimulation-firefox_100_win10","testssl.sh/81.169.235.32","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","","" -"clientsimulation-firefox_137_win11","testssl.sh/81.169.235.32","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","","" +"clientsimulation-android_70","testssl.sh/81.169.235.32","443","INFO","TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 256 bit ECDH (P-256)","","" +"clientsimulation-android_81","testssl.sh/81.169.235.32","443","INFO","TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 253 bit ECDH (X25519)","","" +"clientsimulation-android_90","testssl.sh/81.169.235.32","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384 253 bit ECDH (X25519)","","" +"clientsimulation-android_X","testssl.sh/81.169.235.32","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384 253 bit ECDH (X25519)","","" +"clientsimulation-android_11_12","testssl.sh/81.169.235.32","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384 253 bit ECDH (X25519)","","" +"clientsimulation-android_13_14","testssl.sh/81.169.235.32","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384 253 bit ECDH (X25519)","","" +"clientsimulation-android_15_16","testssl.sh/81.169.235.32","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384 X25519MLKEM768","","" +"clientsimulation-chromium_137_win11","testssl.sh/81.169.235.32","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384 X25519MLKEM768","","" +"clientsimulation-firefox_100_win10","testssl.sh/81.169.235.32","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384 253 bit ECDH (X25519)","","" +"clientsimulation-firefox_137_win11","testssl.sh/81.169.235.32","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384 X25519MLKEM768","","" "clientsimulation-ie_8_win7","testssl.sh/81.169.235.32","443","INFO","No connection","","" -"clientsimulation-ie_11_win7","testssl.sh/81.169.235.32","443","INFO","TLSv1.2 ECDHE-RSA-AES256-SHA384","","" -"clientsimulation-ie_11_win81","testssl.sh/81.169.235.32","443","INFO","TLSv1.2 ECDHE-RSA-AES256-SHA384","","" -"clientsimulation-ie_11_winphone81","testssl.sh/81.169.235.32","443","INFO","TLSv1.2 ECDHE-RSA-AES128-SHA256","","" -"clientsimulation-ie_11_win10","testssl.sh/81.169.235.32","443","INFO","TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384","","" -"clientsimulation-edge_15_win10","testssl.sh/81.169.235.32","443","INFO","TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384","","" -"clientsimulation-edge_101_win10_21h2","testssl.sh/81.169.235.32","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","","" -"clientsimulation-edge_133_win11_23h2","testssl.sh/81.169.235.32","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","","" -"clientsimulation-safari_184_osx_154","testssl.sh/81.169.235.32","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","","" -"clientsimulation-safari_264_all","testssl.sh/81.169.235.32","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","","" +"clientsimulation-ie_11_win7","testssl.sh/81.169.235.32","443","INFO","TLSv1.2 ECDHE-RSA-AES256-SHA384 256 bit ECDH (P-256)","","" +"clientsimulation-ie_11_win81","testssl.sh/81.169.235.32","443","INFO","TLSv1.2 ECDHE-RSA-AES256-SHA384 256 bit ECDH (P-256)","","" +"clientsimulation-ie_11_winphone81","testssl.sh/81.169.235.32","443","INFO","TLSv1.2 ECDHE-RSA-AES128-SHA256 256 bit ECDH (P-256)","","" +"clientsimulation-ie_11_win10","testssl.sh/81.169.235.32","443","INFO","TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 256 bit ECDH (P-256)","","" +"clientsimulation-edge_15_win10","testssl.sh/81.169.235.32","443","INFO","TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 253 bit ECDH (X25519)","","" +"clientsimulation-edge_101_win10_21h2","testssl.sh/81.169.235.32","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384 253 bit ECDH (X25519)","","" +"clientsimulation-edge_133_win11_23h2","testssl.sh/81.169.235.32","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384 X25519MLKEM768","","" +"clientsimulation-safari_184_osx_154","testssl.sh/81.169.235.32","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384 253 bit ECDH (X25519)","","" +"clientsimulation-safari_264_all","testssl.sh/81.169.235.32","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384 X25519MLKEM768","","" "clientsimulation-java_7u25","testssl.sh/81.169.235.32","443","INFO","No connection","","" -"clientsimulation-java_80442","testssl.sh/81.169.235.32","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","","" -"clientsimulation-java_1102","testssl.sh/81.169.235.32","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","","" -"clientsimulation-java_1703_2106","testssl.sh/81.169.235.32","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","","" -"clientsimulation-go_1178","testssl.sh/81.169.235.32","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","","" -"clientsimulation-libressl_336","testssl.sh/81.169.235.32","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","","" -"clientsimulation-openssl_102e","testssl.sh/81.169.235.32","443","INFO","TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384","","" -"clientsimulation-openssl_111d","testssl.sh/81.169.235.32","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","","" -"clientsimulation-openssl_315","testssl.sh/81.169.235.32","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","","" -"clientsimulation-openssl_350","testssl.sh/81.169.235.32","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","","" -"clientsimulation-openssl_400","testssl.sh/81.169.235.32","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","","" -"clientsimulation-apple_mail_16_0","testssl.sh/81.169.235.32","443","INFO","TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384","","" -"clientsimulation-thunderbird_91_9","testssl.sh/81.169.235.32","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","","" +"clientsimulation-java_80442","testssl.sh/81.169.235.32","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384 253 bit ECDH (X25519)","","" +"clientsimulation-java_1102","testssl.sh/81.169.235.32","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384 256 bit ECDH (P-256)","","" +"clientsimulation-java_1703_2106","testssl.sh/81.169.235.32","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384 253 bit ECDH (X25519)","","" +"clientsimulation-go_1178","testssl.sh/81.169.235.32","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384 253 bit ECDH (X25519)","","" +"clientsimulation-libressl_336","testssl.sh/81.169.235.32","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384 253 bit ECDH (X25519)","","" +"clientsimulation-openssl_102e","testssl.sh/81.169.235.32","443","INFO","TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 256 bit ECDH (P-256)","","" +"clientsimulation-openssl_111d","testssl.sh/81.169.235.32","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384 253 bit ECDH (X25519)","","" +"clientsimulation-openssl_315","testssl.sh/81.169.235.32","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384 253 bit ECDH (X25519)","","" +"clientsimulation-openssl_350","testssl.sh/81.169.235.32","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384 X25519MLKEM768","","" +"clientsimulation-openssl_400","testssl.sh/81.169.235.32","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384 X25519MLKEM768","","" +"clientsimulation-apple_mail_16_0","testssl.sh/81.169.235.32","443","INFO","TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 256 bit ECDH (P-256)","","" +"clientsimulation-thunderbird_91_9","testssl.sh/81.169.235.32","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384 253 bit ECDH (X25519)","","" diff --git a/testssl.sh b/testssl.sh index 2489c50..18c741a 100755 --- a/testssl.sh +++ b/testssl.sh @@ -5244,6 +5244,7 @@ run_client_simulation() { local -i ret=0 local jsonID="clientsimulation" local client_service="" + local append_fileout="" # source the external file . "$TESTSSL_INSTALL_DIR/etc/client-simulation.txt" 2>/dev/null @@ -5439,31 +5440,35 @@ run_client_simulation() { else pr_cipher_quality "$cipher" fi + # attention: print_n_spaces() should only be used once, otherwise HTML output will be doubled if [[ "$DISPLAY_CIPHERNAMES" =~ openssl ]]; then print_n_spaces "$((34-${#cipher}))" + append_fileout=" " else print_n_spaces "$((50-${#cipher}))" + append_fileout=" " fi if [[ -n "$what_dh" ]]; then [[ -n "$curve" ]] && curve="($curve)" if [[ "$what_dh" =~ MLKEM ]] || [[ "$what_dh" =~ Kyber ]]; then pr_kem_quality "$bits" "$(printf -- "%-12s" "$what_dh")" + append_fileout+="$(printf -- "%-12s" "$what_dh")" elif [[ "$what_dh" == ECDH ]]; then pr_ecdh_quality "$bits" "$(printf -- "%-12s" "$bits bit $what_dh") $curve" + append_fileout+="$(printf -- "%-12s" "$bits bit $what_dh") $curve" else pr_dh_quality "$bits" "$(printf -- "%-12s" "$bits bit $what_dh") $curve" + append_fileout+="$(printf -- "%-12s" "$bits bit $what_dh") $curve" fi else if "$HAS_DH_BITS" || { "$using_sockets" && [[ -n "${handshakebytes[i]}" ]]; }; then out "No FS" + append_fileout+="no FS" fi fi outln - if [[ -n "${warning[i]}" ]]; then - out " " - outln "${warning[i]}" - fi - fileout "${jsonID}-${short[i]}" "INFO" "$proto $cipher ${warning[i]}" + fileout "${jsonID}-${short[i]}" "INFO" "$proto $cipher $append_fileout" + # Just one "finding" with all the data has space for improvements debugme cat $TMPFILE fi fi # correct service?