Consolidate handshakes for all Safaris 26.4

Looked before at ja3, but for Chromium-browsers ja4 is relevant. The client column needed to be extended with 1 space.
2026-06-02 22:48:49 +02:00 · 2026-05-18 21:16:43 +02:00
parent b4e58dfbb5
commit 56697cee48
3 changed files with 10 additions and 8 deletions
@@ -2636,7 +2636,8 @@ names+=("Opera 66 (Win 10)")
     requiresSha2+=(false)
     ja3+=("ecdf4f49dd59effc439639da29186671")
     ja4+=("t13d2013h2_a09f3c656075_7f0f34a4126d")
-     current+=(true)
+     current+=(false)
+     # identical to MaCOS Safari 26.4, see ja4

     names+=("Safari 12.1 (macOS 10.13.6)")
     short+=("safari_121_osx_10136")
@@ -2728,7 +2729,7 @@ names+=("Opera 66 (Win 10)")
     ja4+=("t13d2014h2_a09f3c656075_e42f34c56612")
     current+=(true)

-     names+=("Safari 26.4 (macOS 26.4)")
+     names+=("Safari 26.4 (macOS/iOS/iPadOS 26.4)")
     short+=("safari_264_osx_264")
     ch_ciphers+=("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA:AES128-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:DES-CBC3-SHA")
     ciphersuites+=("TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256")
@@ -1124,6 +1124,7 @@
     ja3+=("ecdf4f49dd59effc439639da29186671")
     ja4+=("t13d2013h2_a09f3c656075_7f0f34a4126d")
     current+=(true)
+     # iOS/iPadOS is the same, see ja4

     names+=("Safari 12.1 (macOS 10.13.6)")
     short+=("safari_121_osx_10136")
@@ -5280,17 +5280,17 @@ run_client_simulation() {
     debugme echo

     if [[ "$DISPLAY_CIPHERNAMES" =~ openssl ]]; then
-          out " Browser/Client                     Protocol  Cipher Suite Name (OpenSSL)       "
+          out " Browser/Client                      Protocol  Cipher Suite Name (OpenSSL)       "
          { "$using_sockets" || "$HAS_DH_BITS"; } && out "Forward Secrecy"
          outln
-          out "--------------------------------------------------------------------------------"
+          out "---------------------------------------------------------------------------------"
     else
-          out " Browser/Client                     Protocol  Cipher Suite Name (IANA/RFC)                      "
+          out " Browser/Client                      Protocol  Cipher Suite Name (IANA/RFC)                      "
          { "$using_sockets" || "$HAS_DH_BITS"; } && out "Forward Secrecy"
          outln
-          out "------------------------------------------------------------------------------------------------"
+          out "-------------------------------------------------------------------------------------------------"
     fi
-     { "$using_sockets" || "$HAS_DH_BITS"; } && out "----------------------"
+     { "$using_sockets" || "$HAS_DH_BITS"; } && out "-----------------------"
     outln
     if ! "$using_sockets"; then
          # We can't use the connectivity checker here as of now the openssl reply is always empty (reason??)
@@ -5302,7 +5302,7 @@ run_client_simulation() {
          if "${current[i]}" || "$ALL_CLIENTS" ; then
               # for ANY we test this service or if the service we determined from STARTTLS matches
               if [[ "${service[i]}" == ANY ]] || [[ "${service[i]}" =~ $client_service ]]; then
-                    out " $(printf -- "%-35s" "${names[i]}")"
+                    out " $(printf -- "%-36s" "${names[i]}")"
                    if "$using_sockets" && [[ -n "${handshakebytes[i]}" ]]; then
                         client_simulation_sockets "${handshakebytes[i]}"
                         sclient_success=$?