Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2026-06-02 22:48:49 +02:00
Code Issues Packages Projects Releases Wiki Activity

Consolidate handshakes for all Safaris 26.4

Browse Source 
Looked before at ja3, but for Chromium-browsers ja4 is relevant.
The client column needed to be extended with 1 space.
This commit is contained in:
Dirk
2026-05-18 21:16:43 +02:00
parent b4e58dfbb5
commit 56697cee48
3 changed files with 10 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files
etc/client-simulation.txt
+3 -2
View File
@@ -2636,7 +2636,8 @@ names+=("Opera 66 (Win 10)")
requiresSha2+=(false) requiresSha2+=(false)
ja3+=("ecdf4f49dd59effc439639da29186671") ja3+=("ecdf4f49dd59effc439639da29186671")
ja4+=("t13d2013h2_a09f3c656075_7f0f34a4126d") ja4+=("t13d2013h2_a09f3c656075_7f0f34a4126d")
current+=(true) current+=(false)
# identical to MaCOS Safari 26.4, see ja4
names+=("Safari 12.1 (macOS 10.13.6)") names+=("Safari 12.1 (macOS 10.13.6)")
short+=("safari_121_osx_10136") short+=("safari_121_osx_10136")
@@ -2728,7 +2729,7 @@ names+=("Opera 66 (Win 10)")
ja4+=("t13d2014h2_a09f3c656075_e42f34c56612") ja4+=("t13d2014h2_a09f3c656075_e42f34c56612")
current+=(true) current+=(true)
names+=("Safari 26.4 (macOS 26.4)") names+=("Safari 26.4 (macOS/iOS/iPadOS 26.4)")
short+=("safari_264_osx_264") short+=("safari_264_osx_264")
ch_ciphers+=("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA:AES128-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:DES-CBC3-SHA") ch_ciphers+=("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA:AES128-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:DES-CBC3-SHA")
ciphersuites+=("TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256") ciphersuites+=("TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256")
etc/client-simulation.wiresharked.txt
+1
View File
@@ -1124,6 +1124,7 @@
ja3+=("ecdf4f49dd59effc439639da29186671") ja3+=("ecdf4f49dd59effc439639da29186671")
ja4+=("t13d2013h2_a09f3c656075_7f0f34a4126d") ja4+=("t13d2013h2_a09f3c656075_7f0f34a4126d")
current+=(true) current+=(true)
# iOS/iPadOS is the same, see ja4
names+=("Safari 12.1 (macOS 10.13.6)") names+=("Safari 12.1 (macOS 10.13.6)")
short+=("safari_121_osx_10136") short+=("safari_121_osx_10136")
testssl.sh
+6 -6
View File
@@ -5280,17 +5280,17 @@ run_client_simulation() {
debugme echo debugme echo
if [[ "$DISPLAY_CIPHERNAMES" =~ openssl ]]; then if [[ "$DISPLAY_CIPHERNAMES" =~ openssl ]]; then
out " Browser/Client Protocol Cipher Suite Name (OpenSSL) " out " Browser/Client Protocol Cipher Suite Name (OpenSSL) "
{ "$using_sockets" || "$HAS_DH_BITS"; } && out "Forward Secrecy" { "$using_sockets" || "$HAS_DH_BITS"; } && out "Forward Secrecy"
outln outln
out "--------------------------------------------------------------------------------" out "---------------------------------------------------------------------------------"
else else
out " Browser/Client Protocol Cipher Suite Name (IANA/RFC) " out " Browser/Client Protocol Cipher Suite Name (IANA/RFC) "
{ "$using_sockets" || "$HAS_DH_BITS"; } && out "Forward Secrecy" { "$using_sockets" || "$HAS_DH_BITS"; } && out "Forward Secrecy"
outln outln
out "------------------------------------------------------------------------------------------------" out "-------------------------------------------------------------------------------------------------"
fi fi
{ "$using_sockets" || "$HAS_DH_BITS"; } && out "----------------------" { "$using_sockets" || "$HAS_DH_BITS"; } && out "-----------------------"
outln outln
if ! "$using_sockets"; then if ! "$using_sockets"; then
# We can't use the connectivity checker here as of now the openssl reply is always empty (reason??) # We can't use the connectivity checker here as of now the openssl reply is always empty (reason??)
@@ -5302,7 +5302,7 @@ run_client_simulation() {
if "${current[i]}" || "$ALL_CLIENTS" ; then if "${current[i]}" || "$ALL_CLIENTS" ; then
# for ANY we test this service or if the service we determined from STARTTLS matches # for ANY we test this service or if the service we determined from STARTTLS matches
if [[ "${service[i]}" == ANY ]] || [[ "${service[i]}" =~ $client_service ]]; then if [[ "${service[i]}" == ANY ]] || [[ "${service[i]}" =~ $client_service ]]; then
out " $(printf -- "%-35s" "${names[i]}")" out " $(printf -- "%-36s" "${names[i]}")"
if "$using_sockets" && [[ -n "${handshakebytes[i]}" ]]; then if "$using_sockets" && [[ -n "${handshakebytes[i]}" ]]; then
client_simulation_sockets "${handshakebytes[i]}" client_simulation_sockets "${handshakebytes[i]}"
sclient_success=$? sclient_success=$?