From 56e6fa4bb7a02ecb91e994983cea4e54f172172a Mon Sep 17 00:00:00 2001 From: Dirk Wetter Date: Mon, 13 Jan 2020 23:11:59 +0100 Subject: [PATCH] Remove FTP as a "service" from Firefox' client simulation ... as firefox never supported FTP over TLS or SSL, see https://bugzilla.mozilla.org/show_bug.cgi?id=85464 In general browsers tend to remove noaways cleartext FTP from browsers. --- etc/client-simulation.txt | 62 +++++++++++++-------------- etc/client-simulation.wiresharked.txt | 4 +- 2 files changed, 33 insertions(+), 33 deletions(-) diff --git a/etc/client-simulation.txt b/etc/client-simulation.txt index f0998b1..4f348a1 100644 --- a/etc/client-simulation.txt +++ b/etc/client-simulation.txt @@ -863,7 +863,7 @@ tlsvers+=("-tls1") lowest_protocol+=("0x0300") highest_protocol+=("0x0301") - service+=("HTTP,FTP") + service+=("HTTP") minDhBits+=(-1) maxDhBits+=(-1) minRsaBits+=(-1) @@ -884,7 +884,7 @@ tlsvers+=("-tls1") lowest_protocol+=("0x0300") highest_protocol+=("0x0301") - service+=("HTTP,FTP") + service+=("HTTP") minDhBits+=(-1) maxDhBits+=(-1) minRsaBits+=(-1) @@ -905,7 +905,7 @@ tlsvers+=("-tls1") lowest_protocol+=("0x0300") highest_protocol+=("0x0301") - service+=("HTTP,FTP") + service+=("HTTP") minDhBits+=(-1) maxDhBits+=(-1) minRsaBits+=(-1) @@ -926,7 +926,7 @@ tlsvers+=("-tls1") lowest_protocol+=("0x0300") highest_protocol+=("0x0301") - service+=("HTTP,FTP") + service+=("HTTP") minDhBits+=(-1) maxDhBits+=(-1) minRsaBits+=(-1) @@ -947,7 +947,7 @@ tlsvers+=("-tls1") lowest_protocol+=("0x0300") highest_protocol+=("0x0301") - service+=("HTTP,FTP") + service+=("HTTP") minDhBits+=(-1) maxDhBits+=(-1) minRsaBits+=(-1) @@ -968,7 +968,7 @@ tlsvers+=("-tls1") lowest_protocol+=("0x0300") highest_protocol+=("0x0301") - service+=("HTTP,FTP") + service+=("HTTP") minDhBits+=(-1) maxDhBits+=(-1) minRsaBits+=(-1) @@ -989,7 +989,7 @@ tlsvers+=("-tls1") lowest_protocol+=("0x0300") highest_protocol+=("0x0301") - service+=("HTTP,FTP") + service+=("HTTP") minDhBits+=(-1) maxDhBits+=(-1) minRsaBits+=(-1) @@ -1010,7 +1010,7 @@ tlsvers+=("-tls1") lowest_protocol+=("0x0300") highest_protocol+=("0x0301") - service+=("HTTP,FTP") + service+=("HTTP") minDhBits+=(-1) maxDhBits+=(-1) minRsaBits+=(-1) @@ -1031,7 +1031,7 @@ tlsvers+=("-tls1_2 -tls1_1 -tls1") lowest_protocol+=("0x0300") highest_protocol+=("0x0303") - service+=("HTTP,FTP") + service+=("HTTP") minDhBits+=(-1) maxDhBits+=(-1) minRsaBits+=(-1) @@ -1052,7 +1052,7 @@ tlsvers+=("-tls1_2 -tls1_1 -tls1") lowest_protocol+=("0x0300") highest_protocol+=("0x0303") - service+=("HTTP,FTP") + service+=("HTTP") minDhBits+=(-1) maxDhBits+=(-1) minRsaBits+=(-1) @@ -1073,7 +1073,7 @@ tlsvers+=("-tls1_2 -tls1_1 -tls1") lowest_protocol+=("0x0300") highest_protocol+=("0x0303") - service+=("HTTP,FTP") + service+=("HTTP") minDhBits+=(-1) maxDhBits+=(-1) minRsaBits+=(-1) @@ -1094,7 +1094,7 @@ tlsvers+=("-tls1_2 -tls1_1 -tls1") lowest_protocol+=("0x0301") highest_protocol+=("0x0303") - service+=("HTTP,FTP") + service+=("HTTP") minDhBits+=(-1) maxDhBits+=(-1) minRsaBits+=(-1) @@ -1115,7 +1115,7 @@ tlsvers+=("-tls1_2 -tls1_1 -tls1") lowest_protocol+=("0x0300") highest_protocol+=("0x0303") - service+=("HTTP,FTP") + service+=("HTTP") minDhBits+=(-1) maxDhBits+=(-1) minRsaBits+=(-1) @@ -1136,7 +1136,7 @@ tlsvers+=("-tls1_2 -tls1_1 -tls1") lowest_protocol+=("0x0300") highest_protocol+=("0x0303") - service+=("HTTP,FTP") + service+=("HTTP") minDhBits+=(-1) maxDhBits+=(-1) minRsaBits+=(-1) @@ -1157,7 +1157,7 @@ tlsvers+=("-tls1_2 -tls1_1 -tls1") lowest_protocol+=("0x0301") highest_protocol+=("0x0303") - service+=("HTTP,FTP") + service+=("HTTP") minDhBits+=(-1) maxDhBits+=(-1) minRsaBits+=(-1) @@ -1178,7 +1178,7 @@ tlsvers+=("-tls1_2 -tls1_1 -tls1") lowest_protocol+=("0x0301") highest_protocol+=("0x0303") - service+=("HTTP,FTP") + service+=("HTTP") minDhBits+=(-1) maxDhBits+=(-1) minRsaBits+=(-1) @@ -1199,7 +1199,7 @@ tlsvers+=("-tls1_2 -tls1_1 -tls1") lowest_protocol+=("0x0301") highest_protocol+=("0x0303") - service+=("HTTP,FTP") + service+=("HTTP") minDhBits+=(-1) maxDhBits+=(-1) minRsaBits+=(-1) @@ -1220,7 +1220,7 @@ tlsvers+=("-tls1_2 -tls1_1 -tls1") lowest_protocol+=("0x0301") highest_protocol+=("0x0303") - service+=("HTTP,FTP") + service+=("HTTP") minDhBits+=(1023) maxDhBits+=(-1) minRsaBits+=(-1) @@ -1241,7 +1241,7 @@ tlsvers+=("-tls1_2 -tls1_1 -tls1") lowest_protocol+=("0x0301") highest_protocol+=("0x0303") - service+=("HTTP,FTP") + service+=("HTTP") minDhBits+=(1023) maxDhBits+=(-1) minRsaBits+=(-1) @@ -1262,7 +1262,7 @@ tlsvers+=("-tls1_2 -tls1_1 -tls1") lowest_protocol+=("0x0301") highest_protocol+=("0x0303") - service+=("HTTP,FTP") + service+=("HTTP") minDhBits+=(1023) maxDhBits+=(-1) minRsaBits+=(-1) @@ -1283,7 +1283,7 @@ tlsvers+=("-tls1_2 -tls1_1 -tls1") lowest_protocol+=("0x0301") highest_protocol+=("0x0303") - service+=("HTTP,FTP") + service+=("HTTP") minDhBits+=(1023) maxDhBits+=(-1) minRsaBits+=(-1) @@ -1304,7 +1304,7 @@ tlsvers+=("-tls1_2 -tls1_1 -tls1") lowest_protocol+=("0x0301") highest_protocol+=("0x0303") - service+=("HTTP,FTP") + service+=("HTTP") minDhBits+=(1023) maxDhBits+=(-1) minRsaBits+=(-1) @@ -1325,7 +1325,7 @@ tlsvers+=("-tls1_2 -tls1_1 -tls1") lowest_protocol+=("0x0301") highest_protocol+=("0x0303") - service+=("HTTP,FTP") + service+=("HTTP") minDhBits+=(1023) maxDhBits+=(-1) minRsaBits+=(-1) @@ -1346,7 +1346,7 @@ tlsvers+=("-tls1_2 -tls1_1 -tls1") lowest_protocol+=("0x0301") highest_protocol+=("0x0303") - service+=("HTTP,FTP") + service+=("HTTP") minDhBits+=(1023) maxDhBits+=(-1) minRsaBits+=(-1) @@ -1367,7 +1367,7 @@ tlsvers+=("-tls1_2 -tls1_1 -tls1") lowest_protocol+=("0x0301") highest_protocol+=("0x0303") - service+=("HTTP,FTP") + service+=("HTTP") minDhBits+=(1023) maxDhBits+=(-1) minRsaBits+=(-1) @@ -1388,7 +1388,7 @@ tlsvers+=("-tls1_2 -tls1_1 -tls1") lowest_protocol+=("0x0301") highest_protocol+=("0x0303") - service+=("HTTP,FTP") + service+=("HTTP") minDhBits+=(1023) maxDhBits+=(-1) minRsaBits+=(-1) @@ -1409,7 +1409,7 @@ tlsvers+=("-tls1_2 -tls1_1 -tls1") lowest_protocol+=("0x0301") highest_protocol+=("0x0304") - service+=("HTTP,FTP") + service+=("HTTP") minDhBits+=(1023) maxDhBits+=(-1) minRsaBits+=(-1) @@ -1430,7 +1430,7 @@ tlsvers+=("-tls1_2 -tls1_1 -tls1") lowest_protocol+=("0x0301") highest_protocol+=("0x0304") - service+=("HTTP,FTP") + service+=("HTTP") minDhBits+=(1023) maxDhBits+=(-1) minRsaBits+=(-1) @@ -1451,7 +1451,7 @@ tlsvers+=("-tls1_2 -tls1_1 -tls1") lowest_protocol+=("0x0301") highest_protocol+=("0x0304") - service+=("HTTP,FTP") + service+=("HTTP") minDhBits+=(1023) maxDhBits+=(-1) minRsaBits+=(-1) @@ -1473,7 +1473,7 @@ lowest_protocol+=("0x0301") highest_protocol+=("0x0304") alpn+=("h2,http/1.1") - service+=("HTTP,FTP") + service+=("HTTP") minDhBits+=(1023) maxDhBits+=(-1) minRsaBits+=(-1) @@ -1495,7 +1495,7 @@ lowest_protocol+=("0x0301") highest_protocol+=("0x0304") alpn+=("h2,http/1.1") - service+=("HTTP,FTP") + service+=("HTTP") minDhBits+=(1023) maxDhBits+=(-1) minRsaBits+=(-1) diff --git a/etc/client-simulation.wiresharked.txt b/etc/client-simulation.wiresharked.txt index 2b9b4d2..6d9184c 100644 --- a/etc/client-simulation.wiresharked.txt +++ b/etc/client-simulation.wiresharked.txt @@ -171,7 +171,7 @@ lowest_protocol+=("0x0301") highest_protocol+=("0x0304") alpn+=("h2,http/1.1") - service+=("HTTP,FTP") + service+=("HTTP") minDhBits+=(1023) maxDhBits+=(-1) minRsaBits+=(-1) @@ -193,7 +193,7 @@ lowest_protocol+=("0x0301") highest_protocol+=("0x0304") alpn+=("h2,http/1.1") - service+=("HTTP,FTP") + service+=("HTTP") minDhBits+=(1023) maxDhBits+=(-1) minRsaBits+=(-1)