Fix minor inconsistency in description of cipher categories
A longer while back the section ~ "Testing standard ciphers" was renamed to "Testing cipher categories". However the internal help didn't reflect that. This fixes that, including an addtion to the documentation. Note: the help still lists "-s --std, --standard" as a cmd line switch.
This commit is contained in:
parent
8f20d11830
commit
739f45015f
|
@ -196,7 +196,7 @@ Any single check switch supplied as an argument prevents testssl\.sh from doing
|
||||||
\fB\-E, \-\-cipher\-per\-proto\fR is similar to \fB\-e, \-\-each\-cipher\fR\. It checks each of the possible ciphers, here: per protocol\. If you want to display each cipher tested you need to add \fB\-\-show\-each\fR\. The output is sorted by security strength, it lists the encryption bits though\.
|
\fB\-E, \-\-cipher\-per\-proto\fR is similar to \fB\-e, \-\-each\-cipher\fR\. It checks each of the possible ciphers, here: per protocol\. If you want to display each cipher tested you need to add \fB\-\-show\-each\fR\. The output is sorted by security strength, it lists the encryption bits though\.
|
||||||
.
|
.
|
||||||
.P
|
.P
|
||||||
\fB\-s, \-\-std, \-\-standard\fR tests certain lists of cipher suites by strength\. Those lists are (\fBopenssl ciphers $LIST\fR, $LIST from below:)
|
\fB\-s, \-\-std, \-\-standard\fR tests certain lists of cipher suites / cipher categories by strength\. Those lists are (\fBopenssl ciphers $LIST\fR, $LIST from below:)
|
||||||
.
|
.
|
||||||
.IP "\(bu" 4
|
.IP "\(bu" 4
|
||||||
\fBNULL encryption ciphers\fR: \'NULL:eNULL\'
|
\fBNULL encryption ciphers\fR: \'NULL:eNULL\'
|
||||||
|
|
|
@ -236,7 +236,7 @@ containing files with a .pem extension, a single file or multiple files as a com
|
||||||
|
|
||||||
<p><code>-E, --cipher-per-proto</code> is similar to <code>-e, --each-cipher</code>. It checks each of the possible ciphers, here: per protocol. If you want to display each cipher tested you need to add <code>--show-each</code>. The output is sorted by security strength, it lists the encryption bits though.</p>
|
<p><code>-E, --cipher-per-proto</code> is similar to <code>-e, --each-cipher</code>. It checks each of the possible ciphers, here: per protocol. If you want to display each cipher tested you need to add <code>--show-each</code>. The output is sorted by security strength, it lists the encryption bits though.</p>
|
||||||
|
|
||||||
<p><code>-s, --std, --standard</code> tests certain lists of cipher suites by strength. Those lists are (<code>openssl ciphers $LIST</code>, $LIST from below:)</p>
|
<p><code>-s, --std, --standard</code> tests certain lists of cipher suites / cipher catagories by strength. Those lists are (<code>openssl ciphers $LIST</code>, $LIST from below:)</p>
|
||||||
|
|
||||||
<ul>
|
<ul>
|
||||||
<li><code>NULL encryption ciphers</code>: 'NULL:eNULL'</li>
|
<li><code>NULL encryption ciphers</code>: 'NULL:eNULL'</li>
|
||||||
|
|
|
@ -161,7 +161,7 @@ Any single check switch supplied as an argument prevents testssl.sh from doing a
|
||||||
|
|
||||||
`-E, --cipher-per-proto` is similar to `-e, --each-cipher`. It checks each of the possible ciphers, here: per protocol. If you want to display each cipher tested you need to add `--show-each`. The output is sorted by security strength, it lists the encryption bits though.
|
`-E, --cipher-per-proto` is similar to `-e, --each-cipher`. It checks each of the possible ciphers, here: per protocol. If you want to display each cipher tested you need to add `--show-each`. The output is sorted by security strength, it lists the encryption bits though.
|
||||||
|
|
||||||
`-s, --std, --standard` tests certain lists of cipher suites by strength. Those lists are (`openssl ciphers $LIST`, $LIST from below:)
|
`-s, --std, --standard` tests certain lists of cipher suites / cipher catagories by strength. Those lists are (`openssl ciphers $LIST`, $LIST from below:)
|
||||||
|
|
||||||
* `NULL encryption ciphers`: 'NULL:eNULL'
|
* `NULL encryption ciphers`: 'NULL:eNULL'
|
||||||
* `Anonymous NULL ciphers`: 'aNULL:ADH'
|
* `Anonymous NULL ciphers`: 'aNULL:ADH'
|
||||||
|
|
|
@ -19467,7 +19467,7 @@ help() {
|
||||||
single check as <options> ("$PROG_NAME URI" does everything except -E and -g):
|
single check as <options> ("$PROG_NAME URI" does everything except -E and -g):
|
||||||
-e, --each-cipher checks each local cipher remotely
|
-e, --each-cipher checks each local cipher remotely
|
||||||
-E, --cipher-per-proto checks those per protocol
|
-E, --cipher-per-proto checks those per protocol
|
||||||
-s, --std, --standard tests certain lists of cipher suites by strength
|
-s, --std, --standard tests standard cipher categories by strength
|
||||||
-f, --fs, --nsa checks forward secrecy settings
|
-f, --fs, --nsa checks forward secrecy settings
|
||||||
-p, --protocols checks TLS/SSL protocols (including SPDY/HTTP2)
|
-p, --protocols checks TLS/SSL protocols (including SPDY/HTTP2)
|
||||||
-g, --grease tests several server implementation bugs like GREASE and size limitations
|
-g, --grease tests several server implementation bugs like GREASE and size limitations
|
||||||
|
|
Loading…
Reference in New Issue