add a comment for STARTTLS + TLS 1.3
related to David's comment in https://github.com/drwetter/testssl.sh/pull/958#issuecomment-358990186
This commit is contained in:
parent
41635ce53f
commit
7a10e5514f
|
@ -254,10 +254,11 @@ HOSTCERT=""
|
||||||
HEADERFILE=""
|
HEADERFILE=""
|
||||||
HEADERVALUE=""
|
HEADERVALUE=""
|
||||||
HTTP_STATUS_CODE=""
|
HTTP_STATUS_CODE=""
|
||||||
PROTOS_OFFERED="" # this is a global to keep the info which protocol is being offered. See has_server_protocol()
|
PROTOS_OFFERED="" # This is a global to keep the info which protocol is being offered. See has_server_protocol().
|
||||||
KEY_SHARE_EXTN_NR="33" # The extension number for key_share was changed from 40 to 51 in TLSv1.3 draft 23. In order to
|
KEY_SHARE_EXTN_NR="33" # The extension number for key_share was changed from 40 to 51 in TLSv1.3 draft 23. In order to
|
||||||
# support draft 23 in additional to earlier drafts, need to know which extension number to use.
|
# support draft 23 in additional to earlier drafts, need to know which extension number to use.
|
||||||
# Note that it appears that a single ClientHello cannot advertise both draft 23 and earlier drafts.
|
# Note that it appears that a single ClientHello cannot advertise both draft 23 and earlier drafts.
|
||||||
|
# Preset may help to deal with STARTTLS + TLS 1.3 draft 23 but not earlier.
|
||||||
TLS_EXTENSIONS=""
|
TLS_EXTENSIONS=""
|
||||||
BAD_SERVER_HELLO_CIPHER=false # reserved for cases where a ServerHello doesn't contain a cipher offered in the ClientHello
|
BAD_SERVER_HELLO_CIPHER=false # reserved for cases where a ServerHello doesn't contain a cipher offered in the ClientHello
|
||||||
GOST_STATUS_PROBLEM=false
|
GOST_STATUS_PROBLEM=false
|
||||||
|
|
Loading…
Reference in New Issue