Further (slight) update on cipher quality coloring

TLS_RSA_* which don't fall into the aleady mentioned
    categories (CBC cipher, export, RC4 etc.) are now
    a bit more more penalized. Those are the ones which have
    an RSA key exchange AND a modern encryption.

    pr_cipher_quality() needs to be redone after carefully
    reconsidered which cipher should have which rating.

testssl.sh

@@ -4863,6 +4863,7 @@ pr_ecdh_curve_quality() {
 #   1 = pr_svrty_critical, 2 = pr_svrty_high, 3 = pr_svrty_medium, 4 = pr_svrty_low
 #   5 = neither good nor bad, 6 = pr_done_good, 7 = pr_done_best
 #
+# Please note this section isn't particular spot on. It needs to be reconsidered/redone
 pr_cipher_quality() {
      local cipher="$1"
      local text="$2"
@@ -4883,6 +4884,11 @@ pr_cipher_quality() {
                          pr_svrty_high "$text"
                          return 2
                          ;;
+                    AES256-GCM-SHA384|AES128-GCM-SHA256|AES256-CCM|AES128-CCM|ARIA256-GCM-SHA384|ARIA128-GCM-SHA256)
+                         # RSA kx and e.g. GCM isn't certainly the best
+                         pr_done_good "$text"
+                         return 6
+                         ;;
                     *GCM*|*CCM*|*CHACHA20*)
                          pr_done_best "$text"
                          return 7
@@ -4913,6 +4919,16 @@ pr_cipher_quality() {
                pr_svrty_high "$text"
                return 2
                ;;
+          TLS_RSA_*)
+               if [[ "$cipher" =~ CBC ]]; then
+                    pr_svrty_low "$text"
+                    return 4
+               else
+                    pr_done_good "$text"
+                    # RSA kx and e.g. GCM isn't certainly the best
+                    return 6
+               fi
+               ;;
           *GCM*|*CCM*|*CHACHA20*)
                pr_done_best "$text"
                return 7