From 854028166dfd223c6e83514a758acfc5b6c5aecc Mon Sep 17 00:00:00 2001 From: Dirk Wetter Date: Tue, 31 May 2022 15:12:16 +0200 Subject: [PATCH] Including AppleMail --- etc/client-simulation.txt | 22 ++++++++++++++++++++++ etc/client-simulation.wiresharked.txt | 22 ++++++++++++++++++++++ t/baseline_data/default_testssl.csvfile | 3 ++- 3 files changed, 46 insertions(+), 1 deletion(-) diff --git a/etc/client-simulation.txt b/etc/client-simulation.txt index aa9e21c..4b8b278 100644 --- a/etc/client-simulation.txt +++ b/etc/client-simulation.txt @@ -2995,6 +2995,28 @@ names+=("Opera 66 (Win 10)") requiresSha2+=(true) current+=(true) + names+=("Apple Mail (16.0)") + short+=("apple_mail_16_0") + ch_ciphers+=("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA") + ciphersuites+=("") + ch_sni+=("$SNI") + warning+=("") + handshakebytes+=("16030100a9010000a50303629610e27d8327bb7869cb85b066cd04b5c5caa9bfb14740edc358ac9dcd843b00002c00ffc02cc02bc024c023c00ac009c008c030c02fc028c027c014c013c012009d009c003d003c0035002f000a0100005000000013001100000e696d61702e676d61696c2e636f6d000a00080006001700180019000b00020100000d00120010040102010501060104030203050306030005000501000000000012000000170000") + protos+=("-no_ssl3 -no_ssl2") + tlsvers+=("-tls1_2 -tls1_1 -tls1_0") + lowest_protocol+=("0x0301") + highest_protocol+=("0x0303") + alpn+=("h2,http/1.1") + service+=("HTTP,SMTP,POP,IMAP") + minDhBits+=(-1) + maxDhBits+=(-1) + minRsaBits+=(-1) + maxRsaBits+=(-1) + minEcdsaBits+=(-1) + curves+=("secp256r1:secp384r1:secp521r1") + requiresSha2+=(false) + current+=(true) + names+=("Thunderbird (60.6)") short+=("thunderbird_60_6_1") ch_ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA") diff --git a/etc/client-simulation.wiresharked.txt b/etc/client-simulation.wiresharked.txt index 9185b33..2bb798a 100644 --- a/etc/client-simulation.wiresharked.txt +++ b/etc/client-simulation.wiresharked.txt @@ -618,6 +618,28 @@ requiresSha2+=(true) current+=(true) + names+=("Apple Mail (16.0)") + short+=("apple_mail_16_0") + ch_ciphers+=("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA") + ciphersuites+=("") + ch_sni+=("$SNI") + warning+=("") + handshakebytes+=("16030100a9010000a50303629610e27d8327bb7869cb85b066cd04b5c5caa9bfb14740edc358ac9dcd843b00002c00ffc02cc02bc024c023c00ac009c008c030c02fc028c027c014c013c012009d009c003d003c0035002f000a0100005000000013001100000e696d61702e676d61696c2e636f6d000a00080006001700180019000b00020100000d00120010040102010501060104030203050306030005000501000000000012000000170000") + protos+=("-no_ssl3 -no_ssl2") + tlsvers+=("-tls1_2 -tls1_1 -tls1_0") + lowest_protocol+=("0x0301") + highest_protocol+=("0x0303") + alpn+=("h2,http/1.1") + service+=("HTTP,SMTP,POP,IMAP") + minDhBits+=(-1) + maxDhBits+=(-1) + minRsaBits+=(-1) + maxRsaBits+=(-1) + minEcdsaBits+=(-1) + curves+=("secp256r1:secp384r1:secp521r1") + requiresSha2+=(false) + current+=(true) + names+=("Thunderbird (60.6)") short+=("thunderbird_60_6_1") ch_ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA") diff --git a/t/baseline_data/default_testssl.csvfile b/t/baseline_data/default_testssl.csvfile index 81d25af..62bbbb3 100644 --- a/t/baseline_data/default_testssl.csvfile +++ b/t/baseline_data/default_testssl.csvfile @@ -66,7 +66,7 @@ "DH_groups","testssl.sh/81.169.166.184","443","OK","Unknown DH group (2048 bits)","","" "HTTP_status_code","testssl.sh/81.169.166.184","443","INFO","200 OK ('/')","","" "HTTP_clock_skew","testssl.sh/81.169.166.184","443","INFO","0 seconds from localtime","","" -"HTTP_headerTime","testssl.sh/81.169.166.184","443","INFO","1653998776","","" +"HTTP_headerTime","testssl.sh/81.169.166.184","443","INFO","1654002656","","" "HSTS_time","testssl.sh/81.169.166.184","443","OK","362 days (=31337000 seconds) > 15552000 seconds","","" "HSTS_subdomains","testssl.sh/81.169.166.184","443","INFO","only for this domain","","" "HSTS_preload","testssl.sh/81.169.166.184","443","INFO","domain is NOT marked for preloading","","" @@ -131,4 +131,5 @@ "clientsimulation-openssl_110l","testssl.sh/81.169.166.184","443","INFO","TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384","","" "clientsimulation-openssl_111d","testssl.sh/81.169.166.184","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","","" "clientsimulation-openssl_303","testssl.sh/81.169.166.184","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","","" +"clientsimulation-apple_mail_16_0","testssl.sh/81.169.166.184","443","INFO","TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384","","" "clientsimulation-thunderbird_91_9","testssl.sh/81.169.166.184","443","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","",""