Add a few MS client hellos

* Edge 17 Win 10 * Firefox 66 Win 10 Disable 'Edge 13 Win Phone 10' per default and 'Firefox 62 Win 7'.
2024-12-29 04:49:44 +01:00 · 2019-04-23 10:32:17 +02:00 · 2019-04-23 10:32:17 +02:00 · d2f5c2633c
commit d2f5c2633c
parent 950772cb23
2 changed files with 50 additions and 6 deletions
--- a/etc/client-simulation.txt
+++ b/etc/client-simulation.txt
@ -1350,7 +1350,7 @@
     minEcdsaBits+=(-1)
     curves+=("X25519:prime256v1:secp384r1:secp521r1")
     requiresSha2+=(false)
-     current+=(true)
+     current+=(false)

     names+=("Firefox 62 Win 7")
     short+=("firefox_62_win7")
@ -1373,7 +1373,7 @@
     requiresSha2+=(false)
     current+=(true)

-     names+=("Firefox 66 (Win 8.1)")
+     names+=("Firefox 66 (Win 8.1/10)")
     short+=("firefox_66_win81")
     ciphers+=("TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
     ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384")
@ -1708,7 +1708,7 @@
     minEcdsaBits+=(-1)
     curves+=("prime256v1:secp384r1")
     requiresSha2+=(false)
-     current+=(true)
+     current+=(false)

     names+=("Edge 13 Win Phone 10")
     short+=("edge_13_winphone10")
@ -1729,7 +1729,7 @@
     minEcdsaBits+=(-1)
     curves+=("prime256v1:secp384r1")
     requiresSha2+=(false)
-     current+=(true)
+     current+=(false)

     names+=("Edge 15 Win 10")
     short+=("edge_15_win10")
@ -1752,6 +1752,28 @@
     requiresSha2+=(false)
     current+=(true)

+     names+=("Edge 17 (Win 10)")
+     short+=("edge_17_win10")
+     ciphers+=("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA")
+     ciphersuites+=("")
+     sni+=("$SNI")
+     warning+=("")
+     handshakebytes+=("160303018d0100018903035cbeb3c560acfb3dfe583ba45f51f5e2e36f99dfe5e22f1a230724dfaf5ddbde000026c02cc02bc030c02fc024c023c028c027c00ac009c014c013009d009c003d003c0035002f000a0100013a0000001a0018000015737570706f72742e6d6963726f736f66742e636f6d000500050100000000000a00080006001d00170018000b00020100000d00140012040105010201040305030203020206010603002300c000000f032566a8435c845ce7de67f2f4fd6c75ed3206c9448a513d4b4f8cd2fedb5f7d1eb4573ce68756fdad198bd3e4eadfd4db2d7794cc69198366edcb9b9ff5803a58718c1de4d6dffeb4354cd48f5dba6de719cebb27d544f6b2f4427e4e5d46f564d3098134d9b69a4e83e233f5dfea099733f75022dba07665d7c35dd09742082a06f080871caaa6a7770ebc9e2c792eb88c44d0d56ae6ba068a189b674491cee28155148c86d53071e170ab354e0fd0e390b9ddda0886b9fa8c70ee1a0010000e000c02683208687474702f312e310017000000180006001003020100ff01000100")
+     protos+=("-no_ssl3 -no_ssl2")
+     tlsvers+=("-tls1_2 -tls1_1 -tls1")
+     lowest_protocol+=("0x0301")
+     highest_protocol+=("0x0303")
+     alpn+=("h2,http/1.1")
+     service+=("HTTP,FTP")
+     minDhBits+=(1024)
+     maxDhBits+=(4096)
+     minRsaBits+=(-1)
+     maxRsaBits+=(16384)
+     minEcdsaBits+=(-1)
+     curves+=("X25519:secp256r1:secp384r1")
+     requiresSha2+=(false)
+     current+=(true)
+
     names+=("Opera 12.15 Win 7")
     short+=("opera_1215_win7")
     ciphers+=("DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:DH-RSA-AES256-SHA256:DH-DSS-AES256-SHA256:AES256-SHA256:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DH-RSA-AES256-SHA:DH-DSS-AES256-SHA:AES256-SHA:DHE-RSA-AES128-SHA256:DHE-DSS-AES128-SHA256:DH-RSA-AES128-SHA256:DH-DSS-AES128-SHA256:AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:DH-RSA-AES128-SHA:DH-DSS-AES128-SHA:AES128-SHA:RC4-SHA:RC4-MD5:EDH-DSS-DES-CBC3-SHA:DH-DSS-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:DH-RSA-DES-CBC3-SHA:DES-CBC3-SHA")
--- a/etc/client-simulation.wiresharked.txt
+++ b/etc/client-simulation.wiresharked.txt
@ -70,8 +70,30 @@
     requiresSha2+=(true)
     current+=(true)

-     names+=("Firefox 66 (Win 8.1)")
-     short+=("firefox_66_win81")
+     names+=("Edge 17 Win 10")
+     short+=("edge_17_win10")
+     ciphers+=("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA")
+     ciphersuites+=("")
+     sni+=("$SNI")
+     warning+=("")
+     handshakebytes+=("160303018d0100018903035cbeb3c560acfb3dfe583ba45f51f5e2e36f99dfe5e22f1a230724dfaf5ddbde000026c02cc02bc030c02fc024c023c028c027c00ac009c014c013009d009c003d003c0035002f000a0100013a0000001a0018000015737570706f72742e6d6963726f736f66742e636f6d000500050100000000000a00080006001d00170018000b00020100000d00140012040105010201040305030203020206010603002300c000000f032566a8435c845ce7de67f2f4fd6c75ed3206c9448a513d4b4f8cd2fedb5f7d1eb4573ce68756fdad198bd3e4eadfd4db2d7794cc69198366edcb9b9ff5803a58718c1de4d6dffeb4354cd48f5dba6de719cebb27d544f6b2f4427e4e5d46f564d3098134d9b69a4e83e233f5dfea099733f75022dba07665d7c35dd09742082a06f080871caaa6a7770ebc9e2c792eb88c44d0d56ae6ba068a189b674491cee28155148c86d53071e170ab354e0fd0e390b9ddda0886b9fa8c70ee1a0010000e000c02683208687474702f312e310017000000180006001003020100ff01000100")
+     protos+=("-no_ssl3 -no_ssl2")
+     tlsvers+=("-tls1_2 -tls1_1 -tls1")
+     lowest_protocol+=("0x0301")
+     highest_protocol+=("0x0303")
+     alpn+=("h2,http/1.1")
+     service+=("HTTP,FTP")
+     minDhBits+=(1024)
+     maxDhBits+=(4096)
+     minRsaBits+=(-1)
+     maxRsaBits+=(16384)
+     minEcdsaBits+=(-1)
+     curves+=("X25519:secp256r1:secp384r1")
+     requiresSha2+=(false)
+     current+=(true)
+
+     names+=("Firefox 66 (Win 8.1/10)")
+     short+=("firefox_66_win")
     ciphers+=("TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
     ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384")
     sni+=("$SNI")