Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-09-02 10:08:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

RFC --> IANA

Browse Source 
The cipher suites names in the RFCs stem (mostly) from IANA, see
https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-4

This PR corrects that in places visible to the user. For backwards
compatibility the cmd line switches still work as before, but there's
a preference to IANA. The RFC naming is labeled as to be retired
in the future.
This commit is contained in:
Dirk
2018-11-08 20:26:52 +01:00
parent 32923bbdb1
commit da233c939e
5 changed files with 41 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
doc/testssl.1
View File

@ -1,7 +1,7 @@
.\" generated with Ronn/v0.7.3
.\" http://github.com/rtomayko/ronn/tree/0.7.3
.
.TH "TESTSSL" "1" "September 2018" "" ""
.TH "TESTSSL" "1" "November 2018" "" ""
.
.SH "NAME"
\fBtestssl\fR
@ -318,23 +318,26 @@ Security headers (X\-Frame\-Options, X\-XSS\-Protection, \.\.\., CSP headers)
\fB\-\-wide\fR Except the "each cipher output" all tests displays the single cipher name (scheme see below)\. This option enables testssl\.sh to display also for the following sections the same output as for testing each ciphers: BEAST, PFS, RC4\. The client simulation has also a wide mode\. The difference here is restricted to a column aligned output and a proper headline\. The environment variable \fBWIDE\fR can be used instead\.
.
.P
\fB\-\-mapping <openssl|rfc|no\-openssl|no\-rfc>\fR
\fB\-\-mapping <openssl|iana|no\-openssl|no\-iana>\fR
.
.IP "\(bu" 4
\fBopenssl\fR: use the OpenSSL cipher suite name as the primary name cipher suite name form (default),
.
.IP "\(bu" 4
\fBrfc\fR: use the RFC cipher suite name as the primary name cipher suite name form\.
\fBiana\fR: use the IANA cipher suite name as the primary name cipher suite name form\.
.
.IP "\(bu" 4
\fBno\-openssl\fR: don\'t display the OpenSSL cipher suite name, display RFC names only\.
\fBno\-openssl\fR: don\'t display the OpenSSL cipher suite name, display IANA names only\.
.
.IP "\(bu" 4
\fBno\-rfc\fR: don\'t display the RFC cipher suite name, display OpenSSL names only\.
\fBno\-iana\fR: don\'t display the IANA cipher suite name, display OpenSSL names only\.
.
.IP "" 0
.
.P
Please note that in testssl\.sh 3,0 you can still use \fBrfc\fR instead of \fBiana\fR and \fBno\-rfc\fR instead of \fBno\-iana\fR but it\'ll disappear after 3\.0\.
.
.P
\fB\-\-show\-each\fR This is an option for all wide modes only: it displays all ciphers tested \-\- not only succeeded ones\. \fBSHOW_EACH_C\fR is your friend if you prefer to set this via the shell environment\.
.
.P
@ -738,7 +741,7 @@ TLSWG Draft: The Transport Layer Security (TLS) Protocol Version 1\.3
\fBetc/*pem\fR Here are the certificate stores from Apple, Linux, Mozilla Firefox, Windows\.
.
.P
\fBetc/mapping\-rfc\.txt\fR Provides a mandatory file with mapping from OpenSSL cipher suites names to the ones from IANA / used in the RFCs\.
\fBetc/cipher\-mapping\.txt\fR Provides a mandatory file with mapping from OpenSSL cipher suites names to the ones from IANA / used in the RFCs\.
.
.P
\fBetc/tls_data\.txt\fR Provides a mandatory file for ciphers (bash sockets) and key material\.