Git
/
testssl.sh
mirror of https://github.com/drwetter/testssl.sh.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Change to grade cap

This commit is contained in:
Magnus Larsen 2020-06-23 19:24:24 +02:00
parent 069c5ae917
commit f647ae8264
2 changed files with 1 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
doc/testssl.1.md
View File

@ -407,9 +407,6 @@ As of writing, these checks are missing:
* Exportable key exchange - should give **40** points in `set_key_str_score()`
* Weak key (Debian OpenSSL Flaw) - should give **0** points in `set_key_str_score()`
#### STARTTLS
This program rates STARTTLS connections, exactly according to the specification. However, this program adds a grade warning about STARTTLS is being used. This is not apart of the rating specification, and limits the grade a STARTTLS connection can have, to a maximum of `A-`.
#### Implementing new grades caps or -warnings
To implement a new grading cap, simply call the `set_grade_cap()` function, with the grade and a reason:
```bash

2
testssl.sh
View File

@ -20802,7 +20802,7 @@ run_rating() {
pr_headlineln " Rating (experimental) "
outln
[[ -n "$STARTTLS_PROTOCOL" ]] && set_grade_warning "STARTTLS encryption is opportunistic. The grade is very insignificant"
[[ -n "$STARTTLS_PROTOCOL" ]] && set_grade_cap "T" "Encryption via STARTTLS is not mandatory (opportunistic). This leads to a false sense of security"
# Sort the reasons. This is just nicer to read in genereal
IFS=$'\n' sorted_reasons=($(sort -ru <<<"${GRADE_CAP_REASONS[*]}"))