...
 
Commits (3)
......@@ -9,7 +9,7 @@ SSLv3 enabled
TLSv1.0 enabled
TLSv1.1 enabled
TLSv1.2 enabled
TLSv1.3 not enabled
TLSv1.3 disabled
TLS Fallback SCSV:
Server supports TLS Fallback SCSV
......
......@@ -9,7 +9,7 @@ SSLv3 disabled
TLSv1.0 disabled
TLSv1.1 disabled
TLSv1.2 enabled
TLSv1.3 not enabled
TLSv1.3 disabled
Supported Server Cipher(s):
Preferred 400 Bad Request TLSv1.2 256 bits ECDHE-RSA-CHACHA20-POLY1305  Curve 25519 DHE 253
......
......@@ -9,7 +9,7 @@ SSLv3 disabled
TLSv1.0 enabled
TLSv1.1 enabled
TLSv1.2 enabled
TLSv1.3 not enabled
TLSv1.3 disabled
OCSP Stapling Request:
OCSP Response Status: successful (0x0)
......
......@@ -9,7 +9,7 @@ SSLv3 enabled
TLSv1.0 enabled
TLSv1.1 disabled
TLSv1.2 disabled
TLSv1.3 not enabled
TLSv1.3 disabled
TLS Fallback SCSV:
Server does not support TLS Fallback SCSV
......
......@@ -9,7 +9,7 @@ SSLv3 disabled
TLSv1.0 disabled
TLSv1.1 disabled
TLSv1.2 enabled
TLSv1.3 not enabled
TLSv1.3 disabled
TLS Fallback SCSV:
Server supports TLS Fallback SCSV
......
......@@ -9,7 +9,7 @@ SSLv3 disabled
TLSv1.0 disabled
TLSv1.1 disabled
TLSv1.2 enabled
TLSv1.3 not enabled
TLSv1.3 disabled
TLS Fallback SCSV:
Server supports TLS Fallback SCSV
......
......@@ -9,7 +9,7 @@ SSLv3 disabled
TLSv1.0 disabled
TLSv1.1 disabled
TLSv1.2 enabled
TLSv1.3 not enabled
TLSv1.3 disabled
TLS Fallback SCSV:
Server supports TLS Fallback SCSV
......
......@@ -9,7 +9,7 @@ SSLv3 disabled
TLSv1.0 disabled
TLSv1.1 disabled
TLSv1.2 disabled
TLSv1.3 not enabled
TLSv1.3 disabled
TLS Fallback SCSV:
Connection failed - unable to determine TLS Fallback SCSV support
......@@ -23,5 +23,5 @@ Compression disabled
Heartbleed:
Supported Server Cipher(s):
Certificate information cannot be enumerated through SSLv2 nor SSLv3.
Certificate information cannot be retrieved.
......@@ -9,7 +9,7 @@ SSLv3 enabled
TLSv1.0 disabled
TLSv1.1 disabled
TLSv1.2 disabled
TLSv1.3 not enabled
TLSv1.3 disabled
TLS Fallback SCSV:
Connection failed - unable to determine TLS Fallback SCSV support
......@@ -23,5 +23,5 @@ Compression disabled
Heartbleed:
Supported Server Cipher(s):
Certificate information cannot be enumerated through SSLv2 nor SSLv3.
Certificate information cannot be retrieved.
......@@ -9,7 +9,7 @@ SSLv3 enabled
TLSv1.0 enabled
TLSv1.1 enabled
TLSv1.2 enabled
TLSv1.3 not enabled
TLSv1.3 disabled
TLS Fallback SCSV:
Server supports TLS Fallback SCSV
......
......@@ -9,7 +9,7 @@ SSLv3 enabled
TLSv1.0 enabled
TLSv1.1 disabled
TLSv1.2 disabled
TLSv1.3 not enabled
TLSv1.3 disabled
TLS Fallback SCSV:
Server does not support TLS Fallback SCSV
......
......@@ -9,7 +9,7 @@ SSLv3 enabled
TLSv1.0 enabled
TLSv1.1 disabled
TLSv1.2 disabled
TLSv1.3 not enabled
TLSv1.3 disabled
TLS Fallback SCSV:
Server does not support TLS Fallback SCSV
......
......@@ -9,7 +9,7 @@ SSLv3 disabled
TLSv1.0 disabled
TLSv1.1 disabled
TLSv1.2 enabled
TLSv1.3 not enabled
TLSv1.3 disabled
Supported Server Cipher(s):
Preferred 200 OK TLSv1.2 256 bits ECDHE-RSA-CHACHA20-POLY1305  Curve 25519 DHE 253
......
......@@ -3388,7 +3388,7 @@ int testHost(struct sslCheckOptions *options)
printf("TLSv1.3 %senabled%s\n", COL_GREEN, RESET);
printf_xml(" <protocol type=\"tls\" version=\"1.3\" enabled=\"1\" />\n");
} else {
printf("TLSv1.3 not enabled\n");
printf("TLSv1.3 %sdisabled%s\n", COL_YELLOW, RESET);
printf_xml(" <protocol type=\"tls\" version=\"1.3\" enabled=\"0\" />\n");
}
}
......@@ -3562,16 +3562,11 @@ int testHost(struct sslCheckOptions *options)
// Show weak certificate signing algorithm or key strength
if (status == true && options->checkCertificate == true)
{
status = checkCertificateProtocol(options, TLS_client_method());
if (status != false)
status = checkCertificateProtocol(options, TLSv1_3_client_method());
if (status != false)
status = checkCertificateProtocol(options, TLSv1_2_client_method());
if (status != false)
status = checkCertificateProtocol(options, TLSv1_1_client_method());
if (status != false)
status = checkCertificateProtocol(options, TLSv1_client_method());
if (status != false)
printf("Certificate information cannot be enumerated through SSLv2 nor SSLv3.\n\n");
{
printf("Certificate information cannot be retrieved.\n\n");
}
}
// Print client auth trusted CAs
......@@ -4058,12 +4053,8 @@ int main(int argc, char *argv[])
case mode_help:
// Program version banner...
printf("%s%s%s\n", COL_BLUE, program_banner, RESET);
printf("%s\t\t%s\n\t\t%s\n%s", COL_BLUE, VERSION,
printf("%s\t\t%s\n\t\t%s\n%s\n\n", COL_BLUE, VERSION,
SSLeay_version(SSLEAY_VERSION), RESET);
#ifdef OPENSSL_NO_SSL2
printf("%sOpenSSL version does not support SSLv2%s\n", COL_RED, RESET);
printf("%sSSLv2 ciphers will not be detected%s\n\n", COL_RED, RESET);
#endif
printf("%sCommand:%s\n", COL_BLUE, RESET);
printf(" %s%s [Options] [host:port | host]%s\n\n", COL_GREEN, argv[0], RESET);
printf("%sOptions:%s\n", COL_BLUE, RESET);
......