LittleNellie/cipherscan
2
0
Fork 0
mirror of https://github.com/mozilla/cipherscan.git synced 2024-11-16 20:03:41 +01:00
Code Issues Releases Wiki Activity

extend reporting of RC4-related stats

Browse Source 
While preferring RC4 in TLS1.0 or SSL3 was recommended before,
it was always known that TLS1.1 and TLS1.2 were not vulnerable against
BEAST, so forcing RC4 there is a mistake. Report number of such servers.
This commit is contained in:
Hubert Kario 2014-04-06 14:19:37 +02:00
parent 010ebccd80
commit 0acd31af53
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
top1m/parse_results.py
View File

@ -197,6 +197,12 @@ for r,d,flist in os.walk(path):
cipherstats['RC4'] += 1 cipherstats['RC4'] += 1
if ciphertypes == 1: if ciphertypes == 1:
cipherstats['RC4 Only'] += 1 cipherstats['RC4 Only'] += 1
if 'RC4' in results['ciphersuite'][0]['cipher']:
if 'TLSv1.1' in results['ciphersuite'][0]['protocols'] or\
'TLSv1.2' in results['ciphersuite'][0]['protocols']:
cipherstats['RC4 forced in TLS1.1+'] += 1
cipherstats['RC4 Preferred'] += 1
""" store handshake stats """ """ store handshake stats """
if ECDHE: if ECDHE: