mirror of
https://github.com/mozilla/cipherscan.git
synced 2024-11-16 20:03:41 +01:00
extend reporting of RC4-related stats
While preferring RC4 in TLS1.0 or SSL3 was recommended before, it was always known that TLS1.1 and TLS1.2 were not vulnerable against BEAST, so forcing RC4 there is a mistake. Report number of such servers.
This commit is contained in:
parent
010ebccd80
commit
0acd31af53
@ -197,6 +197,12 @@ for r,d,flist in os.walk(path):
|
||||
cipherstats['RC4'] += 1
|
||||
if ciphertypes == 1:
|
||||
cipherstats['RC4 Only'] += 1
|
||||
if 'RC4' in results['ciphersuite'][0]['cipher']:
|
||||
if 'TLSv1.1' in results['ciphersuite'][0]['protocols'] or\
|
||||
'TLSv1.2' in results['ciphersuite'][0]['protocols']:
|
||||
cipherstats['RC4 forced in TLS1.1+'] += 1
|
||||
cipherstats['RC4 Preferred'] += 1
|
||||
|
||||
|
||||
""" store handshake stats """
|
||||
if ECDHE:
|
||||
|
Loading…
Reference in New Issue
Block a user