From 0da92f25b7f282caf21ac44ddaa70b4db3966f7c Mon Sep 17 00:00:00 2001
From: Julien Vehent <julien@linuxwall.info>
Date: Sat, 11 Oct 2014 00:34:07 -0400
Subject: [PATCH] verify server side ordering is used in analyze.py

---
 analyze.py | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/analyze.py b/analyze.py
index 42870f1..3a0381e 100755
--- a/analyze.py
+++ b/analyze.py
@@ -114,6 +114,8 @@ def is_old(results):
         old = False
     if not has_ocsp:
         failures[lvl].append("consider enabling OCSP Stapling")
+    if results['serverside'] != 'True':
+        failures[lvl].append("enforce server side ordering")
     return old
 
 # is_intermediate is similar to is_old but for intermediate configuration from
@@ -174,6 +176,8 @@ def is_intermediate(results):
         inter = False
     if not has_ocsp:
         failures[lvl].append("consider enabling OCSP Stapling")
+    if results['serverside'] != 'True':
+        failures[lvl].append("enforce server side ordering")
     return inter
 
 # is_modern is similar to is_old but for modern configuration from
@@ -221,6 +225,8 @@ def is_modern(results):
         modern = False
     if not has_ocsp:
         failures[lvl].append("consider enabling OCSP Stapling")
+    if results['serverside'] != 'True':
+        failures[lvl].append("enforce server side ordering")
     return modern
 
 def is_ordered(results, ref_ciphersuite, lvl):