minor analysis wording changes

2024-11-22 06:13:42 +01:00 · 2014-10-09 09:57:40 -04:00 · 2014-10-09 09:57:40 -04:00 · 5665951b09
commit 5665951b09
parent 215dbd0c1a
1 changed files with 7 additions and 7 deletions
--- a/analyze.py
+++ b/analyze.py
@ -80,7 +80,7 @@ def is_old(results):
    missing_proto = set(['SSLv3', 'TLSv1', 'TLSv1.1', 'TLSv1.2']) - set(all_proto)
    for proto in missing_proto:
        logging.debug("missing protocol wanted in the old configuration:" + proto)
-        failures[lvl].append('enable ' + proto)
+        failures[lvl].append('consider enabling ' + proto)
    if not has_sslv3:
        logging.debug("SSLv3 is not supported and required by the old configuration")
        old = False
@ -95,7 +95,7 @@ def is_old(results):
        failures[lvl].append("use a DH parameter of 1024 bits")
        old = False
    if not has_ocsp:
-        failures[lvl].append("enable OCSP Stapling")
+        failures[lvl].append("consider enabling OCSP Stapling")
    return old

 # is_intermediate is similar to is_old but for intermediate configuration from
@ -140,7 +140,7 @@ def is_intermediate(results):
    missing_proto = set(['TLSv1', 'TLSv1.1', 'TLSv1.2']) - set(all_proto)
    for proto in missing_proto:
        logging.debug("missing protocol wanted in the intermediate configuration:" + proto)
-        failures[lvl].append('enable ' + proto)
+        failures[lvl].append('consider enabling ' + proto)
    if not has_tls1:
        logging.debug("TLSv1 is not supported and required by the old configuration")
        inter = False
@ -155,7 +155,7 @@ def is_intermediate(results):
        failures[lvl].append("use a DH parameter of 2048 bits")
        inter = False
    if not has_ocsp:
-        failures[lvl].append("enable OCSP Stapling")
+        failures[lvl].append("consider enabling OCSP Stapling")
    return inter

 # is_modern is similar to is_old but for modern configuration from
@ -194,7 +194,7 @@ def is_modern(results):
    missing_proto = set(['TLSv1.1', 'TLSv1.2']) - set(all_proto)
    for proto in missing_proto:
        logging.debug("missing protocol wanted in the modern configuration:" + proto)
-        failures[lvl].append('enable ' + proto)
+        failures[lvl].append('consider enabling ' + proto)
    if not has_sha256:
        failures[lvl].append("use a certificate with sha256WithRSAEncryption signature")
        modern = False
@ -202,7 +202,7 @@ def is_modern(results):
        failures[lvl].append("use a DH parameter of 2048 bits")
        modern = False
    if not has_ocsp:
-        failures[lvl].append("enable OCSP Stapling")
+        failures[lvl].append("consider enabling OCSP Stapling")
    return modern

 def is_ordered(results, ciphersuite):
@ -233,7 +233,7 @@ def evaluate_all(results):
            status = "old ssl with bad ordering"

    if is_fubar(results):
-        return "fubar ssl"
+        return "bad ssl"

    return status