2
0
mirror of https://github.com/mozilla/cipherscan.git synced 2024-12-26 04:33:42 +01:00

extend reporting of RC4-related stats

While preferring RC4 in TLS1.0 or SSL3 was recommended before,
it was always known that TLS1.1 and TLS1.2 were not vulnerable against
BEAST, so forcing RC4 there is a mistake. Report number of such servers.
This commit is contained in:
Hubert Kario 2014-04-06 14:19:37 +02:00
parent 21bba67df0
commit 686d7c958b

View File

@ -197,6 +197,12 @@ for r,d,flist in os.walk(path):
cipherstats['RC4'] += 1
if ciphertypes == 1:
cipherstats['RC4 Only'] += 1
if 'RC4' in results['ciphersuite'][0]['cipher']:
if 'TLSv1.1' in results['ciphersuite'][0]['protocols'] or\
'TLSv1.2' in results['ciphersuite'][0]['protocols']:
cipherstats['RC4 forced in TLS1.1+'] += 1
cipherstats['RC4 Preferred'] += 1
""" store handshake stats """
if ECDHE: