mirror of
https://github.com/mozilla/cipherscan.git
synced 2024-11-22 14:23:41 +01:00
extend reporting of RC4-related stats
While preferring RC4 in TLS1.0 or SSL3 was recommended before, it was always known that TLS1.1 and TLS1.2 were not vulnerable against BEAST, so forcing RC4 there is a mistake. Report number of such servers.
This commit is contained in:
parent
21bba67df0
commit
686d7c958b
@ -197,6 +197,12 @@ for r,d,flist in os.walk(path):
|
|||||||
cipherstats['RC4'] += 1
|
cipherstats['RC4'] += 1
|
||||||
if ciphertypes == 1:
|
if ciphertypes == 1:
|
||||||
cipherstats['RC4 Only'] += 1
|
cipherstats['RC4 Only'] += 1
|
||||||
|
if 'RC4' in results['ciphersuite'][0]['cipher']:
|
||||||
|
if 'TLSv1.1' in results['ciphersuite'][0]['protocols'] or\
|
||||||
|
'TLSv1.2' in results['ciphersuite'][0]['protocols']:
|
||||||
|
cipherstats['RC4 forced in TLS1.1+'] += 1
|
||||||
|
cipherstats['RC4 Preferred'] += 1
|
||||||
|
|
||||||
|
|
||||||
""" store handshake stats """
|
""" store handshake stats """
|
||||||
if ECDHE:
|
if ECDHE:
|
||||||
|
Loading…
Reference in New Issue
Block a user