Browse Source

Refactor FALLBACK_SCSV

new-scoring
aeris 2 years ago
parent
commit
bd67ce8347
1 changed files with 4 additions and 5 deletions
  1. 4
    5
      lib/cryptcheck/tls/server.rb

+ 4
- 5
lib/cryptcheck/tls/server.rb View File

@@ -259,10 +259,9 @@ module CryptCheck
259 259
 				sect283r1 secp384r1 sect409k1 sect409r1 secp521r1 sect571k1
260 260
 				sect571r1 X25519)
261 261
 
262
-			def ssl_client(method, ciphers = nil, curves = nil, fallback: false, &block)
263
-				ssl_context = ::OpenSSL::SSL::SSLContext.new method
264
-				ssl_context.enable_fallback_scsv if fallback
265
-				ssl_context.ciphers     = ciphers.join ':' if ciphers
262
+			def ssl_client(method, ciphers = %w(ALL COMPLEMENTOFALL), curves = nil, fallback: false, &block)
263
+				ssl_context = ::OpenSSL::SSL::SSLContext.new method, fallback_scsv: fallback
264
+				ssl_context.ciphers     = ciphers.join ':'
266 265
 
267 266
 				ssl_context.ecdh_curves = curves.join ':' if curves
268 267
 				#ssl_context.ecdh_auto = false
@@ -295,7 +294,7 @@ module CryptCheck
295 294
 			end
296 295
 
297 296
 			def prefered_cipher(method)
298
-				cipher = ssl_client(method, %w(ALL COMPLEMENTOFALL)) { |s| Cipher.new method, s.cipher, s.tmp_key }
297
+				cipher = ssl_client(method) { |s| Cipher.new method, s.cipher, s.tmp_key }
299 298
 				Logger.info { "Prefered cipher for #{Tls.colorize method} : #{cipher.colorize}" }
300 299
 				cipher
301 300
 			rescue => e

Loading…
Cancel
Save