ソースを参照

Refactor FALLBACK_SCSV

new-scoring
aeris 3年前
コミット
bd67ce8347
1個のファイルの変更4行の追加5行の削除
  1. 4
    5
      lib/cryptcheck/tls/server.rb

+ 4
- 5
lib/cryptcheck/tls/server.rb ファイルの表示

@@ -259,10 +259,9 @@ module CryptCheck
sect283r1 secp384r1 sect409k1 sect409r1 secp521r1 sect571k1
sect571r1 X25519)

def ssl_client(method, ciphers = nil, curves = nil, fallback: false, &block)
ssl_context = ::OpenSSL::SSL::SSLContext.new method
ssl_context.enable_fallback_scsv if fallback
ssl_context.ciphers = ciphers.join ':' if ciphers
def ssl_client(method, ciphers = %w(ALL COMPLEMENTOFALL), curves = nil, fallback: false, &block)
ssl_context = ::OpenSSL::SSL::SSLContext.new method, fallback_scsv: fallback
ssl_context.ciphers = ciphers.join ':'

ssl_context.ecdh_curves = curves.join ':' if curves
#ssl_context.ecdh_auto = false
@@ -295,7 +294,7 @@ module CryptCheck
end

def prefered_cipher(method)
cipher = ssl_client(method, %w(ALL COMPLEMENTOFALL)) { |s| Cipher.new method, s.cipher, s.tmp_key }
cipher = ssl_client(method) { |s| Cipher.new method, s.cipher, s.tmp_key }
Logger.info { "Prefered cipher for #{Tls.colorize method} : #{cipher.colorize}" }
cipher
rescue => e

読み込み中…
キャンセル
保存