Permalink
Browse files

Updated client simulation

SSLabs API only added one newer version of Chrome (70) and one newer version
of Firefox (62).

Thus the wishlist gets longer (c15e042).
Missing is Android 8 and 9, OpenSSL 1.1.1, Safari on OSX 11 and 12. Java 10
and 11.

Fix #1104
  • Loading branch information...
drwetter committed Nov 5, 2018
1 parent bf78a62 commit ca34e3fc1211783a120cf7b27482b79e38685962
Showing with 44 additions and 2 deletions.
  1. +44 −2 etc/client-simulation.txt
View
@@ -674,7 +674,7 @@
minEcdsaBits+=(-1)
curves+=("X25519:prime256v1:secp384r1")
requiresSha2+=(false)
current+=(true)
current+=(false)
names+=("Chrome 65 Win 7")
short+=("chrome_65_win7")
@@ -697,6 +697,27 @@
requiresSha2+=(false)
current+=(true)
names+=("Chrome 70 Win 10")
short+=("chrome_70_win10")
ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256")
sni+=("$SNI")
warning+=("")
handshakebytes+=("1603010200010001fc0303a4ae4c9839623356a42a2a977373dcefc5920611a46c549eca42959de9e2dab220d6c3276206e9c756685d96687302864815ed0e8496472898e86b30b694ee994300229a9a130113021303c02bc02fc02cc030cca9cca8c013c014009c009d002f0035000a010001913a3a0000ff0100010000000014001200000f6465762e73736c6c6162732e636f6d0017000000230000000d00140012040308040401050308050501080606010201000500050100000000001200000010000e000c02683208687474702f312e3175500000000b000201000033002b00291a1a000100001d00205672b32aa464a7b8513f37108290ab0dd39e317d2b0db8fe0d77c147b324fe29002d00020101002b000b0a0a0a0304030303020301000a000a00081a1a001d00170018001b00030200022a2a000100001500c50000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000")
protos+=("-no_ssl3 -no_ssl2")
tlsvers+=("-tls1_2 -tls1_1 -tls1")
lowest_protocol+=("0x0301")
highest_protocol+=("0x0304")
service+=("HTTP,FTP")
minDhBits+=(1024)
maxDhBits+=(-1)
minRsaBits+=(-1)
maxRsaBits+=(-1)
minEcdsaBits+=(-1)
curves+=("X25519:prime256v1:secp384r1")
requiresSha2+=(false)
current+=(true)
names+=("Firefox 10.0.12 ESR Win 7")
short+=("firefox_10012_esr_win7")
ciphers+=("ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:ECDH-RSA-AES256-SHA:ECDH-ECDSA-AES256-SHA:CAMELLIA256-SHA:AES256-SHA:ECDHE-ECDSA-RC4-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-DSS-CAMELLIA128-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:ECDH-RSA-RC4-SHA:ECDH-RSA-AES128-SHA:ECDH-ECDSA-RC4-SHA:ECDH-ECDSA-AES128-SHA:SEED-SHA:CAMELLIA128-SHA:RC4-SHA:RC4-MD5:AES128-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-ECDSA-DES-CBC3-SHA:DES-CBC3-SHA")
@@ -1262,7 +1283,7 @@
minEcdsaBits+=(-1)
curves+=("X25519:prime256v1:secp384r1:secp521r1")
requiresSha2+=(false)
current+=(true)
current+=(false)
names+=("Firefox 59 Win 7")
short+=("firefox_59_win7")
@@ -1285,6 +1306,27 @@
requiresSha2+=(false)
current+=(true)
names+=("Firefox 62 Win 7")
short+=("firefox_62_win7")
ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384")
sni+=("$SNI")
warning+=("")
handshakebytes+=("1603010200010001fc03038f0c43845d085266dc120ec4e6716b7690a3fa56f4b8dd68c607ba1b994e75b620e9f538bc192173d9b5c7d5997ff05bd16104fe544800dd450b12cce780ce43f9001c130113031302c02bc02fcca9cca8c02cc030c013c014002f0035000a0100019700000014001200000f6465762e73736c6c6162732e636f6d00170000ff01000100000a000e000c001d00170018001901000101000b00020100002300000010000e000c02683208687474702f312e310005000501000000000033006b0069001d002033de5793897c3080f1ce70ffbe882fbe7e15745c5789a40034af54f2406589090017004104f97a30c417dc7a75f75292873c32bcacb028dc9048fcde11917830611bd17c834ffb1d148eb7146881cc30af3bd722eaf59d51d9f193e4c888579e8285ca46e7002b0009087f1c030303020301000d0018001604030503060308040805080604010501060102030201002d000201010015009d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000")
protos+=("-no_ssl3 -no_ssl2")
tlsvers+=("-tls1_2 -tls1_1 -tls1")
lowest_protocol+=("0x0301")
highest_protocol+=("0x0304")
service+=("HTTP,FTP")
minDhBits+=(1023)
maxDhBits+=(-1)
minRsaBits+=(-1)
maxRsaBits+=(-1)
minEcdsaBits+=(-1)
curves+=("X25519:prime256v1:secp384r1:secp521r1")
requiresSha2+=(false)
current+=(true)
names+=("IE 6 XP")
short+=("ie_6_xp")
ciphers+=("RC4-MD5:RC4-SHA:DES-CBC3-SHA:RC4-MD5:DES-CBC3-MD5:RC2-CBC-MD5:DES-CBC-SHA:DES-CBC-MD5:EXP1024-RC4-SHA:EXP1024-DES-CBC-SHA:EXP-RC4-MD5:EXP-RC2-CBC-MD5:EXP-RC4-MD5:EXP-RC2-CBC-MD5:EDH-DSS-DES-CBC3-SHA:EDH-DSS-DES-CBC-SHA:EXP1024-DHE-DSS-DES-CBC-SHA")

0 comments on commit ca34e3f

Please sign in to comment.