diff options
Diffstat (limited to 'functions')
| -rw-r--r-- | functions/connection.php | 19 | ||||
| -rw-r--r-- | functions/parse_certificate.php | 6 |
2 files changed, 17 insertions, 8 deletions
diff --git a/functions/connection.php b/functions/connection.php index dac3e0d..27c308a 100644 --- a/functions/connection.php +++ b/functions/connection.php @@ -69,10 +69,6 @@ function ssl_conn_ciphersuites($host, $port, $ciphersuites){ return $results; } - - - - function ssl_conn_protocols($host, $port){ $old_error_reporting = error_reporting(); error_reporting($old_error_reporting ^ E_WARNING); @@ -160,6 +156,7 @@ if ( $read_stream === false ) { if ($context_meta) { ?> + <section id="conndata"> <h3>Connection Data</h3> <table class="table table-striped table-bordered"> <tbody> @@ -287,6 +284,7 @@ if ( $read_stream === false ) { 'ECDHE-ECDSA-AES256-GCM-SHA384', 'ECDHE-RSA-AES256-SHA384', 'ECDHE-ECDSA-AES256-SHA384', + 'TLS_FALLBACK_SCSV', 'ECDHE-RSA-AES256-SHA', 'ECDHE-ECDSA-AES256-SHA', 'SRP-DSS-AES-256-CBC-SHA', @@ -454,6 +452,7 @@ if ( $read_stream === false ) { foreach ($supported_ciphersuites as $key => $value) { if($value == true){ if (in_array($key, $bad_ciphersuites)) { + $bad_ciphersuite = 1; echo ""; echo "<span class='text-danger glyphicon glyphicon-remove'> "; } else { @@ -465,13 +464,16 @@ if ( $read_stream === false ) { echo "<!-- "; echo "<span class='glyphicon glyphicon-remove'></span> - "; echo htmlspecialchars($key); - echo " <br> -->"; + echo " <br -->"; } - + } + if ($bad_ciphersuite) { + ?> + <p><br>Ciphersuites containing <a href="https://en.wikipedia.org/wiki/Null_cipher">NULL</a>, <a href="https://en.wikipedia.org/wiki/Export_of_cryptography_from_the_United_States">EXP(ort)</a>, <a href="https://en.wikipedia.org/wiki/Weak_key">DES and RC4</a> are marked RED because they are suboptimal.</p> + <?php } ?> - <p><br>Ciphersuites containing <a href="https://en.wikipedia.org/wiki/Null_cipher">NULL</a>, <a href="https://en.wikipedia.org/wiki/Weak_key">DES and RC4</a> are marked RED because they are suboptimal.</p> </td> </tr> <?php @@ -572,6 +574,7 @@ if ( $read_stream === false ) { </tr> </tbody> </table> + </section> <?php } else { return false; @@ -586,4 +589,4 @@ if ( $read_stream === false ) { -?>
\ No newline at end of file +?> diff --git a/functions/parse_certificate.php b/functions/parse_certificate.php index c6656e5..250d4fe 100644 --- a/functions/parse_certificate.php +++ b/functions/parse_certificate.php @@ -14,6 +14,12 @@ // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. +function get_cert_cn($raw_cert_data){ + $cert_data = openssl_x509_parse($raw_cert_data); + if ($cert_data['subject']['CN']) { + return $cert_data['subject']['CN']; + } +} function cert_parse($raw_cert_data, $raw_next_cert_data=null, $csr=false, $host=null, $port=null, $is_issuer=false) { global $random_blurp; |