Skip to content
This repository was archived by the owner on Jan 22, 2020. It is now read-only.

Remove TLSv1.0 as acceptable #75

Open
shepherdjay wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Remove TLSv1.0 as acceptable #75

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,2 +1,3 @@
results/*
.htaccess
.idea
7 changes: 5 additions & 2 deletions functions/connection.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -608,7 +608,7 @@ function ssl_conn_metadata($data,$fastcheck=0) {
} else if ( $key == "tlsv1.1") {
echo '<p><span class="glyphicon glyphicon-ok"></span> - TLSv1.1 (Supported)</p>';
} else if ( $key == "tlsv1.0") {
echo '<p><span class="glyphicon glyphicon-ok"></span> - TLSv1.0 (Supported)</p>';
echo '<p><span class="text-danger glyphicon glyphicon-ok"></span> - <span class="text-danger">TLSv1.0 (Supported) </span>';
} else if ( $key == "sslv3") {
echo '<p><span class="text-danger glyphicon glyphicon-ok"></span> - <span class="text-danger">SSLv3 (Supported) </span>';
echo "<a href='https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/' data-toggle='tooltip' data-placement='top' title='SSLv3 is old and broken. It makes you vulerable for the POODLE attack. Click the question mark for more info.'><span class='glyphicon glyphicon-question-sign' aria-hidden='true'></span></a></p>";
Expand All @@ -625,7 +625,7 @@ function ssl_conn_metadata($data,$fastcheck=0) {
} else if ( $key == "tlsv1.1") {
echo '<p><span class="glyphicon glyphicon-remove"></span> - TLSv1.1 (Not supported)</p>';
} else if ( $key == "tlsv1.0") {
echo '<p><span class="glyphicon glyphicon-remove"></span> - TLSv1.0 (Not supported)</p>';
echo '<p><span class="text-success glyphicon glyphicon-remove"></span> - <span class="text-success">TLSv1.0 (Not supported)</span></p>';
} else if ( $key == "sslv3") {
echo '<p><span class="text-success glyphicon glyphicon-remove"></span> - <span class="text-success">SSLv3 (Not supported)</span></p>';
} else if ( $key == "sslv2") {
Expand Down Expand Up @@ -1004,6 +1004,9 @@ function ssl_conn_metadata_json($host, $ip, $port, $read_stream, $chain_data=nul
if ( $key == "sslv3") {
$result["warning"][] = 'SSLv3 supported. Please disable and upgrade to a newer protocol like TLSv1.2.';
}
if ( $key == "tlsv1.0") {
$result["warning"][] = 'TLSv1.0 supported. Please disable and upgrade to a newer protocol like TLSv1.2.';
}
} else {
if ( $key == "tlsv1.2") {
$result["warning"][] = 'TLSv1.2 unsupported. Please enable TLSv1.2.';
Expand Down