Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: patch for ssl-cipher-enum.nse?

From: David Fifield <david () bamsoftware com>
Date: Wed, 21 Mar 2012 10:40:39 -0700
On Wed, Mar 21, 2012 at 09:42:27AM +0000, Darren McDonald wrote:

Hi, been reading through ssl-cipher-enum.nse, and it appears that it's
missing a few known ciphers. How would I go about submiting a patch
for consideration?

sierra@sierra:/usr/local/share/nmap/scripts$ diff -u
ssl-enum-ciphers.bak ssl-enum-ciphers.nse
--- ssl-enum-ciphers.bak      2012-03-15 14:54:19.631839498 +0000
+++ ssl-enum-ciphers.nse      2012-03-21 09:39:57.796645976 +0000
@@ -234,6 +234,8 @@
      ["TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA"]       = 0x0019,
      ["TLS_DH_anon_WITH_DES_CBC_SHA"]                = 0x001A,
      ["TLS_DH_anon_WITH_3DES_EDE_CBC_SHA"]           = 0x001B,
+     ["TLS_FORTEZZA_KEA_WITH_NULL_SHA"]              = 0x001C,
+     ["TLS_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA"]      = 0x001D,
      ["TLS_KRB5_WITH_DES_CBC_SHA"]                   = 0x001E,
      ["TLS_KRB5_WITH_3DES_EDE_CBC_SHA"]              = 0x001F,
      ["TLS_KRB5_WITH_RC4_128_SHA"]                   = 0x0020,
@@ -343,6 +345,18 @@
      ["TLS_RSA_PSK_WITH_AES_256_CBC_SHA384"]         = 0x00B7,
      ["TLS_RSA_PSK_WITH_NULL_SHA256"]                = 0x00B8,
      ["TLS_RSA_PSK_WITH_NULL_SHA384"]                = 0x00B9,
+     ["TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256"]        = 0x00BA,
+     ["TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256"]     = 0x00BB,
+     ["TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256"]     = 0x00BC,
+     ["TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256"]    = 0x00BC,
+     ["TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"]    = 0x00BC,
+     ["TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256"]    = 0x00BC,
+     ["TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256"]        = 0x00C0,
+     ["TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256"]     = 0x00C1,
+     ["TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256"]     = 0x00C2,
+     ["TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256"]    = 0x00C3,
+     ["TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256"]    = 0x00C4,
+     ["TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256"]    = 0x00C5,
      ["TLS_RENEGO_PROTECTION_REQUEST"]               = 0x00FF,
      ["TLS_ECDH_ECDSA_WITH_NULL_SHA"]                = 0xC001,
      ["TLS_ECDH_ECDSA_WITH_RC4_128_SHA"]             = 0xC002,


The patch you sent works just fine. Thanks. I applied it, except that I
changed
        TLS_FORTEZZA_KEA_WITH_NULL_SHA
        TLS_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA
to
        SSL_FORTEZZA_KEA_WITH_NULL_SHA
        SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA
because I couldn't find any references to the former.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: