Skip to content

change text "handshare failure" to "handshake failure or TLS extension not supported" #18

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
Wikinaut wants to merge 1 commit into
base: master
Choose a base branch
from
Open

change text "handshare failure" to "handshake failure or TLS extension not supported" #18

Wikinaut wants to merge 1 commit into from

Conversation

@Wikinaut
Copy link

@Wikinaut Wikinaut commented Apr 8, 2014

I do see "handshake failure" for servers which do not offer TLS, so the text should inform about this possibility.alertHandshakeFailure: "handshake failure. This could mean that the TLS extension is not supported.",

I haven't tested this code change yet.

@Wikinaut
chgtxt "handshare failure" or TLS ext. unsupported
197ce33 
alertHandshakeFailure: "handshake failure. This could mean that the TLS extension is not supported.",

I haven't tested this code change yet, but I do see "handshake failure" for servers which do not offer TLS, so the text should inform about this possibility.
@FiloSottile
Copy link
Owner

FiloSottile commented Apr 8, 2014

By TLS extension you mean TLS itself?

@Wikinaut
Copy link
Author

Wikinaut commented Apr 8, 2014

@FiloSottile when a server runs an older openssl which do not offer TLS, than your script says "handshake failure", but users then do not know whether this is a "good" or "bad" server (with respect to the Heartbleed bug).

This is why I suggest to show then my proposed text.

You can compare your tool against the competitive tool http://possible.lv/tools/hb/ which in such cases (no TLS implemented) says

Looking for TLS extensions on https://www.example.org

ext 65281 (renegotiation info, length=1)
ext 00035 (session ticket, length=0)
TLS extension 15 (heartbeat) seems disabled, so your server is probably unaffected.

@garrettr
Copy link

garrettr commented Apr 16, 2014

Test case: https://mozilla.org

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@Wikinaut @FiloSottile @garrettr