# treat the standard algorithms the same.
# So far, have seen:
# TLSv1:AES256-SHA:256
+ # TLSv1.1:AES256-SHA:256
# TLSv1.2:AES256-GCM-SHA384:256
# TLSv1.2:DHE-RSA-AES256-SHA:256
# TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128
# Mail headers (...), log-lines X=..., client-ssl output ...
# (and \b doesn't match between ' ' and '(' )
- s/( (?: (?:\b|\s) [\(=] ) | \s )TLSv1\.2:/$1TLSv1:/xg;
+ s/( (?: (?:\b|\s) [\(=] ) | \s )TLSv1\.[12]:/$1TLSv1:/xg;
s/\bAES256-GCM-SHA384\b/AES256-SHA/g;
s/\bDHE-RSA-AES256-SHA\b/AES256-SHA/g;
s/TLS error on connection to \d{1,3}(.\d{1,3}){3} \[\d{1,3}(.\d{1,3}){3}\] \(gnutls_handshake\): A TLS packet with unexpected length was received./a TLS session is required for ip4.ip4.ip4.ip4 [ip4.ip4.ip4.ip4], but an attempt to start TLS failed/g;
s/TLS error on connection from \[127.0.0.1\] \(recv\): A TLS packet with unexpected length was received./TLS error on connection from [127.0.0.1] (recv): The TLS connection was non-properly terminated./g;
+ # signature algorithm names
+ s/RSA-SHA1/RSA-SHA/;
+
# ======== Caller's login, uid, gid, home, gecos ========