# different protocols; can't rely upon TLS 1.2's AES256-GCM-SHA384, so we
# treat the standard algorithms the same.
# So far, have seen:
+ # TLSv1:AES128-GCM-SHA256:128
# TLSv1:AES256-SHA:256
# TLSv1.1:AES256-SHA:256
# TLSv1.2:AES256-GCM-SHA384:256
# (and \b doesn't match between ' ' and '(' )
s/( (?: (?:\b|\s) [\(=] ) | \s )TLSv1\.[12]:/$1TLSv1:/xg;
+ s/\bAES128-GCM-SHA256:128\b/AES256-SHA:256/g;
+ s/\bAES128-GCM-SHA256\b/AES256-SHA/g;
s/\bAES256-GCM-SHA384\b/AES256-SHA/g;
s/\bDHE-RSA-AES256-SHA\b/AES256-SHA/g;
# openssl version variances
next if /^SSL info: unknown state/;
next if /^SSL info: SSLv2\/v3 write client hello A/;
+ next if /^SSL info: SSLv3 read server key exchange A/;
}