# So far, have seen:
# TLSv1:AES256-SHA:256
# TLSv1.2:AES256-GCM-SHA384:256
+ # TLSv1.2:DHE-RSA-AES256-SHA:256
# TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128
# We also need to handle the ciphersuite without the TLS part present, for
# client-ssl's output. We also see some older forced ciphersuites, but
s/( (?: (?:\b|\s) [\(=] ) | \s )TLSv1\.2:/$1TLSv1:/xg;
s/\bAES256-GCM-SHA384\b/AES256-SHA/g;
+ s/\bDHE-RSA-AES256-SHA\b/AES256-SHA/g;
# GnuTLS have seen:
# TLS1.2:RSA_AES_256_CBC_SHA1:256 (canonical)
$exp_v6 = $1 . ':0' x (8-length($exp_v6)) . ':' . $2;
} elsif ( $parm_ipv6 =~ /^::(.+[^:])$/ ) {
$exp_v6 = '0:' x (9-length($exp_v6)) . $1;
+ } else {
+ $exp_v6 = $parm_ipv6;
}
my(@components) = split /:/, $exp_v6;
my(@nibbles) = reverse (split /\s*/, shift @components);