| 274 | return ismodern |
| 275 | |
| 276 | def is_ordered(results, ref_ciphersuite, lvl): |
| 277 | ordered = True |
| 278 | previous_pos = 0 |
| 279 | # iterate through the list of ciphers returned by the target |
| 280 | for conn in results['ciphersuite']: |
| 281 | pos = 0 |
| 282 | # compare against each cipher of the reference ciphersuite |
| 283 | for ref_cipher in ref_ciphersuite: |
| 284 | # if the target cipher matches the reference ciphersuite, |
| 285 | # look for its position against the reference and flag cipher |
| 286 | # that violate the reference ordering |
| 287 | if conn['cipher'] == ref_cipher: |
| 288 | logging.debug("{0} found in reference ciphersuite at position {1}".format(conn['cipher'], pos)) |
| 289 | if pos < previous_pos: |
| 290 | failures[lvl].append("increase priority of {0} over {1}".format(conn['cipher'], ref_ciphersuite[previous_pos])) |
| 291 | ordered = False |
| 292 | # save current position |
| 293 | previous_pos = pos |
| 294 | pos += 1 |
| 295 | if not ordered: |
| 296 | failures[lvl].append("fix ciphersuite ordering, use recommended " + lvl + " ciphersuite") |
| 297 | return ordered |
| 298 | |
| 299 | def evaluate_all(results): |
| 300 | status = "obscure or unknown" |