From 03803cf0c9993c702e920143d9f1e3177517534d Mon Sep 17 00:00:00 2001 From: Dirk Wetter Date: Tue, 3 May 2022 22:11:31 +0200 Subject: [PATCH] Add Safari for macOS --- etc/client-simulation.txt | 26 ++++++++++++++++++++++++-- etc/client-simulation.wiresharked.txt | 24 +++++++++++++++++++++++- 2 files changed, 47 insertions(+), 3 deletions(-) diff --git a/etc/client-simulation.txt b/etc/client-simulation.txt index b81a934..776e3df 100644 --- a/etc/client-simulation.txt +++ b/etc/client-simulation.txt @@ -2265,7 +2265,7 @@ names+=("Opera 66 (Win 10)") minEcdsaBits+=(-1) curves+=("prime256v1:secp384r1:secp521r1") requiresSha2+=(false) - current+=(true) + current+=(false) names+=("Safari 9 OS X 10.11") short+=("safari_9_osx1011") @@ -2286,7 +2286,7 @@ names+=("Opera 66 (Win 10)") minEcdsaBits+=(-1) curves+=("prime256v1:secp384r1:secp521r1") requiresSha2+=(false) - current+=(true) + current+=(false) names+=("Safari 10 iOS 10") short+=("safari_10_ios10") @@ -2395,6 +2395,28 @@ names+=("Opera 66 (Win 10)") requiresSha2+=(false) current+=(true) + names+=("Safari 15.4 (macOS 12.3.1)") + short+=("safari_154_osx_1231") + ch_ciphers+=("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA:AES128-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:DES-CBC3-SHA") + ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256") + ch_sni+=("$SNI") + warning+=("") + handshakebytes+=("1603010200010001fc030345ecc5bc82ce47ee1a3491d46343fc5f36d43856d141c9896c323600b3bf2009203dfd825c6b7164a52872e5041ded637d67094f385b32086eb97d375a5ec6e362002ababa130113021303c02cc02bcca9c030c02fcca8c00ac009c014c013009d009c0035002fc008c012000a01000189dada00000000000f000d00000a7465737473736c2e736800170000ff01000100000a000c000a4a4a001d001700180019000b000201000010000e000c02683208687474702f312e31000500050100000000000d0018001604030804040105030203080508050501080606010201001200000033002b00294a4a000100001d00201911629f64c7dbfaa854871ab7f55545c784c1ef5ea5211c30dee96aaf64b53d002d00020101002b000b0a9a9a0304030303020301001b0003020001caca000100001500c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") + protos+=("-no_ssl3 -no_ssl2") + tlsvers+=("-tls1_3 -tls1_2 -tls1_1 -tls1") + lowest_protocol+=("0x0301") + highest_protocol+=("0x0304") + alpn+=("h2,http/1.1") + service+=("HTTP") + curves+=("X25519:secp256r1:secp384r1:secp521r1") + minDhBits+=(1024) + maxDhBits+=(-1) + minRsaBits+=(-1) + maxRsaBits+=(-1) + minEcdsaBits+=(-1) + requiresSha2+=(false) + current+=(true) + names+=("Apple ATS 9 iOS 9") short+=("apple_ats_9_ios9") ch_ciphers+=("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA") diff --git a/etc/client-simulation.wiresharked.txt b/etc/client-simulation.wiresharked.txt index 255c724..b657183 100644 --- a/etc/client-simulation.wiresharked.txt +++ b/etc/client-simulation.wiresharked.txt @@ -528,7 +528,7 @@ maxRsaBits+=(-1) minEcdsaBits+=(-1) requiresSha2+=(false) - current+=(true) + current+=(false) names+=("Safari 13.0 (macOS 10.14.6)") short+=("safari_130_osx_10146") @@ -551,3 +551,25 @@ minEcdsaBits+=(-1) requiresSha2+=(false) current+=(true) + + names+=("Safari 15.4 (macOS 12.3.1)") + short+=("safari_154_osx_1231") + ch_ciphers+=("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA:AES128-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:DES-CBC3-SHA") + ciphersuites+=("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256") + ch_sni+=("$SNI") + warning+=("") + handshakebytes+=("1603010200010001fc030345ecc5bc82ce47ee1a3491d46343fc5f36d43856d141c9896c323600b3bf2009203dfd825c6b7164a52872e5041ded637d67094f385b32086eb97d375a5ec6e362002ababa130113021303c02cc02bcca9c030c02fcca8c00ac009c014c013009d009c0035002fc008c012000a01000189dada00000000000f000d00000a7465737473736c2e736800170000ff01000100000a000c000a4a4a001d001700180019000b000201000010000e000c02683208687474702f312e31000500050100000000000d0018001604030804040105030203080508050501080606010201001200000033002b00294a4a000100001d00201911629f64c7dbfaa854871ab7f55545c784c1ef5ea5211c30dee96aaf64b53d002d00020101002b000b0a9a9a0304030303020301001b0003020001caca000100001500c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") + protos+=("-no_ssl3 -no_ssl2") + tlsvers+=("-tls1_3 -tls1_2 -tls1_1 -tls1") + lowest_protocol+=("0x0301") + highest_protocol+=("0x0304") + alpn+=("h2,http/1.1") + service+=("HTTP") + curves+=("X25519:secp256r1:secp384r1:secp521r1") + minDhBits+=(1024) + maxDhBits+=(-1) + minRsaBits+=(-1) + maxRsaBits+=(-1) + minEcdsaBits+=(-1) + requiresSha2+=(false) + current+=(true)