diff --git a/src/js/configs.js b/src/js/configs.js
index ea6085f3..1bf5d7b9 100644
--- a/src/js/configs.js
+++ b/src/js/configs.js
@@ -7,6 +7,7 @@ module.exports = {
apache: {
highlighter: 'apache',
latestVersion: '2.4.60',
+ eolBefore: '2.4.0',
name: 'Apache',
tls13: '2.4.36',
},
@@ -36,6 +37,7 @@ module.exports = {
cipherFormat: 'caddy',
highlighter: 'nginx', // TODO: find better
latestVersion: '2.8.4',
+ eolBefore: '2.0.0',
name: 'Caddy',
supportsOcspStapling: false, // actually true; can't be disabled in Caddy
tls13: '0.11.5',
@@ -52,7 +54,8 @@ module.exports = {
},
dovecot: {
highlighter: 'nginx', // TODO: find better
- latestVersion: '2.3.16',
+ latestVersion: '2.3.21',
+ eolBefore: '2.2.36', // https://dovecot.org/list/dovecot/2018-August/112536.html
name: 'Dovecot',
showSupports: false,
supportsHsts: false,
@@ -61,7 +64,8 @@ module.exports = {
},
exim: {
highlighter: 'nginx',
- latestVersion: '4.93',
+ latestVersion: '4.98',
+ eolBefore: '4.98',
name: 'Exim',
showSupports: false,
supportsHsts: false,
@@ -71,7 +75,8 @@ module.exports = {
go: {
cipherFormat: 'go',
highlighter: 'go',
- latestVersion: '1.14.4',
+ latestVersion: '1.23.3',
+ eolBefore: '1.22.0',
name: 'Go',
supportsOcspStapling: false,
tls13: '1.13.0',
@@ -80,13 +85,15 @@ module.exports = {
haproxy: {
highlighter: 'nginx', // TODO: find better
latestVersion: '3.0',
+ eolBefore: '2.2',
name: 'HAProxy',
tls13: '1.8.0',
},
jetty: {
cipherFormat: 'iana',
highlighter: 'xml',
- latestVersion: '12.0.12',
+ latestVersion: '12.0.15',
+ eolBefore: '12.0.0',
name: 'Jetty',
supportsHsts: false,
supportsOcspStapling: false,
@@ -96,12 +103,14 @@ module.exports = {
lighttpd: {
highlighter: 'nginx',
latestVersion: '1.4.76',
+ eolBefore: '1.4.69',
name: 'lighttpd',
tls13: '1.4.48',
},
mysql: {
highlighter: 'ini',
- latestVersion: '8.0.19',
+ latestVersion: '9.1.0',
+ eolBefore: '8.0.0',
name: 'MySQL',
showSupports: false,
supportsHsts: false,
@@ -111,12 +120,14 @@ module.exports = {
nginx: {
checked: true,
highlighter: 'nginx',
- latestVersion: '1.26.0',
+ latestVersion: '1.27.3',
+ eolBefore: '1.26.0',
name: 'nginx',
tls13: '1.13.0',
},
openssl: {
- latestVersion: '1.1.1w',
+ latestVersion: '3.4.0',
+ eolBefore: '3.0.0',
tls13: '1.1.1',
},
oraclehttp: {
@@ -130,6 +141,7 @@ module.exports = {
postfix: {
highlighter: 'nginx',
latestVersion: '3.9.0',
+ eolBefore: '3.6.0',
name: 'Postfix',
showSupports: false,
supportsHsts: false,
@@ -138,7 +150,8 @@ module.exports = {
},
postgresql: {
highlighter: 'nginx',
- latestVersion: '12.1',
+ latestVersion: '17.2',
+ eolBefore: '13.0',
name: 'PostgreSQL',
showSupports: false,
supportsHsts: false,
@@ -147,7 +160,8 @@ module.exports = {
},
proftpd: {
highlighter: 'apache',
- latestVersion: '1.3.7',
+ latestVersion: '1.3.8',
+ eolBefore: '1.3.8', // http://www.proftpd.org/docs/howto/Versioning.html
name: 'ProFTPD',
showSupports: false,
supportsHsts: false,
@@ -155,7 +169,8 @@ module.exports = {
},
redis: {
highlighter: 'nginx',
- latestVersion: '6.0',
+ latestVersion: '7.4.1',
+ eolBefore: '7.4.0',
name: 'Redis',
showSupports: false,
supportsHsts: false,
@@ -164,7 +179,8 @@ module.exports = {
},
squid: {
highlighter: 'nginx', // TODO: find better
- latestVersion: '5.6',
+ latestVersion: '6.12',
+ eolBefore: '6.0',
name: 'Squid',
showSupports: false,
supportsHsts: false,
@@ -181,7 +197,8 @@ module.exports = {
},
tomcat: {
highlighter: 'xml',
- latestVersion: '9.0.96',
+ latestVersion: '11.0.1',
+ eolBefore: '9.0.0',
name: 'Tomcat',
supportsOcspStapling: false,
tls13: '8.0.0',
@@ -190,7 +207,8 @@ module.exports = {
traefik: {
cipherFormat: 'go',
highlighter: 'ini',
- latestVersion: '2.1.2',
+ latestVersion: '3.2.1',
+ eolBefore: '2.11.0',
name: 'Traefik',
supportsOcspStapling: false, // https://github.com/containous/traefik/issues/212
tls13: '2.0.0',
diff --git a/src/js/index.js b/src/js/index.js
index 84c6721c..ff266a7c 100755
--- a/src/js/index.js
+++ b/src/js/index.js
@@ -55,13 +55,25 @@ const render = async () => {
}
// render the output header
- document.getElementById('output-header').innerHTML = templates.header(_state);
+ let header = `${_state.form.version_tags}
\n`;
+ if (_state.output.showSupports) {
+ header += '\n Supports '+_state.output.oldestClients.join(', ')+'
\n';
+ }
+ document.getElementById('output-header').innerHTML = header;
+
+ if (_state.output.protocols.length === 0) {
+ document.getElementById('output-config').innerHTML =
+ `# unfortunately, ${_state.form.version_tags} is not supported with these software versions.`;
+ // hide copy button
+ document.getElementById('copy').classList.toggle('d-none', true);
+ return;
+ }
- // and the config file for whichever server software we're using
- const renderedTemplate = _state.output.protocols.length === 0 ? templates['nosupport'](_state) : templates[_state.form.server](_state);
+ // render the config file for whichever server software we're using
+ const renderedTemplate = templates[_state.form.server](_state);
- // show / hide the copy button as needed
- document.getElementById('copy').classList.toggle('d-none', _state.output.protocols.length === 0);
+ // show copy button
+ document.getElementById('copy').classList.toggle('d-none', false);
// syntax highlight and enter into the page
const highlighter = configs[_state.form.server].highlighter;
diff --git a/src/js/state.js b/src/js/state.js
index 6b8448fa..2d218698 100644
--- a/src/js/state.js
+++ b/src/js/state.js
@@ -19,11 +19,23 @@ export default async function () {
fragment += configs[server].supportsOcspStapling !== false && !form['ocsp'].checked ? `&ocsp=false` : '';
fragment += `&guideline=${sstls.version}`;
+ // generate the version tags
+ let version_tags = `${configs[server].name} ${form['version'].value}`;
+ if (configs[server].eolBefore
+ && !minver(configs[server].eolBefore, form['version'].value)) {
+ version_tags += ' (UNSUPPORTED; end-of-life)';
+ }
+ if (configs[server].usesOpenssl !== false) {
+ version_tags += `, OpenSSL ${form['openssl'].value}`;
+ if (!minver(configs['openssl'].eolBefore, form['openssl'].value)) {
+ version_tags += ' (UNSUPPORTED; end-of-life)';
+ }
+ }
+ version_tags += `, ${form['config'].value} config`;
+
// generate the header
const date = new Date().toISOString().substr(0, 10);
- let header = `generated ${date}, Mozilla Guideline v${sstls.version}, ${configs[server].name} ${form['version'].value}`;
- header += configs[server].usesOpenssl !== false ? `, OpenSSL ${form['openssl'].value}` : '';
- header += `, ${form['config'].value} configuration`;
+ let header = `generated ${date}, Mozilla Guideline v${sstls.version}, ${version_tags}`;
header += configs[server].supportsHsts !== false && !form['hsts'].checked ? `, no HSTS` : '';
header += configs[server].supportsOcspStapling !== false && !form['ocsp'].checked ? `, no OCSP` : '';
@@ -58,6 +70,7 @@ export default async function () {
server,
serverName: document.querySelector(`label[for=server-${server}]`).innerText,
serverVersion: form['version'].value,
+ version_tags,
},
output: {
ciphers,
diff --git a/src/templates/partials/header.hbs b/src/templates/partials/header.hbs
deleted file mode 100644
index ee5bdecf..00000000
--- a/src/templates/partials/header.hbs
+++ /dev/null
@@ -1,10 +0,0 @@
-
- {{form.server}} {{form.serverVersion}}, {{form.config}} config{{#if output.usesOpenssl}}, OpenSSL {{form.opensslVersion}}{{/if}}
-
-{{#if output.showSupports}}
-
- Supports {{#each output.oldestClients}}
- {{#if @last}} and {{this}}{{else}}{{this}}, {{/if}}
- {{/each}}
-
-{{/if}}
\ No newline at end of file
diff --git a/src/templates/partials/nosupport.hbs b/src/templates/partials/nosupport.hbs
deleted file mode 100644
index 92c77dfc..00000000
--- a/src/templates/partials/nosupport.hbs
+++ /dev/null
@@ -1 +0,0 @@
-# unfortunately, {{form.serverName}}{{#if output.hasVersions}} {{form.serverVersion}}{{/if}} {{#if output.usesOpenssl}}and OpenSSL {{form.opensslVersion}} {{/if}}does not support the {{form.config}} configuration
\ No newline at end of file