Created
July 9, 2016 21:09
-
-
Save rectalogic/c2b0f9fe746d7790f4b2c196c0d9de88 to your computer and use it in GitHub Desktop.
nscurl output for api.pinboard.in
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ /usr/bin/nscurl --verbose --ats-diagnostics https://api.pinboard.in/v1/ | |
| Starting ATS Diagnostics | |
| Configuring ATS Info.plist keys and displaying the result of HTTPS loads to https://api.pinboard.in/v1/. | |
| A test will "PASS" if URLSession:task:didCompleteWithError: returns a nil error. | |
| ================================================================================ | |
| Default ATS Secure Connection | |
| --- | |
| ATS Default Connection | |
| ATS Dictionary: | |
| { | |
| } | |
| 2016-07-09 17:08:43.752 nscurl[87779:32765354] CFNetwork SSLHandshake failed (-9824) | |
| 2016-07-09 17:08:43.753 nscurl[87779:32765354] NSURLSession/NSURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9824) | |
| Result : FAIL | |
| Error : Error Domain=NSURLErrorDomain Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made." UserInfo={_kCFStreamErrorCodeKey=-9824, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, NSUnderlyingError=0x7fe8dac1c590 {Error Domain=kCFErrorDomainCFNetwork Code=-1200 "(null)" UserInfo={_kCFStreamPropertySSLClientCertificateState=0, _kCFNetworkCFStreamSSLErrorOriginalValue=-9824, _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9824}}, NSLocalizedDescription=An SSL error has occurred and a secure connection to the server cannot be made., NSErrorFailingURLKey=https://api.pinboard.in/v1/, NSErrorFailingURLStringKey=https://api.pinboard.in/v1/, _kCFStreamErrorDomainKey=3} | |
| --- | |
| ================================================================================ | |
| Allowing Arbitrary Loads | |
| --- | |
| Allow All Loads | |
| ATS Dictionary: | |
| { | |
| NSAllowsArbitraryLoads = true; | |
| } | |
| Result : PASS | |
| --- | |
| ================================================================================ | |
| Configuring TLS exceptions for api.pinboard.in | |
| --- | |
| TLSv1.2 | |
| ATS Dictionary: | |
| { | |
| NSExceptionDomains = { | |
| "api.pinboard.in" = { | |
| NSExceptionMinimumTLSVersion = "TLSv1.2"; | |
| }; | |
| }; | |
| } | |
| 2016-07-09 17:08:44.444 nscurl[87779:32765354] CFNetwork SSLHandshake failed (-9824) | |
| 2016-07-09 17:08:44.444 nscurl[87779:32765354] NSURLSession/NSURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9824) | |
| Result : FAIL | |
| Error : Error Domain=NSURLErrorDomain Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made." UserInfo={_kCFStreamErrorCodeKey=-9824, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, NSUnderlyingError=0x7fe8dd200060 {Error Domain=kCFErrorDomainCFNetwork Code=-1200 "(null)" UserInfo={_kCFStreamPropertySSLClientCertificateState=0, _kCFNetworkCFStreamSSLErrorOriginalValue=-9824, _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9824}}, NSLocalizedDescription=An SSL error has occurred and a secure connection to the server cannot be made., NSErrorFailingURLKey=https://api.pinboard.in/v1/, NSErrorFailingURLStringKey=https://api.pinboard.in/v1/, _kCFStreamErrorDomainKey=3} | |
| --- | |
| --- | |
| TLSv1.1 | |
| ATS Dictionary: | |
| { | |
| NSExceptionDomains = { | |
| "api.pinboard.in" = { | |
| NSExceptionMinimumTLSVersion = "TLSv1.1"; | |
| }; | |
| }; | |
| } | |
| 2016-07-09 17:08:44.660 nscurl[87779:32765354] CFNetwork SSLHandshake failed (-9824) | |
| 2016-07-09 17:08:44.661 nscurl[87779:32765354] NSURLSession/NSURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9824) | |
| Result : FAIL | |
| Error : Error Domain=NSURLErrorDomain Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made." UserInfo={_kCFStreamErrorCodeKey=-9824, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, NSUnderlyingError=0x7fe8dad444e0 {Error Domain=kCFErrorDomainCFNetwork Code=-1200 "(null)" UserInfo={_kCFStreamPropertySSLClientCertificateState=0, _kCFNetworkCFStreamSSLErrorOriginalValue=-9824, _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9824}}, NSLocalizedDescription=An SSL error has occurred and a secure connection to the server cannot be made., NSErrorFailingURLKey=https://api.pinboard.in/v1/, NSErrorFailingURLStringKey=https://api.pinboard.in/v1/, _kCFStreamErrorDomainKey=3} | |
| --- | |
| --- | |
| TLSv1.0 | |
| ATS Dictionary: | |
| { | |
| NSExceptionDomains = { | |
| "api.pinboard.in" = { | |
| NSExceptionMinimumTLSVersion = "TLSv1.0"; | |
| }; | |
| }; | |
| } | |
| 2016-07-09 17:08:44.872 nscurl[87779:32765354] CFNetwork SSLHandshake failed (-9824) | |
| 2016-07-09 17:08:44.872 nscurl[87779:32765354] NSURLSession/NSURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9824) | |
| Result : FAIL | |
| Error : Error Domain=NSURLErrorDomain Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made." UserInfo={_kCFStreamErrorCodeKey=-9824, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, NSUnderlyingError=0x7fe8dd001b10 {Error Domain=kCFErrorDomainCFNetwork Code=-1200 "(null)" UserInfo={_kCFStreamPropertySSLClientCertificateState=0, _kCFNetworkCFStreamSSLErrorOriginalValue=-9824, _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9824}}, NSLocalizedDescription=An SSL error has occurred and a secure connection to the server cannot be made., NSErrorFailingURLKey=https://api.pinboard.in/v1/, NSErrorFailingURLStringKey=https://api.pinboard.in/v1/, _kCFStreamErrorDomainKey=3} | |
| --- | |
| ================================================================================ | |
| Configuring PFS exceptions for api.pinboard.in | |
| --- | |
| Disabling Perfect Forward Secrecy | |
| ATS Dictionary: | |
| { | |
| NSExceptionDomains = { | |
| "api.pinboard.in" = { | |
| NSExceptionRequiresForwardSecrecy = false; | |
| }; | |
| }; | |
| } | |
| Result : PASS | |
| --- | |
| ================================================================================ | |
| Configuring PFS exceptions and allowing insecure HTTP for api.pinboard.in | |
| --- | |
| Disabling Perfect Forward Secrecy and Allowing Insecure HTTP | |
| ATS Dictionary: | |
| { | |
| NSExceptionDomains = { | |
| "api.pinboard.in" = { | |
| NSExceptionAllowsInsecureHTTPLoads = true; | |
| NSExceptionRequiresForwardSecrecy = false; | |
| }; | |
| }; | |
| } | |
| Result : PASS | |
| --- | |
| ================================================================================ | |
| Configuring TLS exceptions with PFS disabled for api.pinboard.in | |
| --- | |
| TLSv1.2 with PFS disabled | |
| ATS Dictionary: | |
| { | |
| NSExceptionDomains = { | |
| "api.pinboard.in" = { | |
| NSExceptionMinimumTLSVersion = "TLSv1.2"; | |
| NSExceptionRequiresForwardSecrecy = false; | |
| }; | |
| }; | |
| } | |
| Result : PASS | |
| --- | |
| --- | |
| TLSv1.1 with PFS disabled | |
| ATS Dictionary: | |
| { | |
| NSExceptionDomains = { | |
| "api.pinboard.in" = { | |
| NSExceptionMinimumTLSVersion = "TLSv1.1"; | |
| NSExceptionRequiresForwardSecrecy = false; | |
| }; | |
| }; | |
| } | |
| Result : PASS | |
| --- | |
| --- | |
| TLSv1.0 with PFS disabled | |
| ATS Dictionary: | |
| { | |
| NSExceptionDomains = { | |
| "api.pinboard.in" = { | |
| NSExceptionMinimumTLSVersion = "TLSv1.0"; | |
| NSExceptionRequiresForwardSecrecy = false; | |
| }; | |
| }; | |
| } | |
| Result : PASS | |
| --- | |
| ================================================================================ | |
| Configuring TLS exceptions with PFS disabled and insecure HTTP allowed for api.pinboard.in | |
| --- | |
| TLSv1.2 with PFS disabled and insecure HTTP allowed | |
| ATS Dictionary: | |
| { | |
| NSExceptionDomains = { | |
| "api.pinboard.in" = { | |
| NSExceptionAllowsInsecureHTTPLoads = true; | |
| NSExceptionMinimumTLSVersion = "TLSv1.2"; | |
| NSExceptionRequiresForwardSecrecy = false; | |
| }; | |
| }; | |
| } | |
| Result : PASS | |
| --- | |
| --- | |
| TLSv1.1 with PFS disabled and insecure HTTP allowed | |
| ATS Dictionary: | |
| { | |
| NSExceptionDomains = { | |
| "api.pinboard.in" = { | |
| NSExceptionAllowsInsecureHTTPLoads = true; | |
| NSExceptionMinimumTLSVersion = "TLSv1.1"; | |
| NSExceptionRequiresForwardSecrecy = false; | |
| }; | |
| }; | |
| } | |
| Result : PASS | |
| --- | |
| --- | |
| TLSv1.0 with PFS disabled and insecure HTTP allowed | |
| ATS Dictionary: | |
| { | |
| NSExceptionDomains = { | |
| "api.pinboard.in" = { | |
| NSExceptionAllowsInsecureHTTPLoads = true; | |
| NSExceptionMinimumTLSVersion = "TLSv1.0"; | |
| NSExceptionRequiresForwardSecrecy = false; | |
| }; | |
| }; | |
| } | |
| Result : PASS | |
| --- | |
| ================================================================================ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment