more details in assertions

[tls-check.git] / tls-check

diff --git a/tls-check b/tls-check
index f757bdbf535acf718e466315228aa0bc90193d7b..8a64d84734c7daaabe45f3e9bf4eb914bc09cf0b 100755 (executable)
--- a/tls-check
+++ b/tls-check
@@ -121,7 +121,7 @@ class CipherPropsProvider:
     def __getProps(self, cipher):
         # as OpenSSL about this cipher
         cipherInfo = subprocess.check_output(["openssl", "ciphers", "-v", cipher]).decode('UTF-8').strip()
-        assert '\n' not in cipherInfo
+        assert '\n' not in cipherInfo, "Cipher "+cipher+" produced unexpected output:\n"+cipherInfo
         cipherInfoFields = cipherInfo.split()
         # get # of bits
         encMatch = re.match(r'^Enc=([0-9A-Za-z]+)\(([0-9]+)\)$', cipherInfoFields[4])
@@ -143,7 +143,7 @@ class CipherPropsProvider:
         isLow = cipher in self.low
         isMedium = cipher in self.medium
         isHigh = cipher in self.high
-        assert isExp+isLow+isMedium+isHigh <= 1, "Cipher is more than one from EXP, LOW, MEDIUM, HIGH"
+        assert isExp+isLow+isMedium+isHigh <= 1, "Cipher "+cipher+" is more than one from EXP, LOW, MEDIUM, HIGH"
         if isExp:
             strength = CipherStrength.exp
         elif isLow:
@@ -168,7 +168,7 @@ class CipherPropsProvider:
 if __name__ == "__main__":
     parser = argparse.ArgumentParser(description='Check TLS ciphers supported by a host')
     parser.add_argument("--starttls", dest="starttls",
-                        help="Use a STARTTLS variant to establish the TLS connection. Possible values include smpt, imap, xmpp.")
+                        help="Use a STARTTLS variant to establish the TLS connection. Possible values include smpt, imap.")
     parser.add_argument("--wait-time", "-t", dest="wait_time", default="10",
                         help="Time (in ms) to wait between two connections to the server. Default is 10ms.")
     parser.add_argument("host", metavar='HOST[:PORT]',