/sslsecure.vim

Highlight insecure SSL configuration in Vim (works for all OpenSSL/ LibreSSL cipher strings, independent of the filetype)

Primary LanguageVim ScriptGNU General Public License v3.0GPL-3.0

sslsecure.vim

Description

Plugin for the Vim editor, that marks insecure SSL/TLS cipher suites and protocol as errors.

When configuring or programming SSL/TLS servers, at some point a SSL/TLS cipher suite and a list of supported protocols have to be chosen.

Unfortunately, not all configuration options are safe. :(

This plugin highlights insecure SSL/TLS options as errors right in your editor!

Features

  • Mark insecure SSL ciphers as errors
  • Mark insecure SSL protocols as errors
  • Works with all configuration files (web servers, mail servers, ...)
  • Works with all source code (independently on the used programming language)
  • Works on top of regular syntax highlighting

Screenshots

Note: DO NOT USE the displayed ciphers. They are insecure and might not even work - the purpose is to show off the highlighting options of this plugin.

Web Servers

nginx nginx

Apache2 Apache2

Lighttpd Lighttpd

Mail Servers

Postfix Postfix

Exim Exim

Dovecot Dovecot

Load Balancers

HAProxy HAProxy

FTP Servers

ProFTPd ProFTPd

Databases

PostgreSQL PostgreSQL

MySQL MySQL

Programming languages

C C

Go Go

Rust (CipherSuites from Rustls) Rust

Java Java

Feedback

I'm neither a mathematician, nor a cryptographer. If you are one and you have feedback to this plugin, find a flaw, please open an issue.

References

  • Blog post to introducing this plugin, with further information.

Installation

Just plug it into your favorite Vim package manager:

" Plug
Plug 'chr4/sslsecure.vim

" Dein.vim
call dein#add('chr4/sslsecure.vim')

" Vundle
Plugin 'chr4/sslsecure.vim'

Note that sslsecure.vim require Vim 7.3 or greater.

Archlinux

There's also an AUR for Archlinux available, which is maintained by Christian Rebischke

Authors

Authors: Chris Aumann

Contributors: Meredith Howard