sslsecure.vim

Description

Plugin for the Vim editor, that marks insecure SSL/TLS cipher suites and protocol as errors.

When configuring or programming SSL/TLS servers, at some point a SSL/TLS cipher suite and a list of supported protocols have to be chosen.

Unfortunately, not all configuration options are safe. :(

This plugin highlights insecure SSL/TLS options as errors right in your editor!

Features

• Mark insecure SSL ciphers as errors
• Mark insecure SSL protocols as errors
• Works with all configuration files (web servers, mail servers, ...)
• Works with all source code (independently on the used programming language)
• Works on top of regular syntax highlighting

Screenshots

Note: DO NOT USE the displayed ciphers. They are insecure and might not even work - the purpose is to show off the highlighting options of this plugin.

Web Servers

nginx

Apache2

Lighttpd

Mail Servers

Postfix

Exim

Dovecot

Load Balancers

HAProxy

FTP Servers

ProFTPd

Databases

PostgreSQL

MySQL

Programming languages

C

Go

Rust (CipherSuites from Rustls)

Java

Feedback

I'm neither a mathematician, nor a cryptographer. If you are one and you have feedback to this plugin, find a flaw, please open an issue.

References

• Blog post to introducing this plugin, with further information.

Installation

Just plug it into your favorite Vim package manager:

" Plug
Plug 'chr4/sslsecure.vim

" Dein.vim
call dein#add('chr4/sslsecure.vim')

" Vundle
Plugin 'chr4/sslsecure.vim'

Note that sslsecure.vim require Vim 7.3 or greater.

Archlinux

There's also an AUR for Archlinux available, which is maintained by Christian Rebischke

Authors

Authors: Chris Aumann

Contributors: Meredith Howard