version 1.4, 2015/03/02 07:51:25 |
version 1.5, 2015/07/17 16:04:09 |
|
|
#include "apps.h" |
#include "apps.h" |
|
|
struct { |
struct { |
int ssl_version; |
|
int usage; |
int usage; |
int verbose; |
int verbose; |
} ciphers_config; |
} ciphers_config; |
|
|
.opt.flag = &ciphers_config.usage, |
.opt.flag = &ciphers_config.usage, |
}, |
}, |
{ |
{ |
.name = "ssl3", |
|
.desc = "Only include SSLv3 ciphers", |
|
.type = OPTION_VALUE, |
|
.opt.value = &ciphers_config.ssl_version, |
|
.value = SSL3_VERSION, |
|
}, |
|
{ |
|
.name = "tls1", |
.name = "tls1", |
.desc = "Only include TLSv1 ciphers", |
.desc = "This option is deprecated since it is the default", |
.type = OPTION_VALUE, |
.type = OPTION_DISCARD, |
.opt.value = &ciphers_config.ssl_version, |
|
.value = TLS1_VERSION, |
|
}, |
}, |
{ |
{ |
.name = "v", |
.name = "v", |
|
|
static void |
static void |
ciphers_usage(void) |
ciphers_usage(void) |
{ |
{ |
fprintf(stderr, "usage: ciphers [-hVv] [-ssl3 | -tls1] [cipherlist]\n"); |
fprintf(stderr, "usage: ciphers [-hVv] [-tls1] [cipherlist]\n"); |
options_usage(ciphers_options); |
options_usage(ciphers_options); |
} |
} |
|
|
|
|
{ |
{ |
char *cipherlist = NULL; |
char *cipherlist = NULL; |
STACK_OF(SSL_CIPHER) *ciphers; |
STACK_OF(SSL_CIPHER) *ciphers; |
const SSL_METHOD *ssl_method; |
|
const SSL_CIPHER *cipher; |
const SSL_CIPHER *cipher; |
SSL_CTX *ssl_ctx = NULL; |
SSL_CTX *ssl_ctx = NULL; |
SSL *ssl = NULL; |
SSL *ssl = NULL; |
|
|
return (1); |
return (1); |
} |
} |
|
|
switch (ciphers_config.ssl_version) { |
if ((ssl_ctx = SSL_CTX_new(TLSv1_client_method())) == NULL) |
case SSL3_VERSION: |
|
ssl_method = SSLv3_client_method(); |
|
break; |
|
case TLS1_VERSION: |
|
ssl_method = TLSv1_client_method(); |
|
break; |
|
default: |
|
ssl_method = SSLv3_server_method(); |
|
} |
|
|
|
if ((ssl_ctx = SSL_CTX_new(ssl_method)) == NULL) |
|
goto err; |
goto err; |
|
|
if (cipherlist != NULL) { |
if (cipherlist != NULL) { |