version 1.10, 2019/07/14 03:30:45 |
version 1.11, 2022/07/14 08:07:54 |
|
|
|
|
struct { |
struct { |
int usage; |
int usage; |
|
int use_supported; |
int verbose; |
int verbose; |
} ciphers_config; |
} ciphers_config; |
|
|
|
|
.opt.flag = &ciphers_config.usage, |
.opt.flag = &ciphers_config.usage, |
}, |
}, |
{ |
{ |
|
.name = "s", |
|
.desc = "Only list ciphers that are supported by the TLS method", |
|
.type = OPTION_FLAG, |
|
.opt.flag = &ciphers_config.use_supported, |
|
}, |
|
{ |
.name = "tls1", |
.name = "tls1", |
.desc = "This option is deprecated since it is the default", |
.desc = "This option is deprecated since it is the default", |
.type = OPTION_DISCARD, |
.type = OPTION_DISCARD, |
|
|
static void |
static void |
ciphers_usage(void) |
ciphers_usage(void) |
{ |
{ |
fprintf(stderr, "usage: ciphers [-hVv] [-tls1] [cipherlist]\n"); |
fprintf(stderr, "usage: ciphers [-hsVv] [-tls1] [cipherlist]\n"); |
options_usage(ciphers_options); |
options_usage(ciphers_options); |
} |
} |
|
|
|
|
{ |
{ |
char *cipherlist = NULL; |
char *cipherlist = NULL; |
STACK_OF(SSL_CIPHER) *ciphers; |
STACK_OF(SSL_CIPHER) *ciphers; |
|
STACK_OF(SSL_CIPHER) *supported_ciphers = NULL; |
const SSL_CIPHER *cipher; |
const SSL_CIPHER *cipher; |
SSL_CTX *ssl_ctx = NULL; |
SSL_CTX *ssl_ctx = NULL; |
SSL *ssl = NULL; |
SSL *ssl = NULL; |
|
|
if ((ssl = SSL_new(ssl_ctx)) == NULL) |
if ((ssl = SSL_new(ssl_ctx)) == NULL) |
goto err; |
goto err; |
|
|
if ((ciphers = SSL_get_ciphers(ssl)) == NULL) |
if (ciphers_config.use_supported) { |
goto err; |
if ((supported_ciphers = |
|
SSL_get1_supported_ciphers(ssl)) == NULL) |
|
goto err; |
|
ciphers = supported_ciphers; |
|
} else { |
|
if ((ciphers = SSL_get_ciphers(ssl)) == NULL) |
|
goto err; |
|
} |
|
|
for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) { |
for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) { |
cipher = sk_SSL_CIPHER_value(ciphers, i); |
cipher = sk_SSL_CIPHER_value(ciphers, i); |
|
|
rv = 1; |
rv = 1; |
|
|
done: |
done: |
|
sk_SSL_CIPHER_free(supported_ciphers); |
SSL_CTX_free(ssl_ctx); |
SSL_CTX_free(ssl_ctx); |
SSL_free(ssl); |
SSL_free(ssl); |
|
|