#include <stdio.h>
#include <stdlib.h>
#include <string.h>
-#ifdef OPENSSL_NO_STDIO
-#define APPS_WIN16
-#endif
#include "apps.h"
#include <openssl/err.h>
#include <openssl/ssl.h>
"usage: ciphers args\n",
" -v - verbose mode, a textual listing of the SSL/TLS ciphers in OpenSSL\n",
" -V - even more verbose\n",
-" -ssl2 - SSL2 mode\n",
" -ssl3 - SSL3 mode\n",
" -tls1 - TLS1 mode\n",
NULL
{
int ret=1,i;
int verbose=0,Verbose=0;
+ int use_supported = 0;
+#ifndef OPENSSL_NO_SSL_TRACE
+ int stdname = 0;
+#endif
const char **pp;
const char *p;
int badops=0;
SSL *ssl=NULL;
char *ciphers=NULL;
const SSL_METHOD *meth=NULL;
- STACK_OF(SSL_CIPHER) *sk;
+ STACK_OF(SSL_CIPHER) *sk=NULL;
char buf[512];
BIO *STDout=NULL;
-#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
meth=SSLv23_server_method();
-#elif !defined(OPENSSL_NO_SSL3)
- meth=SSLv3_server_method();
-#elif !defined(OPENSSL_NO_SSL2)
- meth=SSLv2_server_method();
-#endif
apps_startup();
STDout = BIO_push(tmpbio, STDout);
}
#endif
+ if (!load_config(bio_err, NULL))
+ goto end;
argc--;
argv++;
verbose=1;
else if (strcmp(*argv,"-V") == 0)
verbose=Verbose=1;
-#ifndef OPENSSL_NO_SSL2
- else if (strcmp(*argv,"-ssl2") == 0)
- meth=SSLv2_client_method();
+ else if (strcmp(*argv,"-s") == 0)
+ use_supported = 1;
+#ifndef OPENSSL_NO_SSL_TRACE
+ else if (strcmp(*argv,"-stdname") == 0)
+ stdname=verbose=1;
#endif
#ifndef OPENSSL_NO_SSL3
else if (strcmp(*argv,"-ssl3") == 0)
ssl=SSL_new(ctx);
if (ssl == NULL) goto err;
+ if (use_supported)
+ sk=SSL_get1_supported_ciphers(ssl);
+ else
+ sk=SSL_get_ciphers(ssl);
if (!verbose)
{
- for (i=0; ; i++)
+ for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
{
- p=SSL_get_cipher_list(ssl,i);
+ SSL_CIPHER *c = sk_SSL_CIPHER_value(sk,i);
+ p = SSL_CIPHER_get_name(c);
if (p == NULL) break;
if (i != 0) BIO_printf(STDout,":");
BIO_printf(STDout,"%s",p);
}
else /* verbose */
{
- sk=SSL_get_ciphers(ssl);
for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
{
if (Verbose)
{
- unsigned long id = c->id;
+ unsigned long id = SSL_CIPHER_get_id(c);
int id0 = (int)(id >> 24);
int id1 = (int)((id >> 16) & 0xffL);
int id2 = (int)((id >> 8) & 0xffL);
int id3 = (int)(id & 0xffL);
- if ((id & 0xff000000L) == 0x02000000L)
- BIO_printf(STDout, " 0x%02X,0x%02X,0x%02X - ", id1, id2, id3); /* SSL2 cipher */
- else if ((id & 0xff000000L) == 0x03000000L)
+ if ((id & 0xff000000L) == 0x03000000L)
BIO_printf(STDout, " 0x%02X,0x%02X - ", id2, id3); /* SSL3 cipher */
else
BIO_printf(STDout, "0x%02X,0x%02X,0x%02X,0x%02X - ", id0, id1, id2, id3); /* whatever */
}
-
+#ifndef OPENSSL_NO_SSL_TRACE
+ if (stdname)
+ {
+ const char *nm = SSL_CIPHER_standard_name(c);
+ if (nm == NULL)
+ nm = "UNKNOWN";
+ BIO_printf(STDout, "%s - ", nm);
+ }
+#endif
BIO_puts(STDout,SSL_CIPHER_description(c,buf,sizeof buf));
}
}
ERR_print_errors(bio_err);
}
end:
+ if (use_supported && sk)
+ sk_SSL_CIPHER_free(sk);
if (ctx != NULL) SSL_CTX_free(ctx);
if (ssl != NULL) SSL_free(ssl);
if (STDout != NULL) BIO_free_all(STDout);