#include <stdio.h>
#include <stdlib.h>
#include <string.h>
-#ifdef NO_STDIO
-#define APPS_WIN16
-#endif
#include "apps.h"
#include <openssl/err.h>
#include <openssl/ssl.h>
#undef PROG
#define PROG ciphers_main
-static char *ciphers_usage[]={
+static const char *ciphers_usage[]={
"usage: ciphers args\n",
-" -v - verbose mode, a textual listing of the ciphers in SSLeay\n",
-" -ssl2 - SSL2 mode\n",
+" -v - verbose mode, a textual listing of the SSL/TLS ciphers in OpenSSL\n",
+" -V - even more verbose\n",
" -ssl3 - SSL3 mode\n",
+" -tls1 - TLS1 mode\n",
NULL
};
int MAIN(int argc, char **argv)
{
int ret=1,i;
- int verbose=0;
- char **pp;
+ int verbose=0,Verbose=0;
+ int use_supported = 0;
+#ifndef OPENSSL_NO_SSL_TRACE
+ int stdname = 0;
+#endif
+ const char **pp;
const char *p;
int badops=0;
SSL_CTX *ctx=NULL;
SSL *ssl=NULL;
char *ciphers=NULL;
- SSL_METHOD *meth=NULL;
- STACK_OF(SSL_CIPHER) *sk;
+ const SSL_METHOD *meth=NULL;
+ STACK_OF(SSL_CIPHER) *sk=NULL;
char buf[512];
BIO *STDout=NULL;
-#if !defined(NO_SSL2) && !defined(NO_SSL3)
meth=SSLv23_server_method();
-#elif !defined(NO_SSL3)
- meth=SSLv3_server_method();
-#elif !defined(NO_SSL2)
- meth=SSLv2_server_method();
-#endif
apps_startup();
if (bio_err == NULL)
bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
STDout=BIO_new_fp(stdout,BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+ {
+ BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+ STDout = BIO_push(tmpbio, STDout);
+ }
+#endif
+ if (!load_config(bio_err, NULL))
+ goto end;
argc--;
argv++;
{
if (strcmp(*argv,"-v") == 0)
verbose=1;
-#ifndef NO_SSL2
- else if (strcmp(*argv,"-ssl2") == 0)
- meth=SSLv2_client_method();
+ else if (strcmp(*argv,"-V") == 0)
+ verbose=Verbose=1;
+ else if (strcmp(*argv,"-s") == 0)
+ use_supported = 1;
+#ifndef OPENSSL_NO_SSL_TRACE
+ else if (strcmp(*argv,"-stdname") == 0)
+ stdname=verbose=1;
#endif
-#ifndef NO_SSL3
+#ifndef OPENSSL_NO_SSL3
else if (strcmp(*argv,"-ssl3") == 0)
meth=SSLv3_client_method();
+#endif
+#ifndef OPENSSL_NO_TLS1
+ else if (strcmp(*argv,"-tls1") == 0)
+ meth=TLSv1_client_method();
#endif
else if ((strncmp(*argv,"-h",2) == 0) ||
(strcmp(*argv,"-?") == 0))
if (badops)
{
for (pp=ciphers_usage; (*pp != NULL); pp++)
- BIO_printf(bio_err,*pp);
+ BIO_printf(bio_err,"%s",*pp);
goto end;
}
ssl=SSL_new(ctx);
if (ssl == NULL) goto err;
+ if (use_supported)
+ sk=SSL_get1_supported_ciphers(ssl);
+ else
+ sk=SSL_get_ciphers(ssl);
if (!verbose)
{
- for (i=0; ; i++)
+ for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
{
- p=SSL_get_cipher_list(ssl,i);
+ SSL_CIPHER *c = sk_SSL_CIPHER_value(sk,i);
+ p = SSL_CIPHER_get_name(c);
if (p == NULL) break;
if (i != 0) BIO_printf(STDout,":");
BIO_printf(STDout,"%s",p);
}
BIO_printf(STDout,"\n");
}
- else
+ else /* verbose */
{
- sk=SSL_get_ciphers(ssl);
for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
{
- BIO_puts(STDout,SSL_CIPHER_description(
- sk_SSL_CIPHER_value(sk,i),
- buf,512));
+ SSL_CIPHER *c;
+
+ c = sk_SSL_CIPHER_value(sk,i);
+
+ if (Verbose)
+ {
+ unsigned long id = SSL_CIPHER_get_id(c);
+ int id0 = (int)(id >> 24);
+ int id1 = (int)((id >> 16) & 0xffL);
+ int id2 = (int)((id >> 8) & 0xffL);
+ int id3 = (int)(id & 0xffL);
+
+ if ((id & 0xff000000L) == 0x03000000L)
+ BIO_printf(STDout, " 0x%02X,0x%02X - ", id2, id3); /* SSL3 cipher */
+ else
+ BIO_printf(STDout, "0x%02X,0x%02X,0x%02X,0x%02X - ", id0, id1, id2, id3); /* whatever */
+ }
+#ifndef OPENSSL_NO_SSL_TRACE
+ if (stdname)
+ {
+ const char *nm = SSL_CIPHER_standard_name(c);
+ if (nm == NULL)
+ nm = "UNKNOWN";
+ BIO_printf(STDout, "%s - ", nm);
+ }
+#endif
+ BIO_puts(STDout,SSL_CIPHER_description(c,buf,sizeof buf));
}
}
ERR_print_errors(bio_err);
}
end:
+ if (use_supported && sk)
+ sk_SSL_CIPHER_free(sk);
if (ctx != NULL) SSL_CTX_free(ctx);
if (ssl != NULL) SSL_free(ssl);
- if (STDout != NULL) BIO_free(STDout);
- EXIT(ret);
+ if (STDout != NULL) BIO_free_all(STDout);
+ apps_shutdown();
+ OPENSSL_EXIT(ret);
}