mirror/openvpn
0
0
Fork 0
mirror of https://github.com/OpenVPN/openvpn.git synced 2024-09-20 12:02:28 +02:00
Code

Refactored tls_show_available_ciphers

Browse Source 
Signed-off-by: Adriaan de Jong <dejong@fox-it.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Acked-by: James Yonan <james@openvpn.net>
Signed-off-by: David Sommerseth <davids@redhat.com>
This commit is contained in:
Adriaan de Jong 2011-06-27 09:44:47 +02:00 committed by David Sommerseth
parent eab0cf2df1
commit 397c0a35c5
4 changed files with 32 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
ssl.c
View File

@ -2449,35 +2449,6 @@ print_details (SSL * c_ssl, const char *prefix)
msg (D_HANDSHAKE, "%s%s", s1, s2);
}
/*
* Show the TLS ciphers that are available for us to use
* in the OpenSSL library.
*/
void
show_available_tls_ciphers ()
{
SSL_CTX *ctx;
SSL *ssl;
const char *cipher_name;
int priority = 0;
ctx = SSL_CTX_new (TLSv1_method ());
if (!ctx)
msg (M_SSLERR, "Cannot create SSL_CTX object");
ssl = SSL_new (ctx);
if (!ssl)
msg (M_SSLERR, "Cannot create SSL object");
printf ("Available TLS Ciphers,\n");
printf ("listed in order of preference:\n\n");
while ((cipher_name = SSL_get_cipher_list (ssl, priority++)))
printf ("%s\n", cipher_name);
printf ("\n");
SSL_free (ssl);
SSL_CTX_free (ctx);
}
/*
* The OpenSSL library has a notion of preference in TLS
* ciphers. Higher preference == more secure.

2
ssl.h
View File

@ -824,8 +824,6 @@ void tls_post_encrypt (struct tls_multi *multi, struct buffer *buf);
/** @} name Functions for managing security parameter state for data channel packets */
void show_available_tls_ciphers (void);
void get_highest_preference_tls_cipher (char *buf, int size);
void pem_password_setup (const char *auth_file);

6
ssl_backend.h
View File

@ -64,4 +64,10 @@ void tls_free_lib();
*/
void tls_clear_error();
/*
* Show the TLS ciphers that are available for us to use in the OpenSSL
* library.
*/
void show_available_tls_ciphers ();
#endif /* SSL_BACKEND_H_ */

26
ssl_openssl.c
View File

@ -74,3 +74,29 @@ tls_clear_error()
{
ERR_clear_error ();
}
void
show_available_tls_ciphers ()
{
SSL_CTX *ctx;
SSL *ssl;
const char *cipher_name;
int priority = 0;
ctx = SSL_CTX_new (TLSv1_method ());
if (!ctx)
msg (M_SSLERR, "Cannot create SSL_CTX object");
ssl = SSL_new (ctx);
if (!ssl)
msg (M_SSLERR, "Cannot create SSL object");
printf ("Available TLS Ciphers,\n");
printf ("listed in order of preference:\n\n");
while ((cipher_name = SSL_get_cipher_list (ssl, priority++)))
printf ("%s\n", cipher_name);
printf ("\n");
SSL_free (ssl);
SSL_CTX_free (ctx);
}