diff options
| author | Paul Yang <yang.yang@baishancloud.com> | 2017-06-29 21:06:19 +0200 |
|---|---|---|
| committer | Pauli <paul.dale@oracle.com> | 2017-07-20 23:20:14 +0200 |
| commit | bbb4ceb86eb6ea0300f744443c36fb6e980fff9d (patch) | |
| tree | 57079deada8128837e38a4bd37f7bf9119f016a2 /apps/ciphers.c | |
| parent | Fix out-of-bounds read in ctr_XOR (diff) | |
| download | openssl-bbb4ceb86eb6ea0300f744443c36fb6e980fff9d.tar.xz openssl-bbb4ceb86eb6ea0300f744443c36fb6e980fff9d.zip | |
Support converting cipher name to RFC name and vice versa
Fixes: issue #3747
make SSL_CIPHER_standard_name globally available and introduce a new
function OPENSSL_cipher_name.
A new option '-convert' is also added to 'openssl ciphers' app.
Documentation and test cases are added.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/3859)
Diffstat (limited to 'apps/ciphers.c')
| -rw-r--r-- | apps/ciphers.c | 23 |
1 files changed, 13 insertions, 10 deletions
diff --git a/apps/ciphers.c b/apps/ciphers.c index 3cbcc5e2b6..83cdb55e76 100644 --- a/apps/ciphers.c +++ b/apps/ciphers.c @@ -17,6 +17,7 @@ typedef enum OPTION_choice { OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, OPT_STDNAME, + OPT_CONVERT, OPT_SSL3, OPT_TLS1, OPT_TLS1_1, @@ -47,15 +48,14 @@ const OPTIONS ciphers_options[] = { #ifndef OPENSSL_NO_TLS1_3 {"tls1_3", OPT_TLS1_3, '-', "TLS1.3 mode"}, #endif -#ifndef OPENSSL_NO_SSL_TRACE {"stdname", OPT_STDNAME, '-', "Show standard cipher names"}, -#endif #ifndef OPENSSL_NO_PSK {"psk", OPT_PSK, '-', "include ciphersuites requiring PSK"}, #endif #ifndef OPENSSL_NO_SRP {"srp", OPT_SRP, '-', "include ciphersuites requiring SRP"}, #endif + {"convert", OPT_CONVERT, 's', "Convert standard name into OpenSSL name"}, {NULL} }; @@ -82,9 +82,7 @@ int ciphers_main(int argc, char **argv) STACK_OF(SSL_CIPHER) *sk = NULL; const SSL_METHOD *meth = TLS_server_method(); int ret = 1, i, verbose = 0, Verbose = 0, use_supported = 0; -#ifndef OPENSSL_NO_SSL_TRACE int stdname = 0; -#endif #ifndef OPENSSL_NO_PSK int psk = 0; #endif @@ -92,7 +90,7 @@ int ciphers_main(int argc, char **argv) int srp = 0; #endif const char *p; - char *ciphers = NULL, *prog; + char *ciphers = NULL, *prog, *convert = NULL; char buf[512]; OPTION_CHOICE o; int min_version = 0, max_version = 0; @@ -119,9 +117,10 @@ int ciphers_main(int argc, char **argv) use_supported = 1; break; case OPT_STDNAME: -#ifndef OPENSSL_NO_SSL_TRACE stdname = verbose = 1; -#endif + break; + case OPT_CONVERT: + convert = opt_arg(); break; case OPT_SSL3: min_version = SSL3_VERSION; @@ -163,6 +162,12 @@ int ciphers_main(int argc, char **argv) else if (argc != 0) goto opthelp; + if (convert != NULL) { + BIO_printf(bio_out, "OpenSSL cipher name: %s\n", + OPENSSL_cipher_name(convert)); + goto end; + } + ctx = SSL_CTX_new(meth); if (ctx == NULL) goto err; @@ -225,14 +230,12 @@ int ciphers_main(int argc, char **argv) else BIO_printf(bio_out, "0x%02X,0x%02X,0x%02X,0x%02X - ", id0, id1, id2, id3); /* whatever */ } -#ifndef OPENSSL_NO_SSL_TRACE if (stdname) { const char *nm = SSL_CIPHER_standard_name(c); if (nm == NULL) nm = "UNKNOWN"; BIO_printf(bio_out, "%s - ", nm); } -#endif BIO_puts(bio_out, SSL_CIPHER_description(c, buf, sizeof buf)); } } @@ -246,5 +249,5 @@ int ciphers_main(int argc, char **argv) sk_SSL_CIPHER_free(sk); SSL_CTX_free(ctx); SSL_free(ssl); - return (ret); + return ret; } |