diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2011-12-11 10:36:55 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2011-12-11 10:36:55 +0100 |
| commit | 272149db43bd82cbcde5ba366295e9810e5b7701 (patch) | |
| tree | 572315a97d9f9478c849f9c7c2415649bf02ba87 /src | |
| parent | 1b813beb75f93f7a43d649e9085f03c4762a62a0 (diff) | |
| download | gnutls-272149db43bd82cbcde5ba366295e9810e5b7701.tar.gz | |
Added gnutls_priority_get_cipher_suite().
This allows listing the ciphersuites enabled in a priority structure.
The certtool -l option was overloaded so if combined with --priority
it will only list the ciphersuites that are enabled by the given
priority string.
Diffstat (limited to 'src')
| -rw-r--r-- | src/cli-gaa.c | 4 | ||||
| -rw-r--r-- | src/cli.gaa | 2 | ||||
| -rw-r--r-- | src/common.c | 32 | ||||
| -rw-r--r-- | src/common.h | 2 | ||||
| -rw-r--r-- | src/serv-gaa.c | 2 | ||||
| -rw-r--r-- | src/serv.gaa | 2 |
6 files changed, 34 insertions, 10 deletions
diff --git a/src/cli-gaa.c b/src/cli-gaa.c index 8959237a94..dd84b9a2ae 100644 --- a/src/cli-gaa.c +++ b/src/cli-gaa.c @@ -160,7 +160,7 @@ void gaa_help(void) __gaa_helpsingle(0, "benchmark-ciphers", "", "Benchmark individual ciphers."); __gaa_helpsingle(0, "benchmark-soft-ciphers", "", "Benchmark individual software ciphers."); __gaa_helpsingle(0, "benchmark-tls", "", "Benchmark ciphers and key exchange methods in TLS."); - __gaa_helpsingle('l', "list", "", "Print a list of the supported algorithms and modes."); + __gaa_helpsingle('l', "list", "", "Print a list of the supported algorithms and modes. If a priority string is given then only the ciphersuites enabled by the priority are shown."); __gaa_helpsingle('h', "help", "", "prints this help"); __gaa_helpsingle('v', "version", "", "prints the program's version number"); @@ -793,7 +793,7 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) case GAAOPTID_list: OK = 0; #line 106 "cli.gaa" -{ print_list(gaaval->verbose); exit(0); ;}; +{ print_list(gaaval->priorities, gaaval->verbose); exit(0); ;}; return GAA_OK; break; diff --git a/src/cli.gaa b/src/cli.gaa index b06d336174..c29fbb8605 100644 --- a/src/cli.gaa +++ b/src/cli.gaa @@ -103,7 +103,7 @@ option ( benchmark-ciphers) { benchmark_cipher(1, $debug); exit(0) } "Benchmark option ( benchmark-soft-ciphers) { benchmark_cipher(0, $debug); exit(0) } "Benchmark individual software ciphers." option ( benchmark-tls) { benchmark_tls($debug); exit(0) } "Benchmark ciphers and key exchange methods in TLS." -option (l, list) { print_list($verbose); exit(0); } "Print a list of the supported algorithms and modes." +option (l, list) { print_list($priorities, $verbose); exit(0); } "Print a list of the supported algorithms and modes. If a priority string is given then only the ciphersuites enabled by the priority are shown." option (h, help) { gaa_help(); exit(0); } "prints this help" option (v, version) { cli_version(); exit(0); } "prints the program's version number" diff --git a/src/common.c b/src/common.c index 95c40504e9..0cfc0aa0c6 100644 --- a/src/common.c +++ b/src/common.c @@ -570,16 +570,41 @@ print_cert_info (gnutls_session_t session, const char *hostname, int insecure) } void -print_list (int verbose) +print_list (const char* priorities, int verbose) { - { size_t i; + int ret; const char *name; - char id[2]; + const char *err; + unsigned char id[2]; gnutls_kx_algorithm_t kx; gnutls_cipher_algorithm_t cipher; gnutls_mac_algorithm_t mac; gnutls_protocol_t version; + gnutls_priority_t pcache; + + if (priorities != NULL) + { + printf ("Cipher suites for %s\n", priorities); + + ret = gnutls_priority_init(&pcache, priorities, &err); + if (ret < 0) + { + fprintf (stderr, "Syntax error at: %s\n", err); + exit(1); + } + + for (i=0;;i++) + { + ret = gnutls_priority_get_cipher_suite(pcache, i, &name, id); + if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) break; + if (ret == GNUTLS_E_UNKNOWN_CIPHER_SUITE) continue; + + printf ("%-50s\t0x%02x, 0x%02x\n", name, id[0], id[1]); + } + + return; + } printf ("Cipher suites:\n"); for (i = 0; (name = gnutls_cipher_suite_info @@ -594,7 +619,6 @@ print_list (int verbose) gnutls_kx_get_name (kx), gnutls_cipher_get_name (cipher), gnutls_mac_get_name (mac)); } - } { const gnutls_certificate_type_t *p = gnutls_certificate_type_list (); diff --git a/src/common.h b/src/common.h index 5d0757ba4e..8658846bae 100644 --- a/src/common.h +++ b/src/common.h @@ -33,7 +33,7 @@ extern const char str_unknown[]; int print_info (gnutls_session_t state, const char *hostname, int insecure); void print_cert_info (gnutls_session_t state, const char *hostname, int insecure); -void print_list (int verbose); +void print_list (const char* priorities, int verbose); const char *raw_to_string (const unsigned char *raw, size_t raw_size); int service_to_port (const char *service); diff --git a/src/serv-gaa.c b/src/serv-gaa.c index 2d1baaa2ef..d903c8e9a3 100644 --- a/src/serv-gaa.c +++ b/src/serv-gaa.c @@ -807,7 +807,7 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) case GAAOPTID_list: OK = 0; #line 103 "serv.gaa" -{ print_list(0); exit(0); ;}; +{ print_list(gaaval->priorities, 0); exit(0); ;}; return GAA_OK; break; diff --git a/src/serv.gaa b/src/serv.gaa index c4427ae54c..97ba2ce91f 100644 --- a/src/serv.gaa +++ b/src/serv.gaa @@ -100,7 +100,7 @@ option (srppasswdconf) STR "FILE" { $srp_passwd_conf = $1 } "SRP password conf f #char *priorities; option (priority) STR "PRIORITY STRING" { $priorities = $1 } "Priorities string." -option (l, list) { print_list(0); exit(0); } "Print a list of the supported algorithms and modes." +option (l, list) { print_list($priorities, 0); exit(0); } "Print a list of the supported algorithms and modes." option (h, help) { gaa_help(); exit(0); } "prints this help" option (v, version) { serv_version(); exit(0); } "prints the program's version number" |