Loading CHANGES +4 −0 Original line number Diff line number Diff line Loading @@ -4,6 +4,10 @@ Changes between 0.9.8a and 0.9.9 [xx XXX xxxx] *) New option -V for 'openssl ciphers'. This prints the ciphersuite code in addition to the text details. [Bodo Moeller] *) Very, very preliminary EXPERIMENTAL support for printing of general ASN1 structures. This currently produces rather ugly output and doesn't handle several customised structures at all. Loading apps/ciphers.c +27 −6 Original line number Diff line number Diff line Loading @@ -71,7 +71,8 @@ static const char *ciphers_usage[]={ "usage: ciphers args\n", " -v - verbose mode, a textual listing of the ciphers in SSLeay\n", " -v - verbose mode, a textual listing of the SSL/TLS ciphers in OpenSSL\n", " -V - even more verbose\n", " -ssl2 - SSL2 mode\n", " -ssl3 - SSL3 mode\n", " -tls1 - TLS1 mode\n", Loading @@ -83,7 +84,7 @@ int MAIN(int, char **); int MAIN(int argc, char **argv) { int ret=1,i; int verbose=0; int verbose=0,Verbose=0; const char **pp; const char *p; int badops=0; Loading Loading @@ -121,6 +122,8 @@ int MAIN(int argc, char **argv) { if (strcmp(*argv,"-v") == 0) verbose=1; else if (strcmp(*argv,"-V") == 0) verbose=Verbose=1; #ifndef OPENSSL_NO_SSL2 else if (strcmp(*argv,"-ssl2") == 0) meth=SSLv2_client_method(); Loading Loading @@ -179,15 +182,33 @@ int MAIN(int argc, char **argv) } BIO_printf(STDout,"\n"); } else else /* verbose */ { sk=SSL_get_ciphers(ssl); for (i=0; i<sk_SSL_CIPHER_num(sk); i++) { BIO_puts(STDout,SSL_CIPHER_description( sk_SSL_CIPHER_value(sk,i), buf,sizeof buf)); SSL_CIPHER *c; c = sk_SSL_CIPHER_value(sk,i); if (Verbose) { unsigned long id = c->id; int id0 = (int)(id >> 24); int id1 = (int)((id >> 16) & 0xffL); int id2 = (int)((id >> 8) & 0xffL); int id3 = (int)(i & 0xffL); if ((id & 0xff000000L) == 0x02000000L) BIO_printf(STDout, " 0x%02X,0x%02X,0x%02X - ", id1, id2, id3); /* SSL2 cipher */ else if ((id & 0xff000000L) == 0x03000000L) BIO_printf(STDout, " 0x%02X,0x%02X - ", id2, id3); /* SSL3 cipher */ else BIO_printf(STDout, "0x%02X,0x%02X,0x%02X,0x%02X - ", id0, id1, id2, id3); /* whatever */ } BIO_puts(STDout,SSL_CIPHER_description(c,buf,sizeof buf)); } } Loading doc/apps/ciphers.pod +10 −4 Original line number Diff line number Diff line Loading @@ -8,6 +8,7 @@ ciphers - SSL cipher display and cipher list tool. B<openssl> B<ciphers> [B<-v>] [B<-V>] [B<-ssl2>] [B<-ssl3>] [B<-tls1>] Loading @@ -15,7 +16,7 @@ B<openssl> B<ciphers> =head1 DESCRIPTION The B<cipherlist> command converts OpenSSL cipher lists into ordered The B<ciphers> command converts textual OpenSSL cipher lists into ordered SSL cipher preference lists. It can be used as a test tool to determine the appropriate cipherlist. Loading @@ -25,7 +26,7 @@ the appropriate cipherlist. =item B<-v> verbose option. List ciphers with a complete description of Verbose option. List ciphers with a complete description of protocol version (SSLv2 or SSLv3; the latter includes TLS), key exchange, authentication, encryption and mac algorithms used along with any key size restrictions and whether the algorithm is classed as an "export" cipher. Loading @@ -33,6 +34,10 @@ Note that without the B<-v> option, ciphers may seem to appear twice in a cipher list; this is when similar ciphers are available for SSL v2 and for SSL v3/TLS v1. =item B<-V> Like B<-V>, but include cipher suite codes in output (hex format). =item B<-ssl3> only include SSL v3 ciphers. Loading Loading @@ -388,7 +393,8 @@ L<s_client(1)|s_client(1)>, L<s_server(1)|s_server(1)>, L<ssl(3)|ssl(3)> =head1 HISTORY The B<COMPLENTOFALL> and B<COMPLEMENTOFDEFAULT> selection options were added in version 0.9.7. The B<COMPLENTOFALL> and B<COMPLEMENTOFDEFAULT> selection options for cipherlist strings were added in OpenSSL 0.9.7. The B<-V> option for the B<ciphers> command was added in OpenSSL 0.9.9. =cut Loading
CHANGES +4 −0 Original line number Diff line number Diff line Loading @@ -4,6 +4,10 @@ Changes between 0.9.8a and 0.9.9 [xx XXX xxxx] *) New option -V for 'openssl ciphers'. This prints the ciphersuite code in addition to the text details. [Bodo Moeller] *) Very, very preliminary EXPERIMENTAL support for printing of general ASN1 structures. This currently produces rather ugly output and doesn't handle several customised structures at all. Loading
apps/ciphers.c +27 −6 Original line number Diff line number Diff line Loading @@ -71,7 +71,8 @@ static const char *ciphers_usage[]={ "usage: ciphers args\n", " -v - verbose mode, a textual listing of the ciphers in SSLeay\n", " -v - verbose mode, a textual listing of the SSL/TLS ciphers in OpenSSL\n", " -V - even more verbose\n", " -ssl2 - SSL2 mode\n", " -ssl3 - SSL3 mode\n", " -tls1 - TLS1 mode\n", Loading @@ -83,7 +84,7 @@ int MAIN(int, char **); int MAIN(int argc, char **argv) { int ret=1,i; int verbose=0; int verbose=0,Verbose=0; const char **pp; const char *p; int badops=0; Loading Loading @@ -121,6 +122,8 @@ int MAIN(int argc, char **argv) { if (strcmp(*argv,"-v") == 0) verbose=1; else if (strcmp(*argv,"-V") == 0) verbose=Verbose=1; #ifndef OPENSSL_NO_SSL2 else if (strcmp(*argv,"-ssl2") == 0) meth=SSLv2_client_method(); Loading Loading @@ -179,15 +182,33 @@ int MAIN(int argc, char **argv) } BIO_printf(STDout,"\n"); } else else /* verbose */ { sk=SSL_get_ciphers(ssl); for (i=0; i<sk_SSL_CIPHER_num(sk); i++) { BIO_puts(STDout,SSL_CIPHER_description( sk_SSL_CIPHER_value(sk,i), buf,sizeof buf)); SSL_CIPHER *c; c = sk_SSL_CIPHER_value(sk,i); if (Verbose) { unsigned long id = c->id; int id0 = (int)(id >> 24); int id1 = (int)((id >> 16) & 0xffL); int id2 = (int)((id >> 8) & 0xffL); int id3 = (int)(i & 0xffL); if ((id & 0xff000000L) == 0x02000000L) BIO_printf(STDout, " 0x%02X,0x%02X,0x%02X - ", id1, id2, id3); /* SSL2 cipher */ else if ((id & 0xff000000L) == 0x03000000L) BIO_printf(STDout, " 0x%02X,0x%02X - ", id2, id3); /* SSL3 cipher */ else BIO_printf(STDout, "0x%02X,0x%02X,0x%02X,0x%02X - ", id0, id1, id2, id3); /* whatever */ } BIO_puts(STDout,SSL_CIPHER_description(c,buf,sizeof buf)); } } Loading
doc/apps/ciphers.pod +10 −4 Original line number Diff line number Diff line Loading @@ -8,6 +8,7 @@ ciphers - SSL cipher display and cipher list tool. B<openssl> B<ciphers> [B<-v>] [B<-V>] [B<-ssl2>] [B<-ssl3>] [B<-tls1>] Loading @@ -15,7 +16,7 @@ B<openssl> B<ciphers> =head1 DESCRIPTION The B<cipherlist> command converts OpenSSL cipher lists into ordered The B<ciphers> command converts textual OpenSSL cipher lists into ordered SSL cipher preference lists. It can be used as a test tool to determine the appropriate cipherlist. Loading @@ -25,7 +26,7 @@ the appropriate cipherlist. =item B<-v> verbose option. List ciphers with a complete description of Verbose option. List ciphers with a complete description of protocol version (SSLv2 or SSLv3; the latter includes TLS), key exchange, authentication, encryption and mac algorithms used along with any key size restrictions and whether the algorithm is classed as an "export" cipher. Loading @@ -33,6 +34,10 @@ Note that without the B<-v> option, ciphers may seem to appear twice in a cipher list; this is when similar ciphers are available for SSL v2 and for SSL v3/TLS v1. =item B<-V> Like B<-V>, but include cipher suite codes in output (hex format). =item B<-ssl3> only include SSL v3 ciphers. Loading Loading @@ -388,7 +393,8 @@ L<s_client(1)|s_client(1)>, L<s_server(1)|s_server(1)>, L<ssl(3)|ssl(3)> =head1 HISTORY The B<COMPLENTOFALL> and B<COMPLEMENTOFDEFAULT> selection options were added in version 0.9.7. The B<COMPLENTOFALL> and B<COMPLEMENTOFDEFAULT> selection options for cipherlist strings were added in OpenSSL 0.9.7. The B<-V> option for the B<ciphers> command was added in OpenSSL 0.9.9. =cut
