Signed-off-by: Adriaan de Jong <dejong@fox-it.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Acked-by: James Yonan <james@openvpn.net>
Signed-off-by: David Sommerseth <davids@redhat.com>
... | ... |
@@ -2450,35 +2450,6 @@ print_details (SSL * c_ssl, const char *prefix) |
2450 | 2450 |
} |
2451 | 2451 |
|
2452 | 2452 |
/* |
2453 |
- * Show the TLS ciphers that are available for us to use |
|
2454 |
- * in the OpenSSL library. |
|
2455 |
- */ |
|
2456 |
-void |
|
2457 |
-show_available_tls_ciphers () |
|
2458 |
-{ |
|
2459 |
- SSL_CTX *ctx; |
|
2460 |
- SSL *ssl; |
|
2461 |
- const char *cipher_name; |
|
2462 |
- int priority = 0; |
|
2463 |
- |
|
2464 |
- ctx = SSL_CTX_new (TLSv1_method ()); |
|
2465 |
- if (!ctx) |
|
2466 |
- msg (M_SSLERR, "Cannot create SSL_CTX object"); |
|
2467 |
- ssl = SSL_new (ctx); |
|
2468 |
- if (!ssl) |
|
2469 |
- msg (M_SSLERR, "Cannot create SSL object"); |
|
2470 |
- |
|
2471 |
- printf ("Available TLS Ciphers,\n"); |
|
2472 |
- printf ("listed in order of preference:\n\n"); |
|
2473 |
- while ((cipher_name = SSL_get_cipher_list (ssl, priority++))) |
|
2474 |
- printf ("%s\n", cipher_name); |
|
2475 |
- printf ("\n"); |
|
2476 |
- |
|
2477 |
- SSL_free (ssl); |
|
2478 |
- SSL_CTX_free (ctx); |
|
2479 |
-} |
|
2480 |
- |
|
2481 |
-/* |
|
2482 | 2453 |
* The OpenSSL library has a notion of preference in TLS |
2483 | 2454 |
* ciphers. Higher preference == more secure. |
2484 | 2455 |
* Return the highest preference cipher. |
... | ... |
@@ -824,8 +824,6 @@ void tls_post_encrypt (struct tls_multi *multi, struct buffer *buf); |
824 | 824 |
|
825 | 825 |
/** @} name Functions for managing security parameter state for data channel packets */ |
826 | 826 |
|
827 |
- |
|
828 |
-void show_available_tls_ciphers (void); |
|
829 | 827 |
void get_highest_preference_tls_cipher (char *buf, int size); |
830 | 828 |
|
831 | 829 |
void pem_password_setup (const char *auth_file); |
... | ... |
@@ -74,3 +74,29 @@ tls_clear_error() |
74 | 74 |
{ |
75 | 75 |
ERR_clear_error (); |
76 | 76 |
} |
77 |
+ |
|
78 |
+void |
|
79 |
+show_available_tls_ciphers () |
|
80 |
+{ |
|
81 |
+ SSL_CTX *ctx; |
|
82 |
+ SSL *ssl; |
|
83 |
+ const char *cipher_name; |
|
84 |
+ int priority = 0; |
|
85 |
+ |
|
86 |
+ ctx = SSL_CTX_new (TLSv1_method ()); |
|
87 |
+ if (!ctx) |
|
88 |
+ msg (M_SSLERR, "Cannot create SSL_CTX object"); |
|
89 |
+ |
|
90 |
+ ssl = SSL_new (ctx); |
|
91 |
+ if (!ssl) |
|
92 |
+ msg (M_SSLERR, "Cannot create SSL object"); |
|
93 |
+ |
|
94 |
+ printf ("Available TLS Ciphers,\n"); |
|
95 |
+ printf ("listed in order of preference:\n\n"); |
|
96 |
+ while ((cipher_name = SSL_get_cipher_list (ssl, priority++))) |
|
97 |
+ printf ("%s\n", cipher_name); |
|
98 |
+ printf ("\n"); |
|
99 |
+ |
|
100 |
+ SSL_free (ssl); |
|
101 |
+ SSL_CTX_free (ctx); |
|
102 |
+} |