update FAQ
[openssl.git] / apps / ciphers.c
index f473f4c..c9abf1a 100644 (file)
@@ -59,7 +59,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
-#ifdef NO_STDIO
+#ifdef OPENSSL_NO_STDIO
 #define APPS_WIN16
 #endif
 #include "apps.h"
 #undef PROG
 #define PROG   ciphers_main
 
-static char *ciphers_usage[]={
+static const char *ciphers_usage[]={
 "usage: ciphers args\n",
-" -v          - verbose mode, a textual listing of the ciphers in SSLeay\n",
+" -v          - verbose mode, a textual listing of the SSL/TLS ciphers in OpenSSL\n",
+" -V          - even more verbose\n",
 " -ssl2       - SSL2 mode\n",
 " -ssl3       - SSL3 mode\n",
+" -tls1       - TLS1 mode\n",
 NULL
 };
 
+int MAIN(int, char **);
+
 int MAIN(int argc, char **argv)
        {
        int ret=1,i;
-       int verbose=0;
-       char **pp;
+       int verbose=0,Verbose=0;
+#ifndef OPENSSL_NO_SSL_TRACE
+       int stdname = 0;
+#endif
+       const char **pp;
        const char *p;
        int badops=0;
        SSL_CTX *ctx=NULL;
        SSL *ssl=NULL;
        char *ciphers=NULL;
-       SSL_METHOD *meth=NULL;
+       const SSL_METHOD *meth=NULL;
        STACK_OF(SSL_CIPHER) *sk;
        char buf[512];
        BIO *STDout=NULL;
 
-#if !defined(NO_SSL2) && !defined(NO_SSL3)
+#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
        meth=SSLv23_server_method();
-#elif !defined(NO_SSL3)
+#elif !defined(OPENSSL_NO_SSL3)
        meth=SSLv3_server_method();
-#elif !defined(NO_SSL2)
+#elif !defined(OPENSSL_NO_SSL2)
        meth=SSLv2_server_method();
 #endif
 
@@ -105,6 +112,14 @@ int MAIN(int argc, char **argv)
        if (bio_err == NULL)
                bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
        STDout=BIO_new_fp(stdout,BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+       {
+       BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+       STDout = BIO_push(tmpbio, STDout);
+       }
+#endif
+       if (!load_config(bio_err, NULL))
+               goto end;
 
        argc--;
        argv++;
@@ -112,13 +127,23 @@ int MAIN(int argc, char **argv)
                {
                if (strcmp(*argv,"-v") == 0)
                        verbose=1;
-#ifndef NO_SSL2
+               else if (strcmp(*argv,"-V") == 0)
+                       verbose=Verbose=1;
+#ifndef OPENSSL_NO_SSL_TRACE
+               else if (strcmp(*argv,"-stdname") == 0)
+                       stdname=verbose=1;
+#endif
+#ifndef OPENSSL_NO_SSL2
                else if (strcmp(*argv,"-ssl2") == 0)
                        meth=SSLv2_client_method();
 #endif
-#ifndef NO_SSL3
+#ifndef OPENSSL_NO_SSL3
                else if (strcmp(*argv,"-ssl3") == 0)
                        meth=SSLv3_client_method();
+#endif
+#ifndef OPENSSL_NO_TLS1
+               else if (strcmp(*argv,"-tls1") == 0)
+                       meth=TLSv1_client_method();
 #endif
                else if ((strncmp(*argv,"-h",2) == 0) ||
                         (strcmp(*argv,"-?") == 0))
@@ -137,11 +162,11 @@ int MAIN(int argc, char **argv)
        if (badops)
                {
                for (pp=ciphers_usage; (*pp != NULL); pp++)
-                       BIO_printf(bio_err,*pp);
+                       BIO_printf(bio_err,"%s",*pp);
                goto end;
                }
 
-       SSLeay_add_ssl_algorithms();
+       OpenSSL_add_ssl_algorithms();
 
        ctx=SSL_CTX_new(meth);
        if (ctx == NULL) goto err;
@@ -166,15 +191,41 @@ int MAIN(int argc, char **argv)
                        }
                BIO_printf(STDout,"\n");
                }
-       else
+       else /* verbose */
                {
                sk=SSL_get_ciphers(ssl);
 
                for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
                        {
-                       BIO_puts(STDout,SSL_CIPHER_description(
-                               sk_SSL_CIPHER_value(sk,i),
-                               buf,512));
+                       SSL_CIPHER *c;
+
+                       c = sk_SSL_CIPHER_value(sk,i);
+                       
+                       if (Verbose)
+                               {
+                               unsigned long id = SSL_CIPHER_get_id(c);
+                               int id0 = (int)(id >> 24);
+                               int id1 = (int)((id >> 16) & 0xffL);
+                               int id2 = (int)((id >> 8) & 0xffL);
+                               int id3 = (int)(id & 0xffL);
+                               
+                               if ((id & 0xff000000L) == 0x02000000L)
+                                       BIO_printf(STDout, "     0x%02X,0x%02X,0x%02X - ", id1, id2, id3); /* SSL2 cipher */
+                               else if ((id & 0xff000000L) == 0x03000000L)
+                                       BIO_printf(STDout, "          0x%02X,0x%02X - ", id2, id3); /* SSL3 cipher */
+                               else
+                                       BIO_printf(STDout, "0x%02X,0x%02X,0x%02X,0x%02X - ", id0, id1, id2, id3); /* whatever */
+                               }
+#ifndef OPENSSL_NO_SSL_TRACE
+                       if (stdname)
+                               {
+                               const char *nm = SSL_CIPHER_standard_name(c);
+                               if (nm == NULL)
+                                       nm = "UNKNOWN";
+                               BIO_printf(STDout, "%s - ", nm);
+                               }
+#endif
+                       BIO_puts(STDout,SSL_CIPHER_description(c,buf,sizeof buf));
                        }
                }
 
@@ -188,7 +239,8 @@ err:
 end:
        if (ctx != NULL) SSL_CTX_free(ctx);
        if (ssl != NULL) SSL_free(ssl);
-       if (STDout != NULL) BIO_free(STDout);
-       EXIT(ret);
+       if (STDout != NULL) BIO_free_all(STDout);
+       apps_shutdown();
+       OPENSSL_EXIT(ret);
        }