update FAQ

[openssl.git] / apps / ciphers.c
diff --git a/apps/ciphers.c b/apps/ciphers.c

index fe26ae8cd62504b13a891dbab4ee9a2e7ec57015..c9abf1a05a78c609735aa7ac8f78dc96a7fe768d 100644 (file)
--- a/apps/ciphers.c
+++ b/apps/ciphers.c
@@ -69,9 +69,10 @@
  #undef PROG
  #define PROG   ciphers_main
  
  #undef PROG
  #define PROG   ciphers_main
  
-static char *ciphers_usage[]={
+static const char *ciphers_usage[]={
  "usage: ciphers args\n",
  "usage: ciphers args\n",
-" -v          - verbose mode, a textual listing of the ciphers in SSLeay\n",
+" -v          - verbose mode, a textual listing of the SSL/TLS ciphers in OpenSSL\n",
+" -V          - even more verbose\n",
  " -ssl2       - SSL2 mode\n",
  " -ssl3       - SSL3 mode\n",
  " -tls1       - TLS1 mode\n",
  " -ssl2       - SSL2 mode\n",
  " -ssl3       - SSL3 mode\n",
  " -tls1       - TLS1 mode\n",
@@ -83,14 +84,17 @@ int MAIN(int, char **);
  int MAIN(int argc, char **argv)
         {
         int ret=1,i;
  int MAIN(int argc, char **argv)
         {
         int ret=1,i;
-       int verbose=0;
-       char **pp;
+       int verbose=0,Verbose=0;
+#ifndef OPENSSL_NO_SSL_TRACE
+       int stdname = 0;
+#endif
+       const char **pp;
         const char *p;
         int badops=0;
         SSL_CTX *ctx=NULL;
         SSL *ssl=NULL;
         char *ciphers=NULL;
         const char *p;
         int badops=0;
         SSL_CTX *ctx=NULL;
         SSL *ssl=NULL;
         char *ciphers=NULL;
-       SSL_METHOD *meth=NULL;
+       const SSL_METHOD *meth=NULL;
         STACK_OF(SSL_CIPHER) *sk;
         char buf[512];
         BIO *STDout=NULL;
         STACK_OF(SSL_CIPHER) *sk;
         char buf[512];
         BIO *STDout=NULL;
@@ -114,6 +118,8 @@ int MAIN(int argc, char **argv)
         STDout = BIO_push(tmpbio, STDout);
         }
  #endif
         STDout = BIO_push(tmpbio, STDout);
         }
  #endif
+       if (!load_config(bio_err, NULL))
+               goto end;
  
         argc--;
         argv++;
  
         argc--;
         argv++;
@@ -121,6 +127,12 @@ int MAIN(int argc, char **argv)
                 {
                 if (strcmp(*argv,"-v") == 0)
                         verbose=1;
                 {
                 if (strcmp(*argv,"-v") == 0)
                         verbose=1;
+               else if (strcmp(*argv,"-V") == 0)
+                       verbose=Verbose=1;
+#ifndef OPENSSL_NO_SSL_TRACE
+               else if (strcmp(*argv,"-stdname") == 0)
+                       stdname=verbose=1;
+#endif
  #ifndef OPENSSL_NO_SSL2
                 else if (strcmp(*argv,"-ssl2") == 0)
                         meth=SSLv2_client_method();
  #ifndef OPENSSL_NO_SSL2
                 else if (strcmp(*argv,"-ssl2") == 0)
                         meth=SSLv2_client_method();
@@ -179,15 +191,41 @@ int MAIN(int argc, char **argv)
                         }
                 BIO_printf(STDout,"\n");
                 }
                         }
                 BIO_printf(STDout,"\n");
                 }
-       else
+       else /* verbose */
                 {
                 sk=SSL_get_ciphers(ssl);
  
                 for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
                         {
                 {
                 sk=SSL_get_ciphers(ssl);
  
                 for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
                         {
-                       BIO_puts(STDout,SSL_CIPHER_description(
-                               sk_SSL_CIPHER_value(sk,i),
-                               buf,sizeof buf));
+                       SSL_CIPHER *c;
+
+                       c = sk_SSL_CIPHER_value(sk,i);
+                       
+                       if (Verbose)
+                               {
+                               unsigned long id = SSL_CIPHER_get_id(c);
+                               int id0 = (int)(id >> 24);
+                               int id1 = (int)((id >> 16) & 0xffL);
+                               int id2 = (int)((id >> 8) & 0xffL);
+                               int id3 = (int)(id & 0xffL);
+                               
+                               if ((id & 0xff000000L) == 0x02000000L)
+                                       BIO_printf(STDout, "     0x%02X,0x%02X,0x%02X - ", id1, id2, id3); /* SSL2 cipher */
+                               else if ((id & 0xff000000L) == 0x03000000L)
+                                       BIO_printf(STDout, "          0x%02X,0x%02X - ", id2, id3); /* SSL3 cipher */
+                               else
+                                       BIO_printf(STDout, "0x%02X,0x%02X,0x%02X,0x%02X - ", id0, id1, id2, id3); /* whatever */
+                               }
+#ifndef OPENSSL_NO_SSL_TRACE
+                       if (stdname)
+                               {
+                               const char *nm = SSL_CIPHER_standard_name(c);
+                               if (nm == NULL)
+                                       nm = "UNKNOWN";
+                               BIO_printf(STDout, "%s - ", nm);
+                               }
+#endif
+                       BIO_puts(STDout,SSL_CIPHER_description(c,buf,sizeof buf));
                         }
                 }
  
                         }
                 }
  
@@ -203,6 +241,6 @@ end:
         if (ssl != NULL) SSL_free(ssl);
         if (STDout != NULL) BIO_free_all(STDout);
         apps_shutdown();
         if (ssl != NULL) SSL_free(ssl);
         if (STDout != NULL) BIO_free_all(STDout);
         apps_shutdown();
-       EXIT(ret);
+       OPENSSL_EXIT(ret);
         }
  
         }