nss-3.21nss-3.21

author: Lorry Tar Creator <lorry-tar-importer@lorry> 2015-11-09 05:12:59 +0000
committer: Lorry Tar Creator <lorry-tar-importer@lorry> 2015-11-09 05:12:59 +0000
commit: 26c046fbc57d53136b4fb3b5e0d18298318125d4 (patch)
tree: 0397d2184e7fba8a51f7fb9a6fc01a82d0748411 /nss/cmd/listsuites/listsuites.c
parent: c416b91e36567df4ec765a495c5a6ca6a1853f58 (diff)
download: nss-26c046fbc57d53136b4fb3b5e0d18298318125d4.tar.gz
1 files changed, 63 insertions, 0 deletions
diff --git a/nss/cmd/listsuites/listsuites.c b/nss/cmd/listsuites/listsuites.c
new file mode 100644
index 0000000..61d12e1
--- /dev/null
+++ b/nss/cmd/listsuites/listsuites.c
@@ -0,0 +1,63 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* This program demonstrates the use of SSL_GetCipherSuiteInfo to avoid 
+ * all compiled-in knowledge of SSL cipher suites.
+ *
+ * Try: ./listsuites | grep -v : | sort -b +4rn -5 +1 -2 +2 -3 +3 -4 +5r -6
+ */
+
+#include <errno.h>
+#include <stdio.h>
+#include "secport.h"
+#include "ssl.h"
+
+int main(int argc, char **argv)
+{
+    const PRUint16 *cipherSuites = SSL_ImplementedCiphers;
+    int i;
+    int errCount = 0;
+
+    fputs("This version of libSSL supports these cipher suites:\n\n", stdout);
+
+    /* disable all the SSL3 cipher suites */
+    for (i = 0; i < SSL_NumImplementedCiphers; i++) {
+	PRUint16  suite = cipherSuites[i];
+	SECStatus rv;
+	PRBool    enabled;
+	PRErrorCode err;
+	SSLCipherSuiteInfo info; 
+
+        rv = SSL_CipherPrefGetDefault(suite, &enabled);
+	if (rv != SECSuccess) {
+	    err = PR_GetError();
+	    ++errCount;
+	    fprintf(stderr,
+	    "SSL_CipherPrefGetDefault didn't like value 0x%04x (i = %d): %s\n",
+	    	   suite, i, PORT_ErrorToString(err));
+	    continue;
+	} 
+	rv = SSL_GetCipherSuiteInfo(suite, &info, (int)(sizeof info));
+	if (rv != SECSuccess) {
+	    err = PR_GetError();
+	    ++errCount;
+	    fprintf(stderr,
+	    "SSL_GetCipherSuiteInfo didn't like value 0x%04x (i = %d): %s\n",
+	    	   suite, i, PORT_ErrorToString(err));
+	    continue;
+	}
+	fprintf(stdout, 
+		"%s:\n" /* up to 37 spaces  */
+		"  0x%04hx %-5s %-5s %-8s %3hd %-6s %-8s %-4s %-8s %-11s\n",
+		info.cipherSuiteName, info.cipherSuite, 
+		info.keaTypeName, info.authAlgorithmName, info.symCipherName, 
+		info.effectiveKeyBits, info.macAlgorithmName, 
+		enabled           ? "Enabled"     : "Disabled",
+		info.isFIPS       ? "FIPS" : 
+		  (SSL_IS_SSL2_CIPHER(info.cipherSuite) ? "SSL2" : ""),
+		info.isExportable ? "Export"      : "Domestic",
+		info.nonStandard  ? "nonStandard" : "");
+    }
+    return errCount;
+}
author	Lorry Tar Creator <lorry-tar-importer@lorry>	2015-11-09 05:12:59 +0000
committer	Lorry Tar Creator <lorry-tar-importer@lorry>	2015-11-09 05:12:59 +0000
commit	26c046fbc57d53136b4fb3b5e0d18298318125d4 (patch)
tree	0397d2184e7fba8a51f7fb9a6fc01a82d0748411 /nss/cmd/listsuites/listsuites.c
parent	c416b91e36567df4ec765a495c5a6ca6a1853f58 (diff)
download	nss-26c046fbc57d53136b4fb3b5e0d18298318125d4.tar.gz