diff options
author | Steffan Karger <steffan@karger.me> | 2014-01-01 21:10:23 +0100 |
---|---|---|
committer | Gert Doering <gert@greenie.muc.de> | 2014-01-03 15:02:17 +0100 |
commit | 5690c525e58769a72fb5dbe63b5f6af78dff92ad (patch) | |
tree | bed9f4d9de62876a2d6929c9289ef41fc6323dfc /src/openvpn/ssl_polarssl.c | |
parent | dce118c833433cc0300cbcfe6b2d0cc3d5c34a3d (diff) | |
download | openvpn-5690c525e58769a72fb5dbe63b5f6af78dff92ad.tar.gz openvpn-5690c525e58769a72fb5dbe63b5f6af78dff92ad.tar.xz openvpn-5690c525e58769a72fb5dbe63b5f6af78dff92ad.zip |
If --tls-cipher is supplied, make --show-tls parse the list.
This allows to check the available TLS ciphers for a specific configuration
by supplying both --tls-cipher and --show-tls options.
Signed-off-by: Steffan Karger <steffan@karger.me>
Acked-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1388607026-12297-4-git-send-email-steffan@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/8150
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit cb03dca83e37fd65666bf776f39da902fb10acbc)
Diffstat (limited to 'src/openvpn/ssl_polarssl.c')
-rw-r--r-- | src/openvpn/ssl_polarssl.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/src/openvpn/ssl_polarssl.c b/src/openvpn/ssl_polarssl.c index cdd9189..551c352 100644 --- a/src/openvpn/ssl_polarssl.c +++ b/src/openvpn/ssl_polarssl.c @@ -1033,10 +1033,16 @@ print_details (struct key_state_ssl * ks_ssl, const char *prefix) } void -show_available_tls_ciphers () +show_available_tls_ciphers (const char *cipher_list) { + struct tls_root_ctx tls_ctx; const int *ciphers = ssl_list_ciphersuites(); + if (cipher_list) { + tls_ctx_restrict_ciphers(&tls_ctx, cipher_list); + ciphers = tls_ctx.allowed_ciphers; + } + #ifndef ENABLE_SMALL printf ("Available TLS Ciphers,\n"); printf ("listed in order of preference:\n\n"); |