Refactored tls_show_available_ciphers

Signed-off-by: Adriaan de Jong <dejong@fox-it.com> Acked-by: Gert Doering <gert@greenie.muc.de> Acked-by: James Yonan <james@openvpn.net> Signed-off-by: David Sommerseth <davids@redhat.com>
author: Adriaan de Jong <dejong@fox-it.com> 2011-06-27 09:44:47 +0200
committer: David Sommerseth <davids@redhat.com> 2011-10-19 22:31:46 +0200
commit: 397c0a35c5b36c270678c717e931476dc42bfa5c (patch)
tree: fe7cbe741e6a8ea40e96703f5de85cc07f07d0f3 /ssl_openssl.c
parent: eab0cf2df1b1f1f73a657384c0fdb201508c0399 (diff)
download: openvpn-397c0a35c5b36c270678c717e931476dc42bfa5c.tar.gz
openvpn-397c0a35c5b36c270678c717e931476dc42bfa5c.tar.xz
openvpn-397c0a35c5b36c270678c717e931476dc42bfa5c.zip
1 files changed, 26 insertions, 0 deletions
diff --git a/ssl_openssl.c b/ssl_openssl.c
index eff0bc4..6f6f1b3 100644
--- a/ssl_openssl.c
+++ b/ssl_openssl.c
@@ -74,3 +74,29 @@ tls_clear_error()
 {
   ERR_clear_error ();
 }
+
+void
+show_available_tls_ciphers ()
+{
+  SSL_CTX *ctx;
+  SSL *ssl;
+  const char *cipher_name;
+  int priority = 0;
+
+  ctx = SSL_CTX_new (TLSv1_method ());
+  if (!ctx)
+    msg (M_SSLERR, "Cannot create SSL_CTX object");
+
+  ssl = SSL_new (ctx);
+  if (!ssl)
+    msg (M_SSLERR, "Cannot create SSL object");
+
+  printf ("Available TLS Ciphers,\n");
+  printf ("listed in order of preference:\n\n");
+  while ((cipher_name = SSL_get_cipher_list (ssl, priority++)))
+    printf ("%s\n", cipher_name);
+  printf ("\n");
+
+  SSL_free (ssl);
+  SSL_CTX_free (ctx);
+}
author	Adriaan de Jong <dejong@fox-it.com>	2011-06-27 09:44:47 +0200
committer	David Sommerseth <davids@redhat.com>	2011-10-19 22:31:46 +0200
commit	397c0a35c5b36c270678c717e931476dc42bfa5c (patch)
tree	fe7cbe741e6a8ea40e96703f5de85cc07f07d0f3 /ssl_openssl.c
parent	eab0cf2df1b1f1f73a657384c0fdb201508c0399 (diff)
download	openvpn-397c0a35c5b36c270678c717e931476dc42bfa5c.tar.gz openvpn-397c0a35c5b36c270678c717e931476dc42bfa5c.tar.xz openvpn-397c0a35c5b36c270678c717e931476dc42bfa5c.zip