summaryrefslogtreecommitdiffstats
path: root/security/nss/cmd/listsuites/listsuites.c
diff options
context:
space:
mode:
authorMatt A. Tobin <mattatobin@localhost.localdomain>2018-02-02 04:16:08 -0500
committerMatt A. Tobin <mattatobin@localhost.localdomain>2018-02-02 04:16:08 -0500
commit5f8de423f190bbb79a62f804151bc24824fa32d8 (patch)
tree10027f336435511475e392454359edea8e25895d /security/nss/cmd/listsuites/listsuites.c
parent49ee0794b5d912db1f95dce6eb52d781dc210db5 (diff)
downloadUXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar
UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar.gz
UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar.lz
UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar.xz
UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.zip
Add m-esr52 at 52.6.0
Diffstat (limited to 'security/nss/cmd/listsuites/listsuites.c')
-rw-r--r--security/nss/cmd/listsuites/listsuites.c62
1 files changed, 62 insertions, 0 deletions
diff --git a/security/nss/cmd/listsuites/listsuites.c b/security/nss/cmd/listsuites/listsuites.c
new file mode 100644
index 000000000..458130e5e
--- /dev/null
+++ b/security/nss/cmd/listsuites/listsuites.c
@@ -0,0 +1,62 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* This program demonstrates the use of SSL_GetCipherSuiteInfo to avoid
+ * all compiled-in knowledge of SSL cipher suites.
+ *
+ * Try: ./listsuites | grep -v : | sort -b +4rn -5 +1 -2 +2 -3 +3 -4 +5r -6
+ */
+
+#include <errno.h>
+#include <stdio.h>
+#include "secport.h"
+#include "ssl.h"
+
+int
+main(int argc, char **argv)
+{
+ const PRUint16 *cipherSuites = SSL_ImplementedCiphers;
+ int i;
+ int errCount = 0;
+
+ fputs("This version of libSSL supports these cipher suites:\n\n", stdout);
+
+ /* disable all the SSL3 cipher suites */
+ for (i = 0; i < SSL_NumImplementedCiphers; i++) {
+ PRUint16 suite = cipherSuites[i];
+ SECStatus rv;
+ PRBool enabled;
+ PRErrorCode err;
+ SSLCipherSuiteInfo info;
+
+ rv = SSL_CipherPrefGetDefault(suite, &enabled);
+ if (rv != SECSuccess) {
+ err = PR_GetError();
+ ++errCount;
+ fprintf(stderr,
+ "SSL_CipherPrefGetDefault didn't like value 0x%04x (i = %d): %s\n",
+ suite, i, PORT_ErrorToString(err));
+ continue;
+ }
+ rv = SSL_GetCipherSuiteInfo(suite, &info, (int)(sizeof info));
+ if (rv != SECSuccess) {
+ err = PR_GetError();
+ ++errCount;
+ fprintf(stderr,
+ "SSL_GetCipherSuiteInfo didn't like value 0x%04x (i = %d): %s\n",
+ suite, i, PORT_ErrorToString(err));
+ continue;
+ }
+ fprintf(stdout,
+ "%s:\n" /* up to 37 spaces */
+ " 0x%04hx %-5s %-5s %-8s %3hd %-6s %-8s %-4s Domestic %-11s\n",
+ info.cipherSuiteName, info.cipherSuite,
+ info.keaTypeName, info.authAlgorithmName, info.symCipherName,
+ info.effectiveKeyBits, info.macAlgorithmName,
+ enabled ? "Enabled" : "Disabled",
+ info.isFIPS ? "FIPS" : "",
+ info.nonStandard ? "nonStandard" : "");
+ }
+ return errCount;
+}