The Tor Browser / file diff

     1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/security/nss/cmd/listsuites/listsuites.c	Wed Dec 31 06:09:35 2014 +0100
     1.3 @@ -0,0 +1,63 @@
     1.4 +/* This Source Code Form is subject to the terms of the Mozilla Public
     1.5 + * License, v. 2.0. If a copy of the MPL was not distributed with this
     1.6 + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
     1.7 +
     1.8 +/* This program demonstrates the use of SSL_GetCipherSuiteInfo to avoid 
     1.9 + * all compiled-in knowledge of SSL cipher suites.
    1.10 + *
    1.11 + * Try: ./listsuites | grep -v : | sort -b +4rn -5 +1 -2 +2 -3 +3 -4 +5r -6
    1.12 + */
    1.13 +
    1.14 +#include <errno.h>
    1.15 +#include <stdio.h>
    1.16 +#include "secport.h"
    1.17 +#include "ssl.h"
    1.18 +
    1.19 +int main(int argc, char **argv)
    1.20 +{
    1.21 +    const PRUint16 *cipherSuites = SSL_ImplementedCiphers;
    1.22 +    int i;
    1.23 +    int errCount = 0;
    1.24 +
    1.25 +    fputs("This version of libSSL supports these cipher suites:\n\n", stdout);
    1.26 +
    1.27 +    /* disable all the SSL3 cipher suites */
    1.28 +    for (i = 0; i < SSL_NumImplementedCiphers; i++) {
    1.29 +	PRUint16  suite = cipherSuites[i];
    1.30 +	SECStatus rv;
    1.31 +	PRBool    enabled;
    1.32 +	PRErrorCode err;
    1.33 +	SSLCipherSuiteInfo info; 
    1.34 +
    1.35 +        rv = SSL_CipherPrefGetDefault(suite, &enabled);
    1.36 +	if (rv != SECSuccess) {
    1.37 +	    err = PR_GetError();
    1.38 +	    ++errCount;
    1.39 +	    fprintf(stderr,
    1.40 +	    "SSL_CipherPrefGetDefault didn't like value 0x%04x (i = %d): %s\n",
    1.41 +	    	   suite, i, PORT_ErrorToString(err));
    1.42 +	    continue;
    1.43 +	} 
    1.44 +	rv = SSL_GetCipherSuiteInfo(suite, &info, (int)(sizeof info));
    1.45 +	if (rv != SECSuccess) {
    1.46 +	    err = PR_GetError();
    1.47 +	    ++errCount;
    1.48 +	    fprintf(stderr,
    1.49 +	    "SSL_GetCipherSuiteInfo didn't like value 0x%04x (i = %d): %s\n",
    1.50 +	    	   suite, i, PORT_ErrorToString(err));
    1.51 +	    continue;
    1.52 +	}
    1.53 +	fprintf(stdout, 
    1.54 +		"%s:\n" /* up to 37 spaces  */
    1.55 +		"  0x%04hx %-5s %-5s %-8s %3hd %-6s %-8s %-4s %-8s %-11s\n",
    1.56 +		info.cipherSuiteName, info.cipherSuite, 
    1.57 +		info.keaTypeName, info.authAlgorithmName, info.symCipherName, 
    1.58 +		info.effectiveKeyBits, info.macAlgorithmName, 
    1.59 +		enabled           ? "Enabled"     : "Disabled",
    1.60 +		info.isFIPS       ? "FIPS" : 
    1.61 +		  (SSL_IS_SSL2_CIPHER(info.cipherSuite) ? "SSL2" : ""),
    1.62 +		info.isExportable ? "Export"      : "Domestic",
    1.63 +		info.nonStandard  ? "nonStandard" : "");
    1.64 +    }
    1.65 +    return errCount;
    1.66 +}