static void main_latex(void)
{
int i, j;
const char* desc;
const char* _name;
puts( headers);
printf("\\begin{supertabular}{|p{.64\\linewidth}|p{.12\\linewidth}|p{.09\\linewidth}|}\n");
{
size_t i;
const char *name;
char id[2];
gnutls_kx_algorithm_t kx;
gnutls_cipher_algorithm_t cipher;
gnutls_mac_algorithm_t mac;
gnutls_protocol_t version;
for (i = 0; (name = gnutls_cipher_suite_info
(i, id, &kx, &cipher, &mac, &version)); i++)
{
printf ("{\\small{%s}} & \\code{0x%02X 0x%02X} & %s",
escape_string(name, buffer, sizeof(buffer)),
(unsigned char) id[0], (unsigned char) id[1],
gnutls_protocol_get_name (version));
printf( "\\\\\n");
}
printf("\\end{supertabular}\n\n");
}
return;
}
/*
* Initialize TLS subsystem. Should be called only once.
*/
static int
tlsg_init( void )
{
#ifdef HAVE_GCRYPT_RAND
struct ldapoptions *lo = LDAP_INT_GLOBAL_OPT();
if ( lo->ldo_tls_randfile &&
gcry_control( GCRYCTL_SET_RNDEGD_SOCKET, lo->ldo_tls_randfile )) {
Debug( LDAP_DEBUG_ANY,
"TLS: gcry_control GCRYCTL_SET_RNDEGD_SOCKET failed\n",
0, 0, 0);
return -1;
}
#endif
gnutls_global_init();
#ifndef HAVE_CIPHERSUITES
/* GNUtls cipher suite handling: The library ought to parse suite
* names for us, but it doesn't. It will return a list of suite names
* that it supports, so we can do parsing ourselves. It ought to tell
* us how long the list is, but it doesn't do that either, so we just
* have to count it manually...
*/
{
int i = 0;
tls_cipher_suite *ptr, tmp;
char cs_id[2];
while ( gnutls_cipher_suite_info( i, cs_id, &tmp.kx, &tmp.cipher,
&tmp.mac, &tmp.version ))
i++;
tlsg_n_ciphers = i;
/* Store a copy */
tlsg_ciphers = LDAP_MALLOC(tlsg_n_ciphers * sizeof(tls_cipher_suite));
if ( !tlsg_ciphers )
return -1;
for ( i=0; i<tlsg_n_ciphers; i++ ) {
tlsg_ciphers[i].name = gnutls_cipher_suite_info( i, cs_id,
&tlsg_ciphers[i].kx, &tlsg_ciphers[i].cipher, &tlsg_ciphers[i].mac,
&tlsg_ciphers[i].version );
}
}
#endif
return 0;
}
wxString CTlsSocket::ListTlsCiphers(wxString priority)
{
if (priority.IsEmpty())
priority = wxString::FromUTF8(ciphers);
wxString list = wxString::Format(_T("Ciphers for %s:\n"), priority.c_str());
#if GNUTLS_VERSION_NUMBER >= 0x030009
gnutls_priority_t pcache;
const char *err = 0;
int ret = gnutls_priority_init(&pcache, priority.mb_str(), &err);
if (ret < 0)
{
list += wxString::Format(_T("gnutls_priority_init failed with code %d: %s"), ret, wxString::FromUTF8(err ? err : "").c_str());
return list;
}
else
{
for (size_t i = 0; ; i++)
{
unsigned int idx;
ret = gnutls_priority_get_cipher_suite_index(pcache, i, &idx);
if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
break;
if (ret == GNUTLS_E_UNKNOWN_CIPHER_SUITE)
continue;
gnutls_protocol_t version;
unsigned char id[2];
const char* name = gnutls_cipher_suite_info(idx, id, NULL, NULL, NULL, &version);
if (name != 0)
{
list += wxString::Format(
_T("%-50s 0x%02x, 0x%02x %s\n"),
wxString::FromUTF8(name).c_str(),
(unsigned char)id[0],
(unsigned char)id[1],
wxString::FromUTF8(gnutls_protocol_get_name(version)).c_str());
}
}
}
#else
list += _T("Unknown\n");
#endif
return list;
}
static void print_cipher_suite_list(const char *priorities)
{
size_t i;
int ret;
unsigned int idx;
const char *name;
const char *err;
unsigned char id[2];
gnutls_protocol_t version;
gnutls_priority_t pcache;
if (priorities != NULL) {
printf("Cipher suites for %s\n", priorities);
ret = gnutls_priority_init(&pcache, priorities, &err);
if (ret < 0) {
fprintf(stderr, "Syntax error at: %s\n", err);
exit(1);
}
for (i = 0;; i++) {
ret =
gnutls_priority_get_cipher_suite_index(pcache,
i,
&idx);
if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
break;
if (ret == GNUTLS_E_UNKNOWN_CIPHER_SUITE)
continue;
name =
gnutls_cipher_suite_info(idx, id, NULL, NULL,
NULL, &version);
if (name != NULL)
printf("%-50s\t0x%02x, 0x%02x\t%s\n",
name, (unsigned char) id[0],
(unsigned char) id[1],
gnutls_protocol_get_name(version));
}
return;
}
}
void
print_list (const char *priorities, int verbose)
{
size_t i;
int ret;
unsigned int idx;
const char *name;
const char *err;
unsigned char id[2];
gnutls_kx_algorithm_t kx;
gnutls_cipher_algorithm_t cipher;
gnutls_mac_algorithm_t mac;
gnutls_protocol_t version;
gnutls_priority_t pcache;
const unsigned int *list;
if (priorities != NULL)
{
printf ("Cipher suites for %s\n", priorities);
ret = gnutls_priority_init (&pcache, priorities, &err);
if (ret < 0)
{
fprintf (stderr, "Syntax error at: %s\n", err);
exit (1);
}
for (i = 0;; i++)
{
ret =
gnutls_priority_get_cipher_suite_index (pcache, i,
&idx);
if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
break;
if (ret == GNUTLS_E_UNKNOWN_CIPHER_SUITE)
continue;
name =
gnutls_cipher_suite_info (idx, id, NULL, NULL, NULL,
&version);
if (name != NULL)
printf ("%-50s\t0x%02x, 0x%02x\t%s\n",
name, (unsigned char) id[0],
(unsigned char) id[1],
gnutls_protocol_get_name (version));
}
printf("\n");
{
ret = gnutls_priority_certificate_type_list (pcache, &list);
printf ("Certificate types: ");
if (ret == 0) printf("none\n");
for (i = 0; i < (unsigned)ret; i++)
{
printf ("CTYPE-%s",
gnutls_certificate_type_get_name (list[i]));
if (i+1!=(unsigned)ret)
printf (", ");
else
printf ("\n");
}
}
{
ret = gnutls_priority_protocol_list (pcache, &list);
printf ("Protocols: ");
if (ret == 0) printf("none\n");
for (i = 0; i < (unsigned)ret; i++)
{
printf ("VERS-%s", gnutls_protocol_get_name (list[i]));
if (i+1!=(unsigned)ret)
printf (", ");
else
printf ("\n");
}
}
{
ret = gnutls_priority_compression_list (pcache, &list);
printf ("Compression: ");
if (ret == 0) printf("none\n");
for (i = 0; i < (unsigned)ret; i++)
{
printf ("COMP-%s",
gnutls_compression_get_name (list[i]));
if (i+1!=(unsigned)ret)
printf (", ");
else
printf ("\n");
}
}
{
ret = gnutls_priority_ecc_curve_list (pcache, &list);
printf ("Elliptic curves: ");
if (ret == 0) printf("none\n");
for (i = 0; i < (unsigned)ret; i++)
{
printf ("CURVE-%s",
gnutls_ecc_curve_get_name (list[i]));
if (i+1!=(unsigned)ret)
printf (", ");
else
printf ("\n");
}
}
{
ret = gnutls_priority_sign_list (pcache, &list);
printf ("PK-signatures: ");
if (ret == 0) printf("none\n");
for (i = 0; i < (unsigned)ret; i++)
{
printf ("SIGN-%s",
gnutls_sign_algorithm_get_name (list[i]));
if (i+1!=(unsigned)ret)
printf (", ");
else
printf ("\n");
}
}
return;
}
printf ("Cipher suites:\n");
for (i = 0; (name = gnutls_cipher_suite_info
(i, id, &kx, &cipher, &mac, &version)); i++)
{
printf ("%-50s\t0x%02x, 0x%02x\t%s\n",
name,
(unsigned char) id[0], (unsigned char) id[1],
gnutls_protocol_get_name (version));
if (verbose)
printf ("\tKey exchange: %s\n\tCipher: %s\n\tMAC: %s\n\n",
gnutls_kx_get_name (kx),
gnutls_cipher_get_name (cipher),
gnutls_mac_get_name (mac));
}
printf("\n");
{
const gnutls_certificate_type_t *p =
gnutls_certificate_type_list ();
printf ("Certificate types: ");
for (; *p; p++)
{
printf ("CTYPE-%s", gnutls_certificate_type_get_name (*p));
if (*(p + 1))
printf (", ");
else
printf ("\n");
}
}
{
const gnutls_protocol_t *p = gnutls_protocol_list ();
printf ("Protocols: ");
for (; *p; p++)
{
printf ("VERS-%s", gnutls_protocol_get_name (*p));
if (*(p + 1))
printf (", ");
else
printf ("\n");
}
}
{
const gnutls_cipher_algorithm_t *p = gnutls_cipher_list ();
printf ("Ciphers: ");
for (; *p; p++)
{
printf ("%s", gnutls_cipher_get_name (*p));
if (*(p + 1))
printf (", ");
else
printf ("\n");
}
}
{
const gnutls_mac_algorithm_t *p = gnutls_mac_list ();
printf ("MACs: ");
for (; *p; p++)
{
printf ("%s", gnutls_mac_get_name (*p));
if (*(p + 1))
printf (", ");
else
printf ("\n");
}
}
{
const gnutls_kx_algorithm_t *p = gnutls_kx_list ();
printf ("Key exchange algorithms: ");
for (; *p; p++)
{
printf ("%s", gnutls_kx_get_name (*p));
if (*(p + 1))
printf (", ");
else
printf ("\n");
}
}
{
const gnutls_compression_method_t *p = gnutls_compression_list ();
printf ("Compression: ");
for (; *p; p++)
{
printf ("COMP-%s", gnutls_compression_get_name (*p));
if (*(p + 1))
printf (", ");
else
printf ("\n");
}
}
{
const gnutls_ecc_curve_t *p = gnutls_ecc_curve_list ();
printf ("Elliptic curves: ");
for (; *p; p++)
{
printf ("CURVE-%s", gnutls_ecc_curve_get_name (*p));
if (*(p + 1))
printf (", ");
else
printf ("\n");
}
}
{
const gnutls_pk_algorithm_t *p = gnutls_pk_list ();
printf ("Public Key Systems: ");
for (; *p; p++)
{
printf ("%s", gnutls_pk_algorithm_get_name (*p));
if (*(p + 1))
printf (", ");
else
printf ("\n");
}
}
{
const gnutls_sign_algorithm_t *p = gnutls_sign_list ();
printf ("PK-signatures: ");
for (; *p; p++)
{
printf ("SIGN-%s", gnutls_sign_algorithm_get_name (*p));
if (*(p + 1))
printf (", ");
else
printf ("\n");
}
}
}
static void main_texinfo (void)
{
{
size_t i;
const char *name;
char id[2];
gnutls_kx_algorithm_t kx;
gnutls_cipher_algorithm_t cipher;
gnutls_mac_algorithm_t mac;
gnutls_protocol_t version;
printf ("@heading Ciphersuites\n");
printf ("@multitable @columnfractions .60 .20 .20\n");
printf("@headitem Ciphersuite name @tab TLS ID @tab Since\n");
for (i = 0; (name = gnutls_cipher_suite_info
(i, id, &kx, &cipher, &mac, &version)); i++)
{
printf ("@item %s\n@tab 0x%02X 0x%02X\n@tab %s\n",
escape_texi_string(name, buffer, sizeof(buffer)),
(unsigned char) id[0], (unsigned char) id[1],
gnutls_protocol_get_name (version));
}
printf ("@end multitable\n");
}
{
const gnutls_certificate_type_t *p = gnutls_certificate_type_list ();
printf ("\n\n@heading Certificate types\n");
printf ("@table @code\n");
for (; *p; p++)
{
printf ("@item %s\n", gnutls_certificate_type_get_name (*p));
}
printf ("@end table\n");
}
{
const gnutls_protocol_t *p = gnutls_protocol_list ();
printf ("\n@heading Protocols\n@table @code\n");
for (; *p; p++)
{
printf ("@item %s\n", gnutls_protocol_get_name (*p));
}
printf ("@end table\n");
}
{
const gnutls_cipher_algorithm_t *p = gnutls_cipher_list ();
printf ("\n@heading Ciphers\n@table @code\n");
for (; *p; p++)
{
printf ("@item %s\n", gnutls_cipher_get_name (*p));
}
printf ("@end table\n");
}
{
const gnutls_mac_algorithm_t *p = gnutls_mac_list ();
printf ("\n@heading MAC algorithms\n@table @code\n");
for (; *p; p++)
{
printf ("@item %s\n", gnutls_mac_get_name (*p));
}
printf ("@end table\n");
}
{
const gnutls_kx_algorithm_t *p = gnutls_kx_list ();
printf ("\n@heading Key exchange methods\n@table @code\n");
for (; *p; p++)
{
printf ("@item %s\n", gnutls_kx_get_name (*p));
}
printf ("@end table\n");
}
{
const gnutls_pk_algorithm_t *p = gnutls_pk_list ();
printf ("\n@heading Public key algorithms\n@table @code\n");
for (; *p; p++)
{
printf ("@item %s\n", gnutls_pk_get_name (*p));
}
printf ("@end table\n");
}
{
const gnutls_sign_algorithm_t *p = gnutls_sign_list ();
printf ("\n@heading Public key signature algorithms\n@table @code\n");
for (; *p; p++)
{
printf ("@item %s\n", gnutls_sign_get_name (*p));
}
printf ("@end table\n");
}
{
const gnutls_ecc_curve_t *p = gnutls_ecc_curve_list ();
printf ("\n@heading Elliptic curves\n@table @code\n");
for (; *p; p++)
{
printf ("@item %s\n", gnutls_ecc_curve_get_name (*p));
}
printf ("@end table\n");
}
{
const gnutls_compression_method_t *p = gnutls_compression_list ();
printf ("\n@heading Compression methods\n@table @code\n");
for (; *p; p++)
{
printf ("@item %s\n", gnutls_compression_get_name (*p));
}
printf ("@end table\n");
}
}
void
print_list (int verbose)
{
{
size_t i;
const char *name;
char id[2];
gnutls_kx_algorithm_t kx;
gnutls_cipher_algorithm_t cipher;
gnutls_mac_algorithm_t mac;
gnutls_protocol_t version;
printf ("Cipher suites:\n");
for (i = 0; (name = gnutls_cipher_suite_info
(i, id, &kx, &cipher, &mac, &version)); i++)
{
printf ("%-50s\t0x%02x, 0x%02x\t%s\n",
name,
(unsigned char) id[0], (unsigned char) id[1],
gnutls_protocol_get_name (version));
if (verbose)
printf ("\tKey exchange: %s\n\tCipher: %s\n\tMAC: %s\n\n",
gnutls_kx_get_name (kx),
gnutls_cipher_get_name (cipher), gnutls_mac_get_name (mac));
}
}
{
const gnutls_certificate_type_t *p = gnutls_certificate_type_list ();
printf ("Certificate types: ");
for (; *p; p++)
{
printf ("%s", gnutls_certificate_type_get_name (*p));
if (*(p + 1))
printf (", ");
else
printf ("\n");
}
}
{
const gnutls_protocol_t *p = gnutls_protocol_list ();
printf ("Protocols: ");
for (; *p; p++)
{
printf ("%s", gnutls_protocol_get_name (*p));
if (*(p + 1))
printf (", ");
else
printf ("\n");
}
}
{
const gnutls_cipher_algorithm_t *p = gnutls_cipher_list ();
printf ("Ciphers: ");
for (; *p; p++)
{
printf ("%s", gnutls_cipher_get_name (*p));
if (*(p + 1))
printf (", ");
else
printf ("\n");
}
}
{
const gnutls_mac_algorithm_t *p = gnutls_mac_list ();
printf ("MACs: ");
for (; *p; p++)
{
printf ("%s", gnutls_mac_get_name (*p));
if (*(p + 1))
printf (", ");
else
printf ("\n");
}
}
{
const gnutls_kx_algorithm_t *p = gnutls_kx_list ();
printf ("Key exchange algorithms: ");
for (; *p; p++)
{
printf ("%s", gnutls_kx_get_name (*p));
if (*(p + 1))
printf (", ");
else
printf ("\n");
}
}
{
const gnutls_compression_method_t *p = gnutls_compression_list ();
printf ("Compression: ");
for (; *p; p++)
{
printf ("%s", gnutls_compression_get_name (*p));
if (*(p + 1))
printf (", ");
else
printf ("\n");
}
}
{
const gnutls_pk_algorithm_t *p = gnutls_pk_list ();
printf ("Public Key Systems: ");
for (; *p; p++)
{
printf ("%s", gnutls_pk_algorithm_get_name (*p));
if (*(p + 1))
printf (", ");
else
printf ("\n");
}
}
{
const gnutls_sign_algorithm_t *p = gnutls_sign_list ();
printf ("PK-signatures: ");
for (; *p; p++)
{
printf ("%s", gnutls_sign_algorithm_get_name (*p));
if (*(p + 1))
printf (", ");
else
printf ("\n");
}
}
}
int
main (void)
{
{
size_t i;
const char *name;
char id[2];
gnutls_kx_algorithm_t kx;
gnutls_cipher_algorithm_t cipher;
gnutls_mac_algorithm_t mac;
gnutls_protocol_t version;
printf ("Available cipher suites:\n");
printf ("@multitable @columnfractions .60 .20 .20\n");
for (i = 0; (name = gnutls_cipher_suite_info
(i, id, &kx, &cipher, &mac, &version)); i++)
{
printf ("@item %s\n@tab 0x%02x 0x%02x\n@tab %s\n",
name,
(unsigned char) id[0], (unsigned char) id[1],
gnutls_protocol_get_name (version));
}
printf ("@end multitable\n");
}
{
const gnutls_certificate_type_t *p = gnutls_certificate_type_list ();
printf ("\n\nAvailable certificate types:\n@itemize\n");
for (; *p; p++)
{
printf ("@item %s\n", gnutls_certificate_type_get_name (*p));
}
printf ("@end itemize\n");
}
{
const gnutls_protocol_t *p = gnutls_protocol_list ();
printf ("\nAvailable protocols:\n@itemize\n");
for (; *p; p++)
{
printf ("@item %s\n", gnutls_protocol_get_name (*p));
}
printf ("@end itemize\n");
}
{
const gnutls_cipher_algorithm_t *p = gnutls_cipher_list ();
printf ("\nAvailable ciphers:\n@itemize\n");
for (; *p; p++)
{
printf ("@item %s\n", gnutls_cipher_get_name (*p));
}
printf ("@end itemize\n");
}
{
const gnutls_mac_algorithm_t *p = gnutls_mac_list ();
printf ("\nAvailable MAC algorithms:\n@itemize\n");
for (; *p; p++)
{
printf ("@item %s\n", gnutls_mac_get_name (*p));
}
printf ("@end itemize\n");
}
{
const gnutls_kx_algorithm_t *p = gnutls_kx_list ();
printf ("\nAvailable key exchange methods:\n@itemize\n");
for (; *p; p++)
{
printf ("@item %s\n", gnutls_kx_get_name (*p));
}
printf ("@end itemize\n");
}
{
const gnutls_pk_algorithm_t *p = gnutls_pk_list ();
printf ("\nAvailable public key algorithms:\n@itemize\n");
for (; *p; p++)
{
printf ("@item %s\n", gnutls_pk_get_name (*p));
}
printf ("@end itemize\n");
}
{
const gnutls_sign_algorithm_t *p = gnutls_sign_list ();
printf ("\nAvailable public key signature algorithms:\n@itemize\n");
for (; *p; p++)
{
printf ("@item %s\n", gnutls_sign_get_name (*p));
}
printf ("@end itemize\n");
}
{
const gnutls_compression_method_t *p = gnutls_compression_list ();
printf ("\nAvailable compression methods:\n@itemize\n");
for (; *p; p++)
{
printf ("@item %s\n", gnutls_compression_get_name (*p));
}
printf ("@end itemize\n");
}
}
