* Copyright 2007-2017 by Apple Inc.
* Copyright 1997-2006 by Easy Software Products.
*
- * These coded instructions, statements, and computer programs are the
- * property of Apple Inc. and are protected by Federal copyright
- * law. Distribution and use rights are outlined in the file "LICENSE.txt"
- * which should have been included with this file. If this file is
- * missing or damaged, see the license at "http://www.cups.org/".
- *
- * This file is subject to the Apple OS-Developed Software exception.
+ * Licensed under Apache License v2.0. See the file "LICENSE" for more information.
*/
/*
http_t *http; /* HTTP connection */
const char *server = NULL; /* Hostname from command-line */
int port = 0; /* Port number */
+ cups_array_t *creds; /* Server credentials */
+ char creds_str[2048]; /* Credentials string */
const char *cipherName = "UNKNOWN";/* Cipher suite name */
int dhBits = 0; /* Diffie-Hellman bits */
int tlsVersion = 0; /* TLS version number */
tls_min_version = _HTTP_TLS_1_0;
tls_max_version = _HTTP_TLS_1_0;
}
+ else if (!strcmp(argv[i], "--tls11"))
+ {
+ tls_min_version = _HTTP_TLS_1_1;
+ tls_max_version = _HTTP_TLS_1_1;
+ }
+ else if (!strcmp(argv[i], "--tls12"))
+ {
+ tls_min_version = _HTTP_TLS_1_2;
+ tls_max_version = _HTTP_TLS_1_2;
+ }
+ else if (!strcmp(argv[i], "--tls13"))
+ {
+ tls_min_version = _HTTP_TLS_1_3;
+ tls_max_version = _HTTP_TLS_1_3;
+ }
else if (!strcmp(argv[i], "--rc4"))
{
tls_options |= _HTTP_TLS_ALLOW_RC4;
return (1);
}
+ if (httpCopyCredentials(http, &creds))
+ {
+ strlcpy(creds_str, "Unable to get server X.509 credentials.", sizeof(creds_str));
+ }
+ else
+ {
+ httpCredentialsString(creds, creds_str, sizeof(creds_str));
+ httpFreeCredentials(creds);
+ }
+
#ifdef __APPLE__
SSLProtocol protocol;
SSLCipherSuite cipher;
else
printf("%s: OK (TLS: %d.%d, %s)\n", server, tlsVersion / 10, tlsVersion % 10, cipherName);
+ printf(" %s\n", creds_str);
+
if (verbose)
{
httpAssembleURI(HTTP_URI_CODING_ALL, uri, sizeof(uri), "ipps", NULL, host, port, resource);
}
ippDelete(response);
+ puts("");
}
httpClose(http);
puts(" --no-tls10 Disable TLS/1.0");
puts(" --rc4 Allow RC4 encryption");
puts(" --tls10 Only use TLS/1.0");
+ puts(" --tls11 Only use TLS/1.1");
+ puts(" --tls12 Only use TLS/1.2");
+ puts(" --tls13 Only use TLS/1.3");
puts(" --verbose Be verbose");
puts(" -4 Connect using IPv4 addresses only");
puts(" -6 Connect using IPv6 addresses only");