From: Adriaan de Jong <dejong@fox-it.com>
Date: Mon, 27 Jun 2011 07:44:47 +0000 (+0200)
Subject: Refactored tls_show_available_ciphers
X-Git-Tag: v2.3-alpha1~157
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=397c0a35c5b36c270678c717e931476dc42bfa5c;p=thirdparty%2Fopenvpn.git

Refactored tls_show_available_ciphers

Signed-off-by: Adriaan de Jong <dejong@fox-it.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Acked-by: James Yonan <james@openvpn.net>
Signed-off-by: David Sommerseth <davids@redhat.com>
---

diff --git a/ssl.c b/ssl.c
index c658441aa..2935088aa 100644
--- a/ssl.c
+++ b/ssl.c
@@ -2449,35 +2449,6 @@ print_details (SSL * c_ssl, const char *prefix)
   msg (D_HANDSHAKE, "%s%s", s1, s2);
 }
 
-/*
- * Show the TLS ciphers that are available for us to use
- * in the OpenSSL library.
- */
-void
-show_available_tls_ciphers ()
-{
-  SSL_CTX *ctx;
-  SSL *ssl;
-  const char *cipher_name;
-  int priority = 0;
-
-  ctx = SSL_CTX_new (TLSv1_method ());
-  if (!ctx)
-    msg (M_SSLERR, "Cannot create SSL_CTX object");
-  ssl = SSL_new (ctx);
-  if (!ssl)
-    msg (M_SSLERR, "Cannot create SSL object");
-
-  printf ("Available TLS Ciphers,\n");
-  printf ("listed in order of preference:\n\n");
-  while ((cipher_name = SSL_get_cipher_list (ssl, priority++)))
-    printf ("%s\n", cipher_name);
-  printf ("\n");
-
-  SSL_free (ssl);
-  SSL_CTX_free (ctx);
-}
-
 /*
  * The OpenSSL library has a notion of preference in TLS
  * ciphers.  Higher preference == more secure.
diff --git a/ssl.h b/ssl.h
index fbdb2c6df..2ff4c4d8b 100644
--- a/ssl.h
+++ b/ssl.h
@@ -824,8 +824,6 @@ void tls_post_encrypt (struct tls_multi *multi, struct buffer *buf);
 
 /** @} name Functions for managing security parameter state for data channel packets */
 
-
-void show_available_tls_ciphers (void);
 void get_highest_preference_tls_cipher (char *buf, int size);
 
 void pem_password_setup (const char *auth_file);
diff --git a/ssl_backend.h b/ssl_backend.h
index 639d85097..336e9238a 100644
--- a/ssl_backend.h
+++ b/ssl_backend.h
@@ -64,4 +64,10 @@ void tls_free_lib();
  */
 void tls_clear_error();
 
+/*
+ * Show the TLS ciphers that are available for us to use in the OpenSSL
+ * library.
+ */
+void show_available_tls_ciphers ();
+
 #endif /* SSL_BACKEND_H_ */
diff --git a/ssl_openssl.c b/ssl_openssl.c
index eff0bc400..6f6f1b3f7 100644
--- a/ssl_openssl.c
+++ b/ssl_openssl.c
@@ -74,3 +74,29 @@ tls_clear_error()
 {
   ERR_clear_error ();
 }
+
+void
+show_available_tls_ciphers ()
+{
+  SSL_CTX *ctx;
+  SSL *ssl;
+  const char *cipher_name;
+  int priority = 0;
+
+  ctx = SSL_CTX_new (TLSv1_method ());
+  if (!ctx)
+    msg (M_SSLERR, "Cannot create SSL_CTX object");
+
+  ssl = SSL_new (ctx);
+  if (!ssl)
+    msg (M_SSLERR, "Cannot create SSL object");
+
+  printf ("Available TLS Ciphers,\n");
+  printf ("listed in order of preference:\n\n");
+  while ((cipher_name = SSL_get_cipher_list (ssl, priority++)))
+    printf ("%s\n", cipher_name);
+  printf ("\n");
+
+  SSL_free (ssl);
+  SSL_CTX_free (ctx);
+}