This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit 44035e99349d7a5d8aa07e0a32aee30ee424ca66
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Wed Jun 26 17:05:16 2019 +0100
Add equivalent of openssl ciphers command
Backport of f8e8361 by schultz
---
bin/ciphers.bat | 58 +++++++++++++++++
bin/ciphers.sh | 60 ++++++++++++++++++
.../ciphers/OpenSSLCipherConfigurationParser.java | 72 ++++++++++++++++++++++
3 files changed, 190 insertions(+)
diff --git a/bin/ciphers.bat b/bin/ciphers.bat
new file mode 100755
index 0000000..914181b
--- /dev/null
+++ b/bin/ciphers.bat
@@ -0,0 +1,58 @@
+@echo off
+rem Licensed to the Apache Software Foundation (ASF) under one or more
+rem contributor license agreements. See the NOTICE file distributed with
+rem this work for additional information regarding copyright ownership.
+rem The ASF licenses this file to You under the Apache License, Version 2.0
+rem (the "License"); you may not use this file except in compliance with
+rem the License. You may obtain a copy of the License at
+rem
+rem http://www.apache.org/licenses/LICENSE-2.0
+rem
+rem Unless required by applicable law or agreed to in writing, software
+rem distributed under the License is distributed on an "AS IS" BASIS,
+rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+rem See the License for the specific language governing permissions and
+rem limitations under the License.
+
+rem ---------------------------------------------------------------------------
+rem Script to digest password using the algorithm specified
+rem ---------------------------------------------------------------------------
+
+setlocal
+
+rem Guess CATALINA_HOME if not defined
+set "CURRENT_DIR=%cd%"
+if not "%CATALINA_HOME%" == "" goto gotHome
+set "CATALINA_HOME=%CURRENT_DIR%"
+if exist "%CATALINA_HOME%\bin\tool-wrapper.bat" goto okHome
+cd ..
+set "CATALINA_HOME=%cd%"
+cd "%CURRENT_DIR%"
+:gotHome
+if exist "%CATALINA_HOME%\bin\tool-wrapper.bat" goto okHome
+echo The CATALINA_HOME environment variable is not defined correctly
+echo This environment variable is needed to run this program
+goto end
+:okHome
+
+set "EXECUTABLE=%CATALINA_HOME%\bin\tool-wrapper.bat"
+
+rem Check that target executable exists
+if exist "%EXECUTABLE%" goto okExec
+echo Cannot find "%EXECUTABLE%"
+echo This file is needed to run this program
+goto end
+:okExec
+
+rem Get remaining unshifted command line arguments and save them in the
+set CMD_LINE_ARGS=
+:setArgs
+if ""%1""=="""" goto doneSetArgs
+set CMD_LINE_ARGS=%CMD_LINE_ARGS% %1
+shift
+goto setArgs
+:doneSetArgs
+
+call "%EXECUTABLE%"
org.apache.tomcat.util.net.openssl.ciphers.OpenSSLCipherConfigurationParser
%CMD_LINE_ARGS%
+
+:end
diff --git a/bin/ciphers.sh b/bin/ciphers.sh
new file mode 100755
index 0000000..d4a87b5
--- /dev/null
+++ b/bin/ciphers.sh
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# -----------------------------------------------------------------------------
+# Script to digest password using the algorithm specified
+# -----------------------------------------------------------------------------
+
+# Better OS/400 detection: see Bugzilla 31132
+os400=false
+case "`uname`" in
+OS400*) os400=true;;
+esac
+
+# resolve links - $0 may be a softlink
+PRG="$0"
+
+while [ -h "$PRG" ] ; do
+ ls=`ls -ld "$PRG"`
+ link=`expr "$ls" : '.*-> \(.*\)$'`
+ if expr "$link" : '/.*' > /dev/null; then
+ PRG="$link"
+ else
+ PRG=`dirname "$PRG"`/"$link"
+ fi
+done
+
+PRGDIR=`dirname "$PRG"`
+EXECUTABLE=tool-wrapper.sh
+
+# Check that target executable exists
+if $os400; then
+ # -x will Only work on the os400 if the files are:
+ # 1. owned by the user
+ # 2. owned by the PRIMARY group of the user
+ # this will not work if the user belongs in secondary groups
+ eval
+else
+ if [ ! -x "$PRGDIR"/"$EXECUTABLE" ]; then
+ echo "Cannot find $PRGDIR/$EXECUTABLE"
+ echo "The file is absent or does not have execute permission"
+ echo "This file is needed to run this program"
+ exit 1
+ fi
+fi
+
+exec "$PRGDIR"/"$EXECUTABLE"
org.apache.tomcat.util.net.openssl.ciphers.OpenSSLCipherConfigurationParser "$@"
diff --git
a/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java
b/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java
index ef8ab36..60433db 100644
---
a/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java
+++
b/java/org/apache/tomcat/util/net/openssl/ciphers/OpenSSLCipherConfigurationParser.java
@@ -840,4 +840,76 @@ public class OpenSSLCipherConfigurationParser {
}
return builder.toString().substring(0, builder.length() - 1);
}
+
+ public static void usage() {
+ System.out.println("Usage: java " +
OpenSSLCipherConfigurationParser.class.getName() + " [options] cipherspec");
+ System.out.println();
+ System.out.println("Displays the TLS cipher suites matching the
cipherspec.");
+ System.out.println();
+ System.out.println(" --help,");
+ System.out.println(" -h Print this help message");
+ System.out.println(" --openssl Show OpenSSL cipher suite names
instead of IANA cipher suite names.");
+ System.out.println(" --verbose,");
+ System.out.println(" -v Provide detailed cipher listing");
+ }
+
+ public static void main(String[] args) throws Exception
+ {
+ boolean verbose = false;
+ boolean useOpenSSLNames = false;
+ int argindex;
+ for(argindex = 0; argindex < args.length; ++argindex)
+ {
+ String arg = args[argindex];
+ if("--verbose".equals(arg) || "-v".equals(arg))
+ verbose = true;
+ else if("--openssl".equals(arg))
+ useOpenSSLNames = true;
+ else if("--help".equals(arg) || "-h".equals(arg)) {
+ usage();
+ System.exit(0);
+ }
+ else if("--".equals(arg)) {
+ ++argindex;
+ break;
+ } else if(arg.startsWith("-")) {
+ System.out.println("Unknown option: " + arg);
+ usage();
+ System.exit(1);
+ } else {
+ // Non-switch argument... probably the cipher spec
+ break;
+ }
+ }
+
+ String cipherSpec;
+ if(argindex < args.length) {
+ cipherSpec = args[argindex];
+ } else {
+ cipherSpec = "DEFAULT";
+ }
+ Set<Cipher> ciphers = parse(cipherSpec);
+ boolean first = true;
+ if(null != ciphers && 0 < ciphers.size()) {
+ for(Cipher cipher : ciphers)
+ {
+ if(first) {
+ first = false;
+ } else {
+ if(!verbose)
+ System.out.print(',');
+ }
+ if(useOpenSSLNames)
+ System.out.print(cipher.getOpenSSLAlias());
+ else
+ System.out.print(cipher.name());
+ if(verbose) {
+ System.out.println("\t" + cipher.getProtocol() + "\tKx=" +
cipher.getKx() + "\tAu=" + cipher.getAu() + "\tEnc=" + cipher.getEnc() +
"\tMac=" + cipher.getMac());
+ }
+ }
+ System.out.println();
+ } else {
+ System.out.println("No ciphers match '" + cipherSpec + "'");
+ }
+ }
}
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
