X-Git-Url: http://review.tizen.org/git/?a=blobdiff_plain;f=cups%2Ftlscheck.c;h=c88e7d09150d89bacf557db0ed00fe4e45d07e9d;hb=HEAD;hp=fa8fdd540f146733b80257a63c0e20d51887ae2c;hpb=b721973fc2c04d3d610851033c52e3c94401e2de;p=platform%2Fupstream%2Fcups.git

diff --git a/cups/tlscheck.c b/cups/tlscheck.c
index fa8fdd5..c88e7d0 100644
--- a/cups/tlscheck.c
+++ b/cups/tlscheck.c
@@ -4,13 +4,7 @@
  * Copyright 2007-2017 by Apple Inc.
  * Copyright 1997-2006 by Easy Software Products.
  *
- * These coded instructions, statements, and computer programs are the
- * property of Apple Inc. and are protected by Federal copyright
- * law.  Distribution and use rights are outlined in the file "LICENSE.txt"
- * which should have been included with this file.  If this file is
- * missing or damaged, see the license at "http://www.cups.org/".
- *
- * This file is subject to the Apple OS-Developed Software exception.
+ * Licensed under Apache License v2.0.  See the file "LICENSE" for more information.
  */
 
 /*
@@ -43,6 +37,8 @@ main(int  argc,				/* I - Number of command-line arguments */
   http_t	*http;			/* HTTP connection */
   const char	*server = NULL;		/* Hostname from command-line */
   int		port = 0;		/* Port number */
+  cups_array_t	*creds;			/* Server credentials */
+  char		creds_str[2048];	/* Credentials string */
   const char	*cipherName = "UNKNOWN";/* Cipher suite name */
   int		dhBits = 0;		/* Diffie-Hellman bits */
   int		tlsVersion = 0;		/* TLS version number */
@@ -97,6 +93,21 @@ main(int  argc,				/* I - Number of command-line arguments */
       tls_min_version = _HTTP_TLS_1_0;
       tls_max_version = _HTTP_TLS_1_0;
     }
+    else if (!strcmp(argv[i], "--tls11"))
+    {
+      tls_min_version = _HTTP_TLS_1_1;
+      tls_max_version = _HTTP_TLS_1_1;
+    }
+    else if (!strcmp(argv[i], "--tls12"))
+    {
+      tls_min_version = _HTTP_TLS_1_2;
+      tls_max_version = _HTTP_TLS_1_2;
+    }
+    else if (!strcmp(argv[i], "--tls13"))
+    {
+      tls_min_version = _HTTP_TLS_1_3;
+      tls_max_version = _HTTP_TLS_1_3;
+    }
     else if (!strcmp(argv[i], "--rc4"))
     {
       tls_options |= _HTTP_TLS_ALLOW_RC4;
@@ -160,6 +171,16 @@ main(int  argc,				/* I - Number of command-line arguments */
     return (1);
   }
 
+  if (httpCopyCredentials(http, &creds))
+  {
+    strlcpy(creds_str, "Unable to get server X.509 credentials.", sizeof(creds_str));
+  }
+  else
+  {
+    httpCredentialsString(creds, creds_str, sizeof(creds_str));
+    httpFreeCredentials(creds);
+  }
+
 #ifdef __APPLE__
   SSLProtocol protocol;
   SSLCipherSuite cipher;
@@ -697,6 +718,8 @@ main(int  argc,				/* I - Number of command-line arguments */
   else
     printf("%s: OK (TLS: %d.%d, %s)\n", server, tlsVersion / 10, tlsVersion % 10, cipherName);
 
+  printf("    %s\n", creds_str);
+
   if (verbose)
   {
     httpAssembleURI(HTTP_URI_CODING_ALL, uri, sizeof(uri), "ipps", NULL, host, port, resource);
@@ -720,6 +743,7 @@ main(int  argc,				/* I - Number of command-line arguments */
     }
 
     ippDelete(response);
+    puts("");
   }
 
   httpClose(http);
@@ -744,6 +768,9 @@ usage(void)
   puts("  --no-tls10  Disable TLS/1.0");
   puts("  --rc4       Allow RC4 encryption");
   puts("  --tls10     Only use TLS/1.0");
+  puts("  --tls11     Only use TLS/1.1");
+  puts("  --tls12     Only use TLS/1.2");
+  puts("  --tls13     Only use TLS/1.3");
   puts("  --verbose   Be verbose");
   puts("  -4          Connect using IPv4 addresses only");
   puts("  -6          Connect using IPv6 addresses only");