PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2026-01-05 22:19:03 +00:00
Code Issues Projects Releases Wiki Activity

Let --ssl-ciphers be used with ncat client mode

Browse Source
This commit is contained in:
dmiller
2017-01-23 14:18:43 +00:00
parent a134cc916e
commit eb0bb2506f
2 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGELOG
View File

@@ -1,5 +1,8 @@
# Nmap Changelog ($Id$); -*-text-*-
o [Ncat] Enable --ssl-ciphers to be used with Ncat in client mode, not only in
server (listen) mode. [Daniel Miller]
o [GH#649] New service probe and match lines for the JMON and RSE services of
IBM Explorer for z/OS. [Soldier of Fortran]

9
ncat/ncat_connect.c
View File

@@ -246,6 +246,15 @@ static void set_ssl_ctx_options(SSL_CTX *ctx)
if ((o.sslcert == NULL) != (o.sslkey == NULL))
bye("The --ssl-key and --ssl-cert options must be used together.");
}
if (o.sslciphers == NULL) {
if (!SSL_CTX_set_cipher_list(ctx, "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH"))
bye("Unable to set OpenSSL cipher list: %s", ERR_error_string(ERR_get_error(), NULL));
}
else {
printf("setting ciphers: %s\n", o.sslciphers);
if (!SSL_CTX_set_cipher_list(ctx, o.sslciphers))
bye("Unable to set OpenSSL cipher list: %s", ERR_error_string(ERR_get_error(), NULL));
}
}
#endif