ssl_test.py

ssl_test.py

'''
From: http://superuser.com/a/224263
'''

import commands

def get_ciphers():
    ciphers = commands.getoutput("openssl ciphers 'ALL:eNULL'").strip()
    return ciphers.split(':')

def main(server):
    results = {}
    for c in get_ciphers():
        out = commands.getoutput('echo -n | openssl s_client -cipher "%s" -connect %s 2>&1' % (c, server))
        if "Cipher is" in out:
            results[c] = True
        elif ":error:" in out:
            results[c] = False
        else:
            raise ValueError("got unknown response for cipher %r: %r" % (c, out))

    return results

if __name__ == "__main__":
    import sys
    sys.argv.pop(0)
    if not sys.argv:
        print "need ip or ip:port argument"
        sys.exit(1)
    server = sys.argv.pop(0)
    if ":" not in server:
        server = "%s:443" % server

    results = main(server)
    supported = sorted(c for (c,v) in results.items() if v)
    unsupported = sorted(c for (c,v) in results.items() if not v)

    print "\n== Supported ==\n"
    print "\n".join(supported)
    print "\n== Unsupported ==\n"
    print "\n".join(unsupported)