security/tinc. list_ciphers compatibility with both libre and open ssl. closes https://github.com/opnsense/plugins/issues/1976

2026-05-22 18:44:07 -07:00 · 2020-08-15 14:48:10 +02:00
parent 7526053bfe
commit 6ec1883fa6
1 changed files with 9 additions and 5 deletions
@@ -34,11 +34,15 @@ import ujson
 response = dict()

 p = subprocess.run(['/usr/local/bin/openssl', 'enc', '-ciphers'], capture_output=True, text=True)
-for line in p.stdout.split("\n"):
-    if not line.startswith('Supported'):
-        for item in line.split():
-            if len(item) > 1:
-                response[item[1:]] = item[1:]
+ciphers_start = False
+for f in [p.stdout, p.stderr]:
+    for line in f.split("\n"):
+        if line.startswith('Supported ciphers:') or line.startswith('Valid ciphername values:'):
+            ciphers_start = True
+        elif ciphers_start:
+            for item in line.split():
+                if len(item) > 1:
+                    response[item[1:]] = item[1:]

 response["none"] = "None"
 # output generated keys