X-Git-Url: https://git.ralfj.de/tls-check.git/blobdiff_plain/936487652a78a7504696b44baedc23a6f5026cc3..f62947bdba33b8bb9d99bbf0654e7e72fe6dfeba:/ssl-check?ds=inline diff --git a/ssl-check b/ssl-check index ae3d26f..63d156a 100755 --- a/ssl-check +++ b/ssl-check @@ -1,5 +1,5 @@ #!/usr/bin/python3 -import subprocess, sys +import subprocess, sys, argparse from collections import OrderedDict from enum import Enum @@ -76,4 +76,36 @@ def test_host(host, port, options=[]): finish_progress() return results -print(test_host('ralfj.de', 443)) +if __name__ == "__main__": + parser = argparse.ArgumentParser(description='Check SSL ciphers supported by a host') + parser.add_argument("--starttls", dest="starttls", + help="Use a STARTTLS variant to establish the TLS connection. Possible values include smpt, imap, xmpp.") + parser.add_argument("host", metavar='HOST[:PORT]', + help="The host to check") + args = parser.parse_args() + + # get host, port + if ':' in args.host: + host, port = args.host.split(':') + else: + host = args.host + port = 443 + + # get options + options = [] + if args.starttls is not None: + options += ['-starttls', args.starttls] + + # run the test + results = test_host(host, port, options) + + # print the results + for protocol, ciphers in results.items(): + print(protocol+":") + if ciphers is None: + print(" Is not supported by client or server") + else: + for cipher, supported in ciphers.items(): + if supported: + print(" "+cipher) + print()