List or indicator of supported/usupported ciphers and hashes

[Jruuu]

I request OpenVPN sort the --show-tls --show-ciphers --show-digests lists under two headings, "Supported" and "Not supported" i.e:

openvpn --show-tls

Available TLS Ciphers,
listed in order of preference:

Supported TLS-Ciphers:

TLS-DHE-RSA-WITH-AES-256-CBC-SHA
TLS-DHE-DSS-WITH-AES-256-CBC-SHA

Not supported:

TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384
TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384
TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384
TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384
TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA
TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA
TLS-SRP-SHA-DSS-WITH-AES-256-CBC-SHA
TLS-SRP-SHA-RSA-WITH-AES-256-CBC-SHA
TLS-DHE-DSS-WITH-AES-256-GCM-SHA384
TLS-DHE-RSA-WITH-AES-256-GCM-SHA384
TLS-DHE-RSA-WITH-AES-256-CBC-SHA256
TLS-DHE-DSS-WITH-AES-256-CBC-SHA256

...or to add (supported) or (not supported) beside each value:

Available TLS Ciphers,
listed in order of preference:

TLS-DHE-RSA-WITH-AES-256-CBC-SHA (supported)
TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384 (not supported)

I find it very frustrating since none of the OpenVPN documentation covers which ciphers/digests are supported or not. Printing the --show options will not tell you either, giving the user the false impression that all of the items listed are supported because they are showing up in the list, and no way of telling which works and which does not.

Thanks for reading.

[oozlefinch]

Thank you! I found this extremely useful