kenmirrors
/
freeswitch
mirror of https://github.com/signalwire/freeswitch.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Show TLS cipher suite selected in sofia debug 

This shows the cipher name, TLS version, the number of cipher bits and
algorithm bits, and a description of the cipher in Sofia's debug
logging output on level 9.
This commit is contained in:
Travis Cross 2014-02-28 20:28:33 +00:00
parent 8862fbc3a1
commit d5760e0d6a
1 changed files with 19 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
libs/sofia-sip/libsofia-sip-ua/tport/tport_tls.c
View File

@ -542,11 +542,30 @@ su_inline
int tls_post_connection_check(tport_t *self, tls_t *tls) int tls_post_connection_check(tport_t *self, tls_t *tls)
{ {
X509 *cert; X509 *cert;
const SSL_CIPHER *cipher;
char cipher_description[256];
int cipher_bits, alg_bits;
int extcount; int extcount;
int i, j, error; int i, j, error;
if (!tls) return -1; if (!tls) return -1;
if (!(cipher = SSL_get_current_cipher(tls->con))) {
SU_DEBUG_7(("%s(%p): %s\n", __func__, (void*)self,
"OpenSSL failed to return an SSL_CIPHER object to us."));
return SSL_ERROR_SSL;
}
SU_DEBUG_9(("%s(%p): TLS cipher chosen (name): %s\n", __func__, (void*)self,
SSL_CIPHER_get_name(cipher)));
SU_DEBUG_9(("%s(%p): TLS cipher chosen (version): %s\n", __func__, (void*)self,
SSL_CIPHER_get_version(cipher)));
cipher_bits = SSL_CIPHER_get_bits(cipher, &alg_bits);
SU_DEBUG_9(("%s(%p): TLS cipher chosen (bits/alg_bits): %d/%d\n", __func__, (void*)self,
cipher_bits, alg_bits));
SSL_CIPHER_description(cipher, cipher_description, sizeof(cipher_description));
SU_DEBUG_9(("%s(%p): TLS cipher chosen (description): %s\n", __func__, (void*)self,
cipher_description));
cert = SSL_get_peer_certificate(tls->con); cert = SSL_get_peer_certificate(tls->con);
if (!cert) { if (!cert) {
SU_DEBUG_7(("%s(%p): Peer did not provide X.509 Certificate.\n", SU_DEBUG_7(("%s(%p): Peer did not provide X.509 Certificate.\n",