curl-library
[PATCH] Add an info message with the SSL/TLS version being used
From: <byte.bucket_at_4a44.com>
Date: Fri, 7 Feb 2014 12:05:55 -0500
Date: Fri, 7 Feb 2014 12:05:55 -0500
A patch to provide an info massage with the SSL/TLS version being used
(openssl only).
---
lib/vtls/openssl.c | 29 +++++++++++++++++++++++++++++
1 files changed, 29 insertions(+), 0 deletions(-)
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 2f9f8a0..468a336 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -20,6 +20,7 @@
*
***************************************************************************/
+
/*
* Source file for all OpenSSL-specific code for the TLS/SSL layer. No
code
* but vtls.c should ever call or use these functions.
@@ -1445,6 +1446,31 @@ select_next_proto_cb(SSL *ssl,
}
#endif
+
+static const char *
+get_ssl_version_txt(SSL_SESSION *session)
+{
+ if(NULL == session)
+ return "";
+
+ switch(session->ssl_version)
+ {
+#if OPENSSL_VERSION_NUMBER >= 0x1000100FL
+ case TLS1_2_VERSION:
+ return "TLSv1.2";
+ case TLS1_1_VERSION:
+ return "TLSv1.1";
+#endif
+ case TLS1_VERSION:
+ return "TLSv1.0";
+ case SSL3_VERSION:
+ return "SSLv3";
+ case SSL2_VERSION:
+ return "SSLv2";
+ }
+ return "unknown";
+}
+
static CURLcode
ossl_connect_step1(struct connectdata *conn,
int sockindex)
@@ -1957,6 +1983,9 @@ ossl_connect_step2(struct connectdata *conn, int
sockindex)
connssl->connecting_state = ssl_connect_3;
/* Informational message */
+ infof(data, "SSL protocol: %s\n",
+ get_ssl_version_txt(SSL_get_session(connssl->handle))); +
infof (data, "SSL connection using %s\n",
SSL_get_cipher(connssl->handle));
--
1.8.4.3
--
byte_bucket
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2014-02-07