diff options
| author | Koichiro IWAO <meta@vmeta.jp> | 2016-09-09 15:42:04 +0900 |
|---|---|---|
| committer | Koichiro IWAO <meta@vmeta.jp> | 2016-11-22 10:50:30 +0900 |
| commit | 40e8194122ea914be0679b8c21f2d4aa30b47b96 (patch) | |
| tree | 0184c9e2d4544ad93ddda9bcd26c928ed716cca9 /common | |
| parent | a59645d3c5bb143764bab538fa83a8483a2157d8 (diff) | |
| download | xrdp-proprietary-40e8194122ea914be0679b8c21f2d4aa30b47b96.tar.gz xrdp-proprietary-40e8194122ea914be0679b8c21f2d4aa30b47b96.zip | |
TLS: log TLS version and cipher
Diffstat (limited to 'common')
| -rw-r--r-- | common/ssl_calls.c | 14 | ||||
| -rw-r--r-- | common/ssl_calls.h | 3 | ||||
| -rw-r--r-- | common/trans.c | 3 | ||||
| -rw-r--r-- | common/trans.h | 2 |
4 files changed, 22 insertions, 0 deletions
diff --git a/common/ssl_calls.c b/common/ssl_calls.c index 72ab5eb7..f20ea76c 100644 --- a/common/ssl_calls.c +++ b/common/ssl_calls.c @@ -891,3 +891,17 @@ ssl_tls_can_recv(struct ssl_tls *tls, int sck, int millis) return g_sck_can_recv(sck, millis); } + +/*****************************************************************************/ +const char* +ssl_get_version(const struct ssl_st *ssl) +{ + return SSL_get_version(ssl); +} + +/*****************************************************************************/ +const char* +ssl_get_cipher_name(const struct ssl_st *ssl) +{ + return SSL_get_cipher_name(ssl); +} diff --git a/common/ssl_calls.h b/common/ssl_calls.h index 1277505c..38eaeec2 100644 --- a/common/ssl_calls.h +++ b/common/ssl_calls.h @@ -109,4 +109,7 @@ ssl_tls_write(struct ssl_tls *tls, const char *data, int length); int APP_CC ssl_tls_can_recv(struct ssl_tls *tls, int sck, int millis); +const char *ssl_get_version(const struct ssl_st *ssl); +const char *ssl_get_cipher_name(const struct ssl_st *ssl); + #endif diff --git a/common/trans.c b/common/trans.c index 432b6334..4beaa56e 100644 --- a/common/trans.c +++ b/common/trans.c @@ -902,6 +902,9 @@ trans_set_tls_mode(struct trans *self, const char *key, const char *cert, self->trans_send = trans_tls_send; self->trans_can_recv = trans_tls_can_recv; + self->ssl_protocol = ssl_get_version(self->tls->ssl); + self->cipher_name = ssl_get_cipher_name(self->tls->ssl); + return 0; } diff --git a/common/trans.h b/common/trans.h index 39fba5c0..73c6d591 100644 --- a/common/trans.h +++ b/common/trans.h @@ -79,6 +79,8 @@ struct trans int no_stream_init_on_data_in; int extra_flags; /* user defined */ struct ssl_tls *tls; + const char *ssl_protocol; /* e.g. TLSv1, TLSv1.1, TLSv1.2, unknown */ + const char *cipher_name; /* e.g. AES256-GCM-SHA384 */ trans_recv_proc trans_recv; trans_send_proc trans_send; trans_can_recv_proc trans_can_recv; |