From 46aa62b2d3deaa0633cd93eb6946146329fd14f2 Mon Sep 17 00:00:00 2001 From: Attila Molnar Date: Tue, 27 Jan 2015 16:52:21 +0100 Subject: m_ssl_gnutls, m_ssl_openssl Extract code that builds a ciphersuite string into a method --- src/modules/extra/m_ssl_gnutls.cpp | 14 +++++++++----- src/modules/extra/m_ssl_openssl.cpp | 9 ++++++++- 2 files changed, 17 insertions(+), 6 deletions(-) (limited to 'src') diff --git a/src/modules/extra/m_ssl_gnutls.cpp b/src/modules/extra/m_ssl_gnutls.cpp index be642a79d..967cb2a8e 100644 --- a/src/modules/extra/m_ssl_gnutls.cpp +++ b/src/modules/extra/m_ssl_gnutls.cpp @@ -934,11 +934,8 @@ info_done_dealloc: if (sess) { std::string text = "*** You are connected using SSL cipher '"; - - text += UnknownIfNULL(gnutls_kx_get_name(gnutls_kx_get(sess))); - text.append("-").append(UnknownIfNULL(gnutls_cipher_get_name(gnutls_cipher_get(sess)))).append("-"); - text.append(UnknownIfNULL(gnutls_mac_get_name(gnutls_mac_get(sess)))).append("'"); - + GetCiphersuite(text); + text += '\''; if (!certificate->fingerprint.empty()) text += " and your SSL certificate fingerprint is " + certificate->fingerprint; @@ -946,6 +943,13 @@ info_done_dealloc: } } + void GetCiphersuite(std::string& out) const + { + out.append(UnknownIfNULL(gnutls_kx_get_name(gnutls_kx_get(sess)))).push_back('-'); + out.append(UnknownIfNULL(gnutls_cipher_get_name(gnutls_cipher_get(sess)))).push_back('-'); + out.append(UnknownIfNULL(gnutls_mac_get_name(gnutls_mac_get(sess)))); + } + GnuTLS::Profile* GetProfile() { return profile; } }; diff --git a/src/modules/extra/m_ssl_openssl.cpp b/src/modules/extra/m_ssl_openssl.cpp index b38478d6d..2b4562544 100644 --- a/src/modules/extra/m_ssl_openssl.cpp +++ b/src/modules/extra/m_ssl_openssl.cpp @@ -678,7 +678,9 @@ class OpenSSLIOHook : public SSLIOHook { if (sess) { - std::string text = "*** You are connected using SSL cipher '" + std::string(SSL_get_cipher(sess)) + "'"; + std::string text = "*** You are connected using SSL cipher '"; + GetCiphersuite(text); + text += '\''; const std::string& fingerprint = certificate->fingerprint; if (!fingerprint.empty()) text += " and your SSL certificate fingerprint is " + fingerprint; @@ -686,6 +688,11 @@ class OpenSSLIOHook : public SSLIOHook user->WriteNotice(text); } } + + void GetCiphersuite(std::string& out) const + { + out.append(SSL_get_cipher(sess)); + } }; static void StaticSSLInfoCallback(const SSL* ssl, int where, int rc) -- cgit v1.2.3 From be692fc3af2dde60c4e6a665fe21092875b3ae5c Mon Sep 17 00:00:00 2001 From: Attila Molnar Date: Tue, 27 Jan 2015 16:55:28 +0100 Subject: m_ssl_gnutls, m_ssl_openssl Prepend TLS protocol version to ciphersuite string --- src/modules/extra/m_ssl_gnutls.cpp | 1 + src/modules/extra/m_ssl_openssl.cpp | 1 + 2 files changed, 2 insertions(+) (limited to 'src') diff --git a/src/modules/extra/m_ssl_gnutls.cpp b/src/modules/extra/m_ssl_gnutls.cpp index 967cb2a8e..e4c3128f5 100644 --- a/src/modules/extra/m_ssl_gnutls.cpp +++ b/src/modules/extra/m_ssl_gnutls.cpp @@ -945,6 +945,7 @@ info_done_dealloc: void GetCiphersuite(std::string& out) const { + out.append(UnknownIfNULL(gnutls_protocol_get_name(gnutls_protocol_get_version(sess)))).push_back('-'); out.append(UnknownIfNULL(gnutls_kx_get_name(gnutls_kx_get(sess)))).push_back('-'); out.append(UnknownIfNULL(gnutls_cipher_get_name(gnutls_cipher_get(sess)))).push_back('-'); out.append(UnknownIfNULL(gnutls_mac_get_name(gnutls_mac_get(sess)))); diff --git a/src/modules/extra/m_ssl_openssl.cpp b/src/modules/extra/m_ssl_openssl.cpp index 2b4562544..c1a3bf41a 100644 --- a/src/modules/extra/m_ssl_openssl.cpp +++ b/src/modules/extra/m_ssl_openssl.cpp @@ -691,6 +691,7 @@ class OpenSSLIOHook : public SSLIOHook void GetCiphersuite(std::string& out) const { + out.append(SSL_get_version(sess)).push_back('-'); out.append(SSL_get_cipher(sess)); } }; -- cgit v1.2.3