* @param out String where the ciphersuite string will be appended to
*/
virtual void GetCiphersuite(std::string& out) const = 0;
+
+
+ /** Retrieves the name of the SSL connection which is sent via SNI.
+ * @param out String that the server name will be appended to.
+ * returns True if the server name was retrieved; otherwise, false.
+ */
+ virtual bool GetServerName(std::string& out) const = 0;
};
/** Helper functions for obtaining SSL client certificates and key fingerprints
out.append(UnknownIfNULL(gnutls_mac_get_name(gnutls_mac_get(sess))));
}
+ bool GetServerName(std::string& out) const CXX11_OVERRIDE
+ {
+ std::vector<char> nameBuffer;
+ size_t nameLength = 0;
+ unsigned int nameType = GNUTLS_NAME_DNS;
+
+ // First, determine the size of the hostname.
+ if (gnutls_server_name_get(sess, &nameBuffer[0], &nameLength, &nameType, 0) != GNUTLS_E_SHORT_MEMORY_BUFFER)
+ return false;
+
+ // Then retrieve the hostname.
+ nameBuffer.resize(nameLength);
+ if (gnutls_server_name_get(sess, &nameBuffer[0], &nameLength, &nameType, 0) != GNUTLS_E_SUCCESS)
+ return false;
+
+ out.append(&nameBuffer[0]);
+ return true;
+ }
+
GnuTLS::Profile* GetProfile() { return profile; }
bool IsHandshakeDone() const { return (status == ISSL_HANDSHAKEN); }
};
out.append(SSL_get_cipher(sess));
}
+ bool GetServerName(std::string& out) const CXX11_OVERRIDE
+ {
+ const char* name = SSL_get_servername(sess, TLSEXT_NAMETYPE_host_name);
+ if (!name)
+ return false;
+
+ out.append(name);
+ return true;
+ }
+
bool IsHandshakeDone() const { return (status == ISSL_OPEN); }
};
ssl_cert* const cert = ssliohook->GetCertificate();
{
- std::string text = "*** You are connected using SSL cipher '";
+ std::string text = "*** You are connected to ";
+ if (!ssliohook->GetServerName(text))
+ text.append(ServerInstance->Config->ServerName);
+ text.append(" using SSL cipher '");
ssliohook->GetCiphersuite(text);
text.push_back('\'');
if ((cert) && (!cert->GetFingerprint().empty()))
projects / user / henk / code / inspircd.git / commitdiff