aboutsummaryrefslogtreecommitdiff
path: root/lib/vtls
diff options
context:
space:
mode:
authorDaniel Stenberg <daniel@haxx.se>2014-12-22 14:09:46 +0100
committerDaniel Stenberg <daniel@haxx.se>2014-12-22 14:21:17 +0100
commit6dae79882405d9a7a2e7641649fbcc20b39a2a1a (patch)
tree579655644dd742fd4daaf6d2de7b15176dee45b6 /lib/vtls
parent577286e0e246c93239726a278cc1cb582b4d19ae (diff)
openssl: fix SSL/TLS versions in verbose output
Diffstat (limited to 'lib/vtls')
-rw-r--r--lib/vtls/openssl.c41
1 files changed, 32 insertions, 9 deletions
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index b768d6fbf..4df5a7a2e 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -1381,20 +1381,43 @@ static void ssl_tls_trace(int direction, int ssl_ver, int content_type,
struct SessionHandle *data;
const char *msg_name, *tls_rt_name;
char ssl_buf[1024];
- int ver, msg_type, txt_len;
+ char unknown[32];
+ int msg_type, txt_len;
+ const char *verstr;
if(!conn || !conn->data || !conn->data->set.fdebug ||
(direction != 0 && direction != 1))
return;
data = conn->data;
- ssl_ver >>= 8;
-#ifdef SSL2_VERSION_MAJOR
- ver = (ssl_ver == SSL2_VERSION_MAJOR ? '2' :
- ssl_ver == SSL3_VERSION_MAJOR ? '3' : '?');
-#else
- ver = ssl_ver == SSL3_VERSION_MAJOR ? '3' : '?';
+
+ switch(ssl_ver) {
+#ifdef SSL2_VERSION_MAJOR /* removed in recent versions */
+ case SSL2_VERSION_MAJOR:
+ verstr = "SSLv2";
+ break;
#endif
+#ifdef SSL3_VERSION
+ case SSL3_VERSION:
+ verstr = "SSLv3";
+ break;
+#endif
+ case TLS1_VERSION:
+ verstr = "TLSv1.0";
+ break;
+ case TLS1_1_VERSION:
+ verstr = "TLSv1.1";
+ break;
+ case TLS1_2_VERSION:
+ verstr = "TLSv1.2";
+ break;
+ default:
+ snprintf(unknown, sizeof(unknown), "(%x)", ssl_ver);
+ verstr = unknown;
+ break;
+ }
+
+ ssl_ver >>= 8; /* check the upper 8 bits only below */
/* SSLv2 doesn't seem to have TLS record-type headers, so OpenSSL
* always pass-up content-type as 0. But the interesting message-type
@@ -1408,8 +1431,8 @@ static void ssl_tls_trace(int direction, int ssl_ver, int content_type,
msg_type = *(char*)buf;
msg_name = ssl_msg_type(ssl_ver, msg_type);
- txt_len = snprintf(ssl_buf, sizeof(ssl_buf), "SSLv%c, %s%s (%d):\n",
- ver, tls_rt_name, msg_name, msg_type);
+ txt_len = snprintf(ssl_buf, sizeof(ssl_buf), "%s, %s%s (%d):\n",
+ verstr, tls_rt_name, msg_name, msg_type);
Curl_debug(data, CURLINFO_TEXT, ssl_buf, (size_t)txt_len, NULL);
Curl_debug(data, (direction == 1) ? CURLINFO_SSL_DATA_OUT :