aboutsummaryrefslogtreecommitdiff
path: root/lib/vtls
diff options
context:
space:
mode:
authorAlessandro Ghedini <alessandro@ghedini.me>2015-03-09 23:52:16 +0100
committerDaniel Stenberg <daniel@haxx.se>2015-03-10 15:18:14 +0100
commit3a757fddbbcd41186a516583ded7aeda1457a802 (patch)
tree6420e8753aba771ad5453f9a794b2bdc7584940e /lib/vtls
parentd9973eaeb8942cdffb790d4e523f5b809d1a1014 (diff)
gtls: print negotiated TLS version and full cipher suite name
Instead of priting cipher and MAC algorithms names separately, print the whole cipher suite string which also includes the key exchange algorithm, along with the negotiated TLS version.
Diffstat (limited to 'lib/vtls')
-rw-r--r--lib/vtls/gtls.c19
1 files changed, 10 insertions, 9 deletions
diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c
index d956fada8..2cc6ac410 100644
--- a/lib/vtls/gtls.c
+++ b/lib/vtls/gtls.c
@@ -797,6 +797,16 @@ gtls_connect_step3(struct connectdata *conn,
#endif
CURLcode result = CURLE_OK;
+ gnutls_protocol_t version = gnutls_protocol_get_version(session);
+
+ /* the name of the cipher suite used, e.g. ECDHE_RSA_AES_256_GCM_SHA384. */
+ ptr = gnutls_cipher_suite_get_name(gnutls_kx_get(session),
+ gnutls_cipher_get(session),
+ gnutls_mac_get(session));
+
+ infof(data, "SSL connection using %s / %s\n",
+ gnutls_protocol_get_name(version), ptr);
+
/* This function will return the peer's raw certificate (chain) as sent by
the peer. These certificates are in raw format (DER encoded for
X.509). In case of a X.509 then a certificate list may be present. The
@@ -1036,7 +1046,6 @@ gtls_connect_step3(struct connectdata *conn,
/* Show:
- - ciphers used
- subject
- start date
- expire date
@@ -1076,14 +1085,6 @@ gtls_connect_step3(struct connectdata *conn,
/* the *_get_name() says "NULL" if GNUTLS_COMP_NULL is returned */
infof(data, "\t compression: %s\n", ptr);
- /* the name of the cipher used. ie 3DES. */
- ptr = gnutls_cipher_get_name(gnutls_cipher_get(session));
- infof(data, "\t cipher: %s\n", ptr);
-
- /* the MAC algorithms name. ie SHA1 */
- ptr = gnutls_mac_get_name(gnutls_mac_get(session));
- infof(data, "\t MAC: %s\n", ptr);
-
#ifdef HAS_ALPN
if(data->set.ssl_enable_alpn) {
rc = gnutls_alpn_get_selected_protocol(session, &proto);