libratbox: implement rb_get_ssl_cipher()

libratbox/include/rb_commio.h

@@ -186,4 +186,6 @@ void rb_ssl_clear_handshake_count(rb_fde_t *F);
 int rb_pass_fd_to_process(rb_fde_t *, pid_t, rb_fde_t *);
 rb_fde_t *rb_recv_fd(rb_fde_t *);
 
+const char *rb_ssl_get_cipher(rb_fde_t *F);
+
 #endif /* INCLUDED_commio_h */

libratbox/src/export-syms.txt

@@ -153,3 +153,4 @@ rb_getpid
 rb_waitpid
 rb_basename
 rb_dirname
+rb_ssl_get_cipher

libratbox/src/gnutls.c

@@ -632,5 +632,18 @@ rb_get_ssl_info(char *buf, size_t len)
 		    LIBGNUTLS_VERSION, gnutls_check_version(NULL));
 }
 
+const char *
+rb_ssl_get_cipher(rb_fde_t *F)
+{
+	static char buf[1024];
+
+	rb_snprintf(buf, sizeof(buf), "%s-%s-%s-%s",
+		gnutls_protocol_get_name(gnutls_protocol_get_version(SSL_P(F))),
+		gnutls_kx_get_name(gnutls_kx_get(SSL_P(F))),
+		gnutls_cipher_get_name(gnutls_cipher_get(SSL_P(F))),
+		gnutls_mac_get_name(gnutls_mac_get(SSL_P(F))));
+
+	return buf;
+}
 
 #endif /* HAVE_GNUTLS */

libratbox/src/mbedtls.c

@@ -595,5 +595,12 @@ rb_get_ssl_info(char *buf, size_t len)
 		    MBEDTLS_VERSION_STRING, version_str);
 }
 
+const char *
+rb_ssl_get_cipher(rb_fde_t *F)
+{
+	if(F == NULL || F->ssl == NULL)
+		return NULL;
+	return mbedtls_ssl_get_ciphersuite(SSL_P(F));
+}
 
 #endif /* HAVE_GNUTLS */

libratbox/src/openssl.c

@@ -745,5 +745,18 @@ rb_get_ssl_info(char *buf, size_t len)
 		    (long)OPENSSL_VERSION_NUMBER, SSLeay());
 }
 
+const char *
+rb_ssl_get_cipher(rb_fde_t *F)
+{
+	const SSL_CIPHER *sslciph;
+
+	if(F == NULL || F->ssl == NULL)
+		return NULL;
+
+	if((sslciph = SSL_get_current_cipher(F->ssl)) == NULL)
+		return NULL;
+
+	return SSL_CIPHER_get_name(sslciph);
+}
 
 #endif /* HAVE_OPESSL */