From f70b6f55f974c0f242fa915fbf660eae6d98615e Mon Sep 17 00:00:00 2001 From: Aaron Jones Date: Sat, 20 Aug 2016 04:08:30 +0100 Subject: [PATCH] TLS Backends: Harmomise the rb_ssl_get_cipher() function The GNUTLS backend reports the version in use for the client as well as its ciphersuite -- do the same for the other 2 backends. --- libratbox/src/mbedtls.c | 14 +++++++++++--- libratbox/src/openssl.c | 12 +++++++----- 2 files changed, 18 insertions(+), 8 deletions(-) diff --git a/libratbox/src/mbedtls.c b/libratbox/src/mbedtls.c index 0974eef8..a7a71cdb 100644 --- a/libratbox/src/mbedtls.c +++ b/libratbox/src/mbedtls.c @@ -683,10 +683,11 @@ void rb_get_ssl_info(char *buf, size_t len) { char version_str[512]; + mbedtls_version_get_string(version_str); - rb_snprintf(buf, len, "ARM mbedTLS: compiled (v%s), library (v%s)", - MBEDTLS_VERSION_STRING, version_str); + (void) rb_snprintf(buf, len, "ARM mbedTLS: compiled (v%s), library (v%s)", + MBEDTLS_VERSION_STRING, version_str); } const char * @@ -695,7 +696,14 @@ rb_ssl_get_cipher(rb_fde_t *F) if(F == NULL || F->ssl == NULL || SSL_P(F) == NULL) return NULL; - return mbedtls_ssl_get_ciphersuite(SSL_P(F)); + static char buf[512]; + + const char *version = mbedtls_ssl_get_version(SSL_P(F)); + const char *cipher = mbedtls_ssl_get_ciphersuite(SSL_P(F)); + + (void) rb_snprintf(buf, sizeof buf, "%s, %s", version, cipher); + + return buf; } #endif /* HAVE_MBEDTLS */ diff --git a/libratbox/src/openssl.c b/libratbox/src/openssl.c index 8d035032..34377495 100644 --- a/libratbox/src/openssl.c +++ b/libratbox/src/openssl.c @@ -828,15 +828,17 @@ rb_get_ssl_info(char *buf, size_t len) const char * rb_ssl_get_cipher(rb_fde_t *F) { - const SSL_CIPHER *sslciph; - if(F == NULL || F->ssl == NULL) return NULL; - if((sslciph = SSL_get_current_cipher(F->ssl)) == NULL) - return NULL; + static char buf[512]; - return SSL_CIPHER_get_name(sslciph); + const char *version = SSL_get_version(F->ssl); + const char *cipher = SSL_get_cipher_name(F->ssl); + + (void) rb_snprintf(buf, sizeof buf, "%s, %s", version, cipher); + + return buf; } #endif /* HAVE_OPESSL */