diff options
author | Matthias Andree <matthias.andree@gmx.de> | 2013-08-12 22:02:40 +0200 |
---|---|---|
committer | Matthias Andree <matthias.andree@gmx.de> | 2015-01-16 21:31:35 +0100 |
commit | f7b12150ce515fe1facdf3b231a05e81ff4f497c (patch) | |
tree | 5698a85277f94231acc79a13de3228a66ac01e8a | |
parent | 22186378cac17cbf44339c791bccdae17b1c63d5 (diff) | |
download | fetchmail-f7b12150ce515fe1facdf3b231a05e81ff4f497c.tar.gz fetchmail-f7b12150ce515fe1facdf3b231a05e81ff4f497c.tar.bz2 fetchmail-f7b12150ce515fe1facdf3b231a05e81ff4f497c.zip |
Report SSL/TLS cipher, in verbose mode.
(socket.c cherry-pick from master)
-rw-r--r-- | socket.c | 14 |
1 files changed, 14 insertions, 0 deletions
@@ -1022,6 +1022,20 @@ int SSLOpen(int sock, char *mycert, char *mykey, const char *myproto, int certck return(-1); } + if (outlevel >= O_VERBOSE) { + SSL_CIPHER const *sc; + int bitsmax, bitsused; + + sc = SSL_get_current_cipher(_ssl_context[sock]); + if (!sc) { + report (stderr, GT_("Cannot obtain current SSL/TLS cipher - no session established?\n")); + } else { + bitsused = SSL_CIPHER_get_bits(sc, &bitsmax); + report(stdout, GT_("SSL/TLS: using cipher %s, %d/%d secret/processed bits\n"), + SSL_CIPHER_get_name(sc), bitsused, bitsmax); + } + } + /* Paranoia: was the callback not called as we expected? */ if (!_depth0ck) { report(stderr, GT_("Certificate/fingerprint verification was somehow skipped!\n")); |