aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMatthias Andree <matthias.andree@gmx.de>2013-08-12 22:02:40 +0200
committerMatthias Andree <matthias.andree@gmx.de>2015-01-16 21:31:35 +0100
commitf7b12150ce515fe1facdf3b231a05e81ff4f497c (patch)
tree5698a85277f94231acc79a13de3228a66ac01e8a
parent22186378cac17cbf44339c791bccdae17b1c63d5 (diff)
downloadfetchmail-f7b12150ce515fe1facdf3b231a05e81ff4f497c.tar.gz
fetchmail-f7b12150ce515fe1facdf3b231a05e81ff4f497c.tar.bz2
fetchmail-f7b12150ce515fe1facdf3b231a05e81ff4f497c.zip
Report SSL/TLS cipher, in verbose mode.
(socket.c cherry-pick from master)
-rw-r--r--socket.c14
1 files changed, 14 insertions, 0 deletions
diff --git a/socket.c b/socket.c
index 732ae054..87f14486 100644
--- a/socket.c
+++ b/socket.c
@@ -1022,6 +1022,20 @@ int SSLOpen(int sock, char *mycert, char *mykey, const char *myproto, int certck
return(-1);
}
+ if (outlevel >= O_VERBOSE) {
+ SSL_CIPHER const *sc;
+ int bitsmax, bitsused;
+
+ sc = SSL_get_current_cipher(_ssl_context[sock]);
+ if (!sc) {
+ report (stderr, GT_("Cannot obtain current SSL/TLS cipher - no session established?\n"));
+ } else {
+ bitsused = SSL_CIPHER_get_bits(sc, &bitsmax);
+ report(stdout, GT_("SSL/TLS: using cipher %s, %d/%d secret/processed bits\n"),
+ SSL_CIPHER_get_name(sc), bitsused, bitsmax);
+ }
+ }
+
/* Paranoia: was the callback not called as we expected? */
if (!_depth0ck) {
report(stderr, GT_("Certificate/fingerprint verification was somehow skipped!\n"));