Report SSL/TLS cipher, in verbose mode.

(socket.c cherry-pick from master)
author: Matthias Andree <matthias.andree@gmx.de> 2013-08-12 22:02:40 +0200
committer: Matthias Andree <matthias.andree@gmx.de> 2015-01-16 21:31:35 +0100
commit: f7b12150ce515fe1facdf3b231a05e81ff4f497c (patch)
tree: 5698a85277f94231acc79a13de3228a66ac01e8a /socket.c
parent: 22186378cac17cbf44339c791bccdae17b1c63d5 (diff)
download: fetchmail-f7b12150ce515fe1facdf3b231a05e81ff4f497c.tar.gz
fetchmail-f7b12150ce515fe1facdf3b231a05e81ff4f497c.tar.bz2
fetchmail-f7b12150ce515fe1facdf3b231a05e81ff4f497c.zip
1 files changed, 14 insertions, 0 deletions
diff --git a/socket.c b/socket.c
index 732ae054..87f14486 100644
--- a/socket.c
+++ b/socket.c
@@ -1022,6 +1022,20 @@ int SSLOpen(int sock, char *mycert, char *mykey, const char *myproto, int certck
 		return(-1);
 	}
 
+	if (outlevel >= O_VERBOSE) {
+	    SSL_CIPHER const *sc;
+	    int bitsmax, bitsused;
+
+	    sc = SSL_get_current_cipher(_ssl_context[sock]);
+	    if (!sc) {
+		report (stderr, GT_("Cannot obtain current SSL/TLS cipher - no session established?\n"));
+	    } else {
+		bitsused = SSL_CIPHER_get_bits(sc, &bitsmax);
+		report(stdout, GT_("SSL/TLS: using cipher %s, %d/%d secret/processed bits\n"),
+			SSL_CIPHER_get_name(sc), bitsused, bitsmax);
+	    }
+	}
+
 	/* Paranoia: was the callback not called as we expected? */
 	if (!_depth0ck) {
 		report(stderr, GT_("Certificate/fingerprint verification was somehow skipped!\n"));
author	Matthias Andree <matthias.andree@gmx.de>	2013-08-12 22:02:40 +0200
committer	Matthias Andree <matthias.andree@gmx.de>	2015-01-16 21:31:35 +0100
commit	f7b12150ce515fe1facdf3b231a05e81ff4f497c (patch)
tree	5698a85277f94231acc79a13de3228a66ac01e8a /socket.c
parent	22186378cac17cbf44339c791bccdae17b1c63d5 (diff)
download	fetchmail-f7b12150ce515fe1facdf3b231a05e81ff4f497c.tar.gz fetchmail-f7b12150ce515fe1facdf3b231a05e81ff4f497c.tar.bz2 fetchmail-f7b12150ce515fe1facdf3b231a05e81ff4f497c.zip