From f7b12150ce515fe1facdf3b231a05e81ff4f497c Mon Sep 17 00:00:00 2001
From: Matthias Andree <matthias.andree@gmx.de>
Date: Mon, 12 Aug 2013 22:02:40 +0200
Subject: Report SSL/TLS cipher, in verbose mode.

(socket.c cherry-pick from master)
---
 socket.c | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/socket.c b/socket.c
index 732ae054..87f14486 100644
--- a/socket.c
+++ b/socket.c
@@ -1022,6 +1022,20 @@ int SSLOpen(int sock, char *mycert, char *mykey, const char *myproto, int certck
 		return(-1);
 	}
 
+	if (outlevel >= O_VERBOSE) {
+	    SSL_CIPHER const *sc;
+	    int bitsmax, bitsused;
+
+	    sc = SSL_get_current_cipher(_ssl_context[sock]);
+	    if (!sc) {
+		report (stderr, GT_("Cannot obtain current SSL/TLS cipher - no session established?\n"));
+	    } else {
+		bitsused = SSL_CIPHER_get_bits(sc, &bitsmax);
+		report(stdout, GT_("SSL/TLS: using cipher %s, %d/%d secret/processed bits\n"),
+			SSL_CIPHER_get_name(sc), bitsused, bitsmax);
+	    }
+	}
+
 	/* Paranoia: was the callback not called as we expected? */
 	if (!_depth0ck) {
 		report(stderr, GT_("Certificate/fingerprint verification was somehow skipped!\n"));
-- 
cgit v1.2.3