NegotiationHistory.cc
Go to the documentation of this file.
1 /*
2  * Copyright (C) 1996-2020 The Squid Software Foundation and contributors
3  *
4  * Squid software is distributed under GPLv2+ license and includes
5  * contributions from numerous individuals and organizations.
6  * Please see the COPYING and CONTRIBUTORS files for details.
7  */
8 
9 #include "squid.h"
10 #include "MemBuf.h"
12 #include "SquidConfig.h"
13 #if USE_OPENSSL
14 #include "ssl/bio.h"
15 #include "ssl/support.h"
16 #endif
17 
19 #if USE_OPENSSL
20  : cipher(nullptr)
21 #endif
22 {
23 }
24 
25 const char *
27 {
28  if (!TlsFamilyProtocol(v))
29  return nullptr;
30 
31  static char buf[512];
32  snprintf(buf, sizeof(buf), "%s/%d.%d", AnyP::ProtocolType_str[v.protocol], v.major, v.minor);
33  return buf;
34 }
35 
36 #if USE_OPENSSL
38 toProtocolVersion(const int v)
39 {
40  switch(v) {
41 #if defined(TLS1_2_VERSION)
42  case TLS1_2_VERSION:
44 #endif
45 #if defined(TLS1_1_VERSION)
46  case TLS1_1_VERSION:
48 #endif
49 #if defined(TLS1_VERSION)
50  case TLS1_VERSION:
52 #endif
53 #if defined(SSL3_VERSION)
54  case SSL3_VERSION:
56 #endif
57 #if defined(SSL2_VERSION)
58  case SSL2_VERSION:
60 #endif
61  default:
62  return AnyP::ProtocolVersion();
63  }
64 }
65 #endif
66 
67 void
69 {
70 #if USE_OPENSSL
71  if ((cipher = SSL_get_current_cipher(session.get()))) {
72  // Set the negotiated version only if the cipher negotiated
73  // else probably the negotiation is not completed and version
74  // is not the final negotiated version
75  version_ = toProtocolVersion(SSL_version(session.get()));
76  }
77 
78  if (Debug::Enabled(83, 5)) {
79  BIO *b = SSL_get_rbio(session.get());
80  Ssl::Bio *bio = static_cast<Ssl::Bio *>(BIO_get_data(b));
81  debugs(83, 5, "SSL connection info on FD " << bio->fd() <<
82  " SSL version " << version_ <<
83  " negotiated cipher " << cipherName());
84  }
85 #endif
86 }
87 
88 void
90 {
91  if (details) {
92  helloVersion_ = details->tlsVersion;
93  supportedVersion_ = details->tlsSupportedVersion;
94  }
95 }
96 
97 const char *
99 {
100 #if USE_OPENSSL
101  if (!cipher)
102  return nullptr;
103 
104  return SSL_CIPHER_get_name(cipher);
105 #else
106  return nullptr;
107 #endif
108 }
109 
unsigned int major
major version number
AnyP::ProtocolVersion tlsVersion
The TLS hello message version.
Definition: Handshake.h:31
@ PROTO_SSL
Definition: ProtocolType.h:41
AnyP::ProtocolVersion ProtocolVersion()
Protocol version to use in Http::Message structures wrapping FTP messages.
Definition: Elements.cc:24
void retrieveParsedInfo(Security::TlsDetails::Pointer const &details)
Extract information from parser stored in TlsDetails object.
bool TlsFamilyProtocol(const AnyP::ProtocolVersion &version)
whether the given protocol belongs to the TLS/SSL group of protocols
Definition: Handshake.h:136
unsigned int minor
minor version number
const char * ProtocolType_str[]
const char * printTlsVersion(AnyP::ProtocolVersion const &v) const
String representation of the TLS version 'v'.
const char * cipherName() const
void * BIO_get_data(BIO *table)
Definition: openssl.h:60
ProtocolType protocol
which protocol this version is for
static bool Enabled(const int section, const int level)
whether debugging the given section and the given level produces output
Definition: Debug.h:75
void retrieveNegotiatedInfo(const Security::SessionPointer &)
Extract negotiation information from TLS object.
@ PROTO_TLS
Definition: ProtocolType.h:40
#define debugs(SECTION, LEVEL, CONTENT)
Definition: Debug.h:128
static AnyP::ProtocolVersion toProtocolVersion(const int v)
BIO source and sink node, handling socket I/O and monitoring SSL state.
Definition: bio.h:33
std::shared_ptr< SSL > SessionPointer
Definition: Session.h:44
AnyP::ProtocolVersion tlsSupportedVersion
Definition: Handshake.h:35
void const char * buf
Definition: stub_helper.cc:16

 

Introduction

Documentation

Support

Miscellaneous

Web Site Translations

Mirrors