NegotiationHistory.cc
Go to the documentation of this file.
1 /*
2  * Copyright (C) 1996-2017 The Squid Software Foundation and contributors
3  *
4  * Squid software is distributed under GPLv2+ license and includes
5  * contributions from numerous individuals and organizations.
6  * Please see the COPYING and CONTRIBUTORS files for details.
7  */
8 
9 #include "squid.h"
10 #include "MemBuf.h"
12 #include "SquidConfig.h"
13 #if USE_OPENSSL
14 #include "ssl/bio.h"
15 #include "ssl/support.h"
16 #endif
17 
19 #if USE_OPENSSL
20  : cipher(nullptr)
21 #endif
22 {
23 }
24 
25 const char *
27 {
29  return nullptr;
30 
31  static char buf[512];
32  snprintf(buf, sizeof(buf), "%s/%d.%d", AnyP::ProtocolType_str[v.protocol], v.major, v.minor);
33  return buf;
34 }
35 
36 #if USE_OPENSSL
38 toProtocolVersion(const int v)
39 {
40  switch(v) {
41 #if defined(TLS1_2_VERSION)
42  case TLS1_2_VERSION:
44 #endif
45 #if defined(TLS1_1_VERSION)
46  case TLS1_1_VERSION:
48 #endif
49 #if defined(TLS1_VERSION)
50  case TLS1_VERSION:
52 #endif
53 #if defined(SSL3_VERSION)
54  case SSL3_VERSION:
56 #endif
57 #if defined(SSL2_VERSION)
58  case SSL2_VERSION:
60 #endif
61  default:
62  return AnyP::ProtocolVersion();
63  }
64 }
65 #endif
66 
67 void
69 {
70 #if USE_OPENSSL
71  if ((cipher = SSL_get_current_cipher(session.get()))) {
72  // Set the negotiated version only if the cipher negotiated
73  // else probably the negotiation is not completed and version
74  // is not the final negotiated version
75  version_ = toProtocolVersion(SSL_version(session.get()));
76  }
77 
78  if (Debug::Enabled(83, 5)) {
79  BIO *b = SSL_get_rbio(session.get());
80  Ssl::Bio *bio = static_cast<Ssl::Bio *>(BIO_get_data(b));
81  debugs(83, 5, "SSL connection info on FD " << bio->fd() <<
82  " SSL version " << version_ <<
83  " negotiated cipher " << cipherName());
84  }
85 #endif
86 }
87 
88 void
90 {
91  if (details) {
92  helloVersion_ = details->tlsVersion;
93  supportedVersion_ = details->tlsSupportedVersion;
94  }
95 }
96 
97 const char *
99 {
100 #if USE_OPENSSL
101  if (!cipher)
102  return nullptr;
103 
104  return SSL_CIPHER_get_name(cipher);
105 #else
106  return nullptr;
107 #endif
108 }
109 
AnyP::ProtocolVersion ProtocolVersion()
Protocol version to use in Http::Message structures wrapping FTP messages.
Definition: Elements.cc:24
const char * cipherName() const
const char * printTlsVersion(AnyP::ProtocolVersion const &v) const
String representation of the TLS version 'v'.
unsigned int major
major version number
#define debugs(SECTION, LEVEL, CONTENT)
Definition: Debug.h:123
static AnyP::ProtocolVersion toProtocolVersion(const int v)
AnyP::ProtocolVersion tlsVersion
The TLS hello message version.
Definition: Handshake.h:31
void retrieveParsedInfo(Security::TlsDetails::Pointer const &details)
Extract information from parser stored in TlsDetails object.
BIO source and sink node, handling socket I/O and monitoring SSL state.
Definition: bio.h:30
AnyP::ProtocolVersion tlsSupportedVersion
The requested/used TLS version.
Definition: Handshake.h:32
void const char * buf
Definition: stub_helper.cc:16
const char * ProtocolType_str[]
void * BIO_get_data(BIO *table)
Definition: bio.h:207
unsigned int minor
minor version number
void retrieveNegotiatedInfo(const Security::SessionPointer &)
Extract negotiation information from TLS object.
ProtocolType protocol
which protocol this version is for
static bool Enabled(const int section, const int level)
whether debugging the given section and the given level produces output
Definition: Debug.h:73
std::shared_ptr< SSL > SessionPointer
Definition: Session.h:41

 

Introduction

Documentation

Support

Miscellaneous

Web Site Translations

Mirrors