mirror of
https://github.com/deskflow/deskflow.git
synced 2026-07-01 21:02:39 +08:00
Revert "Added additional SSL logging abotu connection information as well as client and server cipher availability #4793"
This reverts commit 16a2815504.
This commit is contained in:
parent
fe010b35ab
commit
57f6022382
@ -39,10 +39,6 @@
|
||||
static const int g_maxRetry = 1000;
|
||||
static const float g_retryDelay = 0.01f;
|
||||
|
||||
enum {
|
||||
kMsgSize = 128
|
||||
};
|
||||
|
||||
static const char kFingerprintDirName[] = "SSL/Fingerprints";
|
||||
//static const char kFingerprintLocalFilename[] = "Local.txt";
|
||||
static const char kFingerprintTrustedServersFilename[] = "TrustedServers.txt";
|
||||
@ -239,9 +235,11 @@ SecureSocket::initContext(bool server)
|
||||
// load all error messages
|
||||
SSL_load_error_strings();
|
||||
|
||||
if (CLOG->getFilter() >= kINFO) {
|
||||
showSecureLibInfo();
|
||||
}
|
||||
LOG((CLOG_INFO "%s",SSLeay_version (SSLEAY_VERSION)));
|
||||
LOG((CLOG_DEBUG2 "OpenSSL : %s",SSLeay_version (SSLEAY_CFLAGS)));
|
||||
LOG((CLOG_DEBUG2 "OpenSSL : %s",SSLeay_version (SSLEAY_BUILT_ON)));
|
||||
LOG((CLOG_DEBUG2 "OpenSSL : %s",SSLeay_version (SSLEAY_PLATFORM)));
|
||||
LOG((CLOG_DEBUG2 "%s",SSLeay_version (SSLEAY_DIR)));
|
||||
|
||||
// SSLv23_method uses TLSv1, with the ability to fall back to SSLv3
|
||||
if (server) {
|
||||
@ -301,8 +299,14 @@ SecureSocket::secureAccept(int socket)
|
||||
if (retry == 0) {
|
||||
m_secureReady = true;
|
||||
LOG((CLOG_INFO "accepted secure socket"));
|
||||
showSecureCipherInfo();
|
||||
showSecureConnectInfo();
|
||||
const SSL_CIPHER* cipher = SSL_get_current_cipher(m_ssl->m_ssl);
|
||||
if(cipher != NULL) {
|
||||
char * cipherVersion = SSL_CIPHER_description(cipher, NULL, 0);
|
||||
if(cipherVersion != NULL) {
|
||||
LOG((CLOG_INFO "%s", cipherVersion));
|
||||
OPENSSL_free(cipherVersion);
|
||||
}
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
||||
@ -364,8 +368,14 @@ SecureSocket::secureConnect(int socket)
|
||||
return -1; // Fingerprint failed, error
|
||||
}
|
||||
LOG((CLOG_DEBUG2 "connected secure socket"));
|
||||
showSecureCipherInfo();
|
||||
showSecureConnectInfo();
|
||||
const SSL_CIPHER* cipher = SSL_get_current_cipher(m_ssl->m_ssl);
|
||||
if(cipher != NULL) {
|
||||
char * cipherVersion = SSL_CIPHER_description(cipher, NULL, 0);
|
||||
if(cipherVersion != NULL) {
|
||||
LOG((CLOG_INFO "%s", cipherVersion));
|
||||
OPENSSL_free(cipherVersion);
|
||||
}
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
||||
@ -639,72 +649,3 @@ SecureSocket::serviceAccept(ISocketMultiplexerJob* job,
|
||||
this, &SecureSocket::serviceAccept,
|
||||
getSocket(), isReadable(), isWritable());
|
||||
}
|
||||
|
||||
void
|
||||
showCipherStackDesc(STACK_OF(SSL_CIPHER) * stack) {
|
||||
char msg[kMsgSize];
|
||||
int i = 0;
|
||||
for ( ; i < sk_SSL_CIPHER_num(stack) ; i++) {
|
||||
const SSL_CIPHER * cipher = sk_SSL_CIPHER_value(stack,i);
|
||||
|
||||
SSL_CIPHER_description(cipher, msg, kMsgSize);
|
||||
|
||||
// Why does SSL put a newline in the description?
|
||||
int pos = (int)strlen(msg) - 1;
|
||||
if (msg[pos] == '\n') {
|
||||
msg[pos] = '\0';
|
||||
}
|
||||
|
||||
LOG((CLOG_DEBUG1 "%s",msg));
|
||||
}
|
||||
}
|
||||
|
||||
void
|
||||
SecureSocket::showSecureCipherInfo()
|
||||
{
|
||||
STACK_OF(SSL_CIPHER) * sStack = SSL_get_ciphers(m_ssl->m_ssl);
|
||||
|
||||
if (sStack == NULL) {
|
||||
LOG((CLOG_WARN "No ciphers available on server"));
|
||||
}
|
||||
else {
|
||||
LOG((CLOG_DEBUG1 "Ciphers available on server:"));
|
||||
showCipherStackDesc(sStack);
|
||||
}
|
||||
|
||||
// m_ssl->m_ssl->session->ciphers is not forward compatable, In future release
|
||||
// of OpenSSL, it's not visible, need to use SSL_get_client_ciphers() instead
|
||||
STACK_OF(SSL_CIPHER) * cStack = m_ssl->m_ssl->session->ciphers;
|
||||
if (cStack == NULL) {
|
||||
LOG((CLOG_WARN "No ciphers available from client"));
|
||||
}
|
||||
else {
|
||||
LOG((CLOG_DEBUG1 "Ciphers available on client:"));
|
||||
showCipherStackDesc(cStack);
|
||||
}
|
||||
return;
|
||||
}
|
||||
|
||||
void
|
||||
SecureSocket::showSecureLibInfo()
|
||||
{
|
||||
LOG((CLOG_INFO "%s",SSLeay_version(SSLEAY_VERSION)));
|
||||
LOG((CLOG_DEBUG2 "OpenSSL : %s",SSLeay_version(SSLEAY_CFLAGS)));
|
||||
LOG((CLOG_DEBUG2 "OpenSSL : %s",SSLeay_version(SSLEAY_BUILT_ON)));
|
||||
LOG((CLOG_DEBUG2 "OpenSSL : %s",SSLeay_version(SSLEAY_PLATFORM)));
|
||||
LOG((CLOG_DEBUG2 "%s",SSLeay_version(SSLEAY_DIR)));
|
||||
return;
|
||||
}
|
||||
|
||||
void
|
||||
SecureSocket::showSecureConnectInfo()
|
||||
{
|
||||
const SSL_CIPHER* cipher = SSL_get_current_cipher(m_ssl->m_ssl);
|
||||
|
||||
if (cipher != NULL) {
|
||||
char msg[kMsgSize];
|
||||
SSL_CIPHER_description(cipher, msg, kMsgSize);
|
||||
LOG((CLOG_INFO "%s", msg));
|
||||
}
|
||||
return;
|
||||
}
|
||||
|
||||
@ -77,10 +77,6 @@ private:
|
||||
serviceAccept(ISocketMultiplexerJob*,
|
||||
bool, bool, bool);
|
||||
|
||||
void showSecureConnectInfo();
|
||||
void showSecureLibInfo();
|
||||
void showSecureCipherInfo();
|
||||
|
||||
private:
|
||||
Ssl* m_ssl;
|
||||
bool m_secureReady;
|
||||
|
||||
Loading…
Reference in New Issue
Block a user