tyler.durden
/
icinga2
mirror of https://github.com/Icinga/icinga2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

TLS: Fetch the cipher list and log them for debugging

This commit is contained in:
Michael Friedrich 2019-07-12 14:37:25 +02:00
parent 38b7f10e0e
commit 32d288f243
1 changed files with 15 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
lib/base/tlsutility.cpp
View File

@ -176,6 +176,21 @@ void SetCipherListToSSLContext(const std::shared_ptr<boost::asio::ssl::context>&
<< boost::errinfo_api_function("SSL_CTX_set_cipher_list")
<< errinfo_openssl_error(ERR_peek_error()));
}
//With OpenSSL 1.1.0, there might not be any returned 0.
STACK_OF(SSL_CIPHER) *ciphers;
Array::Ptr cipherNames = new Array();
ciphers = SSL_CTX_get_ciphers(context->native_handle());
for (int i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
const SSL_CIPHER *cipher = sk_SSL_CIPHER_value(ciphers, i);
String cipher_name = SSL_CIPHER_get_name(cipher);
cipherNames->Add(cipher_name);
}
Log(LogNotice, "TlsUtility")
<< "Available TLS cipher list: " << cipherNames->Join(" ");
}
/**