From 32d288f243565c90ee04dcc251816b133f4f1c1c Mon Sep 17 00:00:00 2001 From: Michael Friedrich Date: Fri, 12 Jul 2019 14:37:25 +0200 Subject: [PATCH] TLS: Fetch the cipher list and log them for debugging --- lib/base/tlsutility.cpp | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/lib/base/tlsutility.cpp b/lib/base/tlsutility.cpp index de289667a..de4f7fc63 100644 --- a/lib/base/tlsutility.cpp +++ b/lib/base/tlsutility.cpp @@ -176,6 +176,21 @@ void SetCipherListToSSLContext(const std::shared_ptr& << boost::errinfo_api_function("SSL_CTX_set_cipher_list") << errinfo_openssl_error(ERR_peek_error())); } + + //With OpenSSL 1.1.0, there might not be any returned 0. + STACK_OF(SSL_CIPHER) *ciphers; + Array::Ptr cipherNames = new Array(); + + ciphers = SSL_CTX_get_ciphers(context->native_handle()); + for (int i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) { + const SSL_CIPHER *cipher = sk_SSL_CIPHER_value(ciphers, i); + String cipher_name = SSL_CIPHER_get_name(cipher); + + cipherNames->Add(cipher_name); + } + + Log(LogNotice, "TlsUtility") + << "Available TLS cipher list: " << cipherNames->Join(" "); } /** -- 2.40.0