Instead of priting cipher and MAC algorithms names separately, print the whole cipher suite string which also includes the key exchange algorithm.
This is how the OpenSSL and NSS backends do it. Cheers
From 5f19e4a40c4f2a11fdbe3b1ebb1684917afb811b Mon Sep 17 00:00:00 2001 From: Alessandro Ghedini <[email protected]> Date: Mon, 9 Mar 2015 23:52:16 +0100 Subject: [PATCH] gtls: print full cipher suite name Instead of priting cipher and MAC algorithms names separately, print the whole cipher suite string which also includes the key exchange algorithm. --- lib/vtls/gtls.c | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c index 19c659f..ae49963 100644 --- a/lib/vtls/gtls.c +++ b/lib/vtls/gtls.c @@ -1054,13 +1054,11 @@ gtls_connect_step3(struct connectdata *conn, /* the *_get_name() says "NULL" if GNUTLS_COMP_NULL is returned */ infof(data, "\t compression: %s\n", ptr); - /* the name of the cipher used. ie 3DES. */ - ptr = gnutls_cipher_get_name(gnutls_cipher_get(session)); - infof(data, "\t cipher: %s\n", ptr); - - /* the MAC algorithms name. ie SHA1 */ - ptr = gnutls_mac_get_name(gnutls_mac_get(session)); - infof(data, "\t MAC: %s\n", ptr); + /* the name of the cipher suite used, e.g. ECDHE_RSA_AES_256_GCM_SHA384. */ + ptr = gnutls_cipher_suite_get_name(gnutls_kx_get(session), + gnutls_cipher_get(session), + gnutls_mac_get(session)); + infof(data, "\t cipher suite: %s\n", ptr); #ifdef HAS_ALPN if(data->set.ssl_enable_alpn) { -- 2.1.4
signature.asc
Description: Digital signature
------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
