From 2ac315ee73937a02e259427c34e3e99490b2d7cc Mon Sep 17 00:00:00 2001
From: Emmanuel Hocdet <manu@gandi.net>
Date: Wed, 22 Mar 2017 14:13:04 +0100
Subject: [PATCH 4/5] MINOR: ssl: show methods supported by openssl

TLS v1.3 incoming, SSLv3 will disappears: it could be useful to list
all methods supported by haproxy/openssl (with -vvv).
---
 src/ssl_sock.c | 20 +++++++++++++++++++-
 1 file changed, 19 insertions(+), 1 deletion(-)

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index c44677c..b6f9b16 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -7355,7 +7355,7 @@ static void __ssl_sock_init(void)
 	ptr = NULL;
 	memprintf(&ptr, "Built with OpenSSL version : "
 #ifdef OPENSSL_IS_BORINGSSL
-		"BoringSSL\n");
+		"BoringSSL");
 #else /* OPENSSL_IS_BORINGSSL */
 	        OPENSSL_VERSION_TEXT
 		"\nRunning on OpenSSL version : %s%s",
@@ -7384,6 +7384,24 @@ static void __ssl_sock_init(void)
 #endif
 	       "", ptr);
 
+	memprintf(&ptr, "%s\nOpenSSL library supports : "
+#if SSL_OP_NO_SSLv3
+		  "SSLv3 "
+#endif
+#if SSL_OP_NO_TLSv1
+		  "TLSv1.0 "
+#endif
+#if SSL_OP_NO_TLSv1_1
+		  "TLSv1.1 "
+#endif
+#if SSL_OP_NO_TLSv1_2
+		  "TLSv1.2 "
+#endif
+#if SSL_OP_NO_TLSv1_3
+		  "TLSv1.3(dev)"
+#endif
+	       "", ptr);
+
 	hap_register_build_opts(ptr, 1);
 
 	global.ssl_session_max_cost   = SSL_SESSION_MAX_COST;
-- 
2.1.4