diff options
| author | Jose <jose@zeroc.com> | 2014-09-25 10:22:47 +0200 |
|---|---|---|
| committer | Jose <jose@zeroc.com> | 2014-09-25 10:22:47 +0200 |
| commit | 5eb6e8560a277fb85ff1c8d9eb1af6f9038319d7 (patch) | |
| tree | 1015afbe4d4be3b5c40aa2e6e26a3ffaf2a7f3ac /cpp/src/IceSSL/OpenSSLEngine.cpp | |
| parent | Better fix for ICE-5526, multicast demo issue on OS X 10.9 (diff) | |
| download | ice-5eb6e8560a277fb85ff1c8d9eb1af6f9038319d7.tar.bz2 ice-5eb6e8560a277fb85ff1c8d9eb1af6f9038319d7.tar.xz ice-5eb6e8560a277fb85ff1c8d9eb1af6f9038319d7.zip | |
Fix (ICE-5662) - OpenSSL implementation should print list of enabled ciphers
Diffstat (limited to 'cpp/src/IceSSL/OpenSSLEngine.cpp')
| -rw-r--r-- | cpp/src/IceSSL/OpenSSLEngine.cpp | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/cpp/src/IceSSL/OpenSSLEngine.cpp b/cpp/src/IceSSL/OpenSSLEngine.cpp index 3c1f54a9bc1..c53ddbda7ca 100644 --- a/cpp/src/IceSSL/OpenSSLEngine.cpp +++ b/cpp/src/IceSSL/OpenSSLEngine.cpp @@ -774,6 +774,24 @@ OpenSSLEngine::initialize() } } + if(securityTraceLevel() >= 1) + { + ostringstream os; + os << "enabling SSL ciphersuites:"; + + SSL* ssl = SSL_new(_ctx); + STACK_OF(SSL_CIPHER)* ciphers = SSL_get_ciphers(ssl); + if(ciphers) + { + for(int i = 0, length = sk_SSL_CIPHER_num(ciphers); i < length; ++i) + { + os << "\n" << SSL_CIPHER_get_name(sk_SSL_CIPHER_value(ciphers, i)); + } + } + SSL_free(ssl); + getLogger()->trace(securityTraceCategory(), os.str()); + } + // // Determine whether a certificate is required from the peer. // |