Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
log ciphersuite on every new HTTPS connection, not just AnyConnect pr…
…otocol

Signed-off-by: Daniel Lenski <dlenski@gmail.com>
  • Loading branch information
dlenski committed Mar 27, 2020
1 parent 5b12bfc commit dd4693b
Show file tree
Hide file tree
Showing 3 changed files with 9 additions and 11 deletions.
2 changes: 0 additions & 2 deletions cstp.c
Expand Up @@ -637,8 +637,6 @@ static int start_cstp_connection(struct openconnect_info *vpninfo)
free_optlist(old_cstp_opts);
vpn_progress(vpninfo, PRG_INFO, _("CSTP connected. DPD %d, Keepalive %d\n"),
vpninfo->ssl_times.dpd, vpninfo->ssl_times.keepalive);
vpn_progress(vpninfo, PRG_DEBUG, _("CSTP Ciphersuite: %s\n"),
openconnect_get_cstp_cipher(vpninfo));

monitor_fd_new(vpninfo, ssl);

Expand Down
14 changes: 7 additions & 7 deletions gnutls.c
Expand Up @@ -2275,9 +2275,6 @@ int openconnect_open_https(struct openconnect_info *vpninfo)
if (err)
return err;

gnutls_free(vpninfo->cstp_cipher);
vpninfo->cstp_cipher = get_gnutls_cipher(vpninfo->https_sess);

vpninfo->ssl_fd = ssl_sock;

vpninfo->ssl_read = openconnect_gnutls_read;
Expand Down Expand Up @@ -2335,12 +2332,15 @@ int cstp_handshake(struct openconnect_info *vpninfo, unsigned init)
}
}

gnutls_free(vpninfo->cstp_cipher);
vpninfo->cstp_cipher = get_gnutls_cipher(vpninfo->https_sess);

if (init) {
vpn_progress(vpninfo, PRG_INFO, _("Connected to HTTPS on %s\n"),
vpninfo->hostname);
vpn_progress(vpninfo, PRG_INFO, _("Connected to HTTPS on %s with ciphersuite %s\n"),
vpninfo->hostname, vpninfo->cstp_cipher);
} else {
vpn_progress(vpninfo, PRG_INFO, _("Renegotiated SSL on %s\n"),
vpninfo->hostname);
vpn_progress(vpninfo, PRG_INFO, _("Renegotiated SSL on %s with ciphersuite %s\n"),
vpninfo->hostname, vpninfo->cstp_cipher);
}

return 0;
Expand Down
4 changes: 2 additions & 2 deletions openssl.c
Expand Up @@ -1888,8 +1888,8 @@ int openconnect_open_https(struct openconnect_info *vpninfo)
vpninfo->ssl_gets = openconnect_openssl_gets;


vpn_progress(vpninfo, PRG_INFO, _("Connected to HTTPS on %s\n"),
vpninfo->hostname);
vpn_progress(vpninfo, PRG_INFO, _("Connected to HTTPS on %s with ciphersuite %s\n"),
vpninfo->hostname, vpninfo->cstp_cipher);

return 0;
}
Expand Down

0 comments on commit dd4693b

Please sign in to comment.