diff options
| author |   jsing <jsing@openbsd.org> | 2019-11-02 13:37:59 +0000 |
|---|---|---|
| committer | jsing <jsing@openbsd.org> | 2019-11-02 13:37:59 +0000 |
| commit | bbf181b7fbdc573a340c829bb7c0f02c72ac9b13 (patch) | |
| tree | 409240887b402531fcc12e42fab67114c33b4701 /lib/libtls/tls_conninfo.c | |
| parent | Add a few more PCIe capability registers and bits. As usual, the names (diff) | |
| download | wireguard-openbsd-bbf181b7fbdc573a340c829bb7c0f02c72ac9b13.tar.xz wireguard-openbsd-bbf181b7fbdc573a340c829bb7c0f02c72ac9b13.zip | |
Provide tls_conn_cipher_strength().
This returns the strength in bits of the symmetric cipher used for the
connection.
Diff from gilles@
ok tb@
Diffstat (limited to 'lib/libtls/tls_conninfo.c')
| -rw-r--r-- | lib/libtls/tls_conninfo.c | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/lib/libtls/tls_conninfo.c b/lib/libtls/tls_conninfo.c index 8e479ed84c1..d44dc842b6e 100644 --- a/lib/libtls/tls_conninfo.c +++ b/lib/libtls/tls_conninfo.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls_conninfo.c,v 1.20 2018/02/10 04:48:44 jsing Exp $ */ +/* $OpenBSD: tls_conninfo.c,v 1.21 2019/11/02 13:37:59 jsing Exp $ */ /* * Copyright (c) 2015 Joel Sing <jsing@openbsd.org> * Copyright (c) 2015 Bob Beck <beck@openbsd.org> @@ -246,6 +246,7 @@ tls_conninfo_populate(struct tls *ctx) goto err; if ((ctx->conninfo->cipher = strdup(tmp)) == NULL) goto err; + ctx->conninfo->cipher_strength = SSL_get_cipher_bits(ctx->ssl_conn, NULL); if (ctx->servername != NULL) { if ((ctx->conninfo->servername = @@ -312,6 +313,14 @@ tls_conn_cipher(struct tls *ctx) return (ctx->conninfo->cipher); } +int +tls_conn_cipher_strength(struct tls *ctx) +{ + if (ctx->conninfo == NULL) + return (0); + return (ctx->conninfo->cipher_strength); +} + const char * tls_conn_servername(struct tls *ctx) { |