/pidgin/main: 9728bb0f6dcc: Print information about the SSL conn...

Daniel Atallah datallah at pidgin.im
Wed Feb 5 01:46:37 EST 2014 

Changeset: 9728bb0f6dcc4b66b84bccd43c85f9031e90e323
Author:	 Daniel Atallah <datallah at pidgin.im>
Date:	 2014-02-05 01:45 -0500
Branch:	 release-2.x.y
URL: https://hg.pidgin.im/pidgin/main/rev/9728bb0f6dcc

Description:

Print information about the SSL connection to the debug log

diffstat:

 libpurple/plugins/ssl/ssl-nss.c |  42 +++++++++++++++++++++++++++++++++++++++++
 1 files changed, 42 insertions(+), 0 deletions(-)

diffs (59 lines):

diff --git a/libpurple/plugins/ssl/ssl-nss.c b/libpurple/plugins/ssl/ssl-nss.c
--- a/libpurple/plugins/ssl/ssl-nss.c
+++ b/libpurple/plugins/ssl/ssl-nss.c
@@ -266,6 +266,46 @@ ssl_nss_get_peer_certificates(PRFileDesc
 	return peer_certs;
 }
 
+/*
+ * Ideally this information would be exposed to the UI somehow, but for now we
+ * just print it to the debug log
+ */
+static void 
+printSecurityInfo(PRFileDesc *fd)
+{
+	SECStatus result;
+	SSLChannelInfo channel;
+	SSLCipherSuiteInfo suite;
+
+	result = SSL_GetChannelInfo(fd, &channel, sizeof channel);
+	if (result == SECSuccess && channel.length == sizeof channel
+			&& channel.cipherSuite) {
+		result = SSL_GetCipherSuiteInfo(channel.cipherSuite,
+				&suite, sizeof suite);
+
+		if (result == SECSuccess) {
+			purple_debug_info("nss", "SSL version %d.%d using "
+					"%d-bit %s with %d-bit %s MAC\n"
+					"Server Auth: %d-bit %s, "
+					"Key Exchange: %d-bit %s, "
+					"Compression: %s\n"
+					"Cipher Suite Name: %s\n",
+					channel.protocolVersion >> 8,
+				       	channel.protocolVersion & 0xff,
+					suite.effectiveKeyBits,
+				       	suite.symCipherName,
+					suite.macBits,
+					suite.macAlgorithmName,
+					channel.authKeyBits,
+					suite.authAlgorithmName,
+					channel.keaKeyBits, suite.keaTypeName,
+					channel.compressionMethodName,
+					suite.cipherSuiteName);
+		}
+	}
+}
+
+
 static void
 ssl_nss_handshake_cb(gpointer data, int fd, PurpleInputCondition cond)
 {
@@ -293,6 +333,8 @@ ssl_nss_handshake_cb(gpointer data, int 
 		return;
 	}
 
+	printSecurityInfo(nss_data->in);
+
 	purple_input_remove(nss_data->handshake_handler);
 	nss_data->handshake_handler = 0;

More information about the Commits mailing list