void printSecurityInfo(PRFileDesc *fd) { CERTCertificate * cert = NULL; SSL3Statistics * ssl3stats = SSL_GetStatistics(); SECStatus result; SSLChannelInfo channel; SSLCipherSuiteInfo suite; static int only_once; if (only_once && verbose < 2) return; only_once = 1; result = SSL_GetChannelInfo(fd, &channel, sizeof channel); if (result == SECSuccess && channel.length == sizeof channel && channel.cipherSuite) { result = SSL_GetCipherSuiteInfo(channel.cipherSuite, &suite, sizeof suite); if (result == SECSuccess) { FPRINTF(stderr, "strsclnt: SSL version %d.%d using %d-bit %s with %d-bit %s MAC\n", channel.protocolVersion >> 8, channel.protocolVersion & 0xff, suite.effectiveKeyBits, suite.symCipherName, suite.macBits, suite.macAlgorithmName); FPRINTF(stderr, "strsclnt: Server Auth: %d-bit %s, Key Exchange: %d-bit %s\n" " Compression: %s\n", channel.authKeyBits, suite.authAlgorithmName, channel.keaKeyBits, suite.keaTypeName, channel.compressionMethodName); }
void printSecurityInfo(FILE *outfile, PRFileDesc *fd) { char * cp; /* bulk cipher name */ char * ip; /* cert issuer DN */ char * sp; /* cert subject DN */ int op; /* High, Low, Off */ int kp0; /* total key bits */ int kp1; /* secret key bits */ int result; SSL3Statistics * ssl3stats = SSL_GetStatistics(); if (!outfile) { outfile = stdout; } result = SSL_SecurityStatus(fd, &op, &cp, &kp0, &kp1, &ip, &sp); if (result != SECSuccess) return; fprintf(outfile, " bulk cipher %s, %d secret key bits, %d key bits, status: %d\n" " subject DN:\n %s\n" " issuer DN:\n %s\n", cp, kp1, kp0, op, sp, ip); PR_Free(cp); PR_Free(ip); PR_Free(sp); fprintf(outfile, " %ld cache hits; %ld cache misses, %ld cache not reusable\n", ssl3stats->hch_sid_cache_hits, ssl3stats->hch_sid_cache_misses, ssl3stats->hch_sid_cache_not_ok); }