diff options
| author | Andreas Steffen <andreas.steffen@strongswan.org> | 2010-08-05 09:51:05 +0200 |
|---|---|---|
| committer | Andreas Steffen <andreas.steffen@strongswan.org> | 2010-08-05 09:51:05 +0200 |
| commit | 7ea87db00d95cf5f91288fc4067a7ab14f43fd6d (patch) | |
| tree | 99d6095d6f08e40fdce8d1e5f33a50c17c675e4f /src/libtls/tls_peer.c | |
| parent | 7030e3950a8de5e9093ae6401e2a18752554bec5 (diff) | |
| download | strongswan-7ea87db00d95cf5f91288fc4067a7ab14f43fd6d.tar.bz2 strongswan-7ea87db00d95cf5f91288fc4067a7ab14f43fd6d.tar.xz | |
added some more TLS debug output
Diffstat (limited to 'src/libtls/tls_peer.c')
| -rw-r--r-- | src/libtls/tls_peer.c | 21 |
1 files changed, 14 insertions, 7 deletions
diff --git a/src/libtls/tls_peer.c b/src/libtls/tls_peer.c index dbb0efd51..ab4d87920 100644 --- a/src/libtls/tls_peer.c +++ b/src/libtls/tls_peer.c @@ -125,14 +125,14 @@ static status_t process_server_hello(private_tls_peer_t *this, memcpy(this->server_random, random.ptr, sizeof(this->server_random)); + DBG1(DBG_IKE, "received TLS version: %N", tls_version_names, version); if (version < this->tls->get_version(this->tls)) { this->tls->set_version(this->tls, version); } + suite = cipher; - DBG1(DBG_IKE, "received TLS version: %N", tls_version_names, version); DBG1(DBG_IKE, "received TLS cipher suite: %N", tls_cipher_suite_names, suite); - if (!this->crypto->select_cipher_suite(this->crypto, &suite, 1)) { DBG1(DBG_IKE, "received TLS cipher suite inacceptable"); @@ -354,7 +354,8 @@ METHOD(tls_handshake_t, process, status_t, static status_t send_client_hello(private_tls_peer_t *this, tls_handshake_type_t *type, tls_writer_t *writer) { - tls_cipher_suite_t *suite; + tls_cipher_suite_t *suites; + tls_version_t version; int count, i; rng_t *rng; @@ -367,19 +368,25 @@ static status_t send_client_hello(private_tls_peer_t *this, rng->get_bytes(rng, sizeof(this->client_random) - 4, this->client_random + 4); rng->destroy(rng); - writer->write_uint16(writer, this->tls->get_version(this->tls)); + /* TLS version */ + version = this->tls->get_version(this->tls); + DBG1(DBG_IKE, "sending TLS version: %N", tls_version_names, version); + writer->write_uint16(writer, version); writer->write_data(writer, chunk_from_thing(this->client_random)); + /* session identifier => none */ writer->write_data8(writer, chunk_empty); - count = this->crypto->get_cipher_suites(this->crypto, &suite); + /* add TLS cipher suites */ + count = this->crypto->get_cipher_suites(this->crypto, &suites); DBG2(DBG_IKE, "sending %d TLS cipher suites:", count); writer->write_uint16(writer, count * 2); for (i = 0; i < count; i++) { - DBG2(DBG_IKE, " %N", tls_cipher_suite_names, suite[i]); - writer->write_uint16(writer, suite[i]); + DBG2(DBG_IKE, " %N", tls_cipher_suite_names, suites[i]); + writer->write_uint16(writer, suites[i]); } + /* NULL compression only */ writer->write_uint8(writer, 1); writer->write_uint8(writer, 0); |