s="SSLv2";
else if (x->ssl_version == SSL3_VERSION)
s="SSLv3";
+ else if (x->ssl_version == TLS1_2_VERSION)
+ s="TLSv1.2";
else if (x->ssl_version == TLS1_1_VERSION)
s="TLSv1.1";
else if (x->ssl_version == TLS1_VERSION)
s="TLSv1";
else if (x->ssl_version == DTLS1_VERSION)
s="DTLSv1";
+ else if (x->ssl_version == DTLS1_2_VERSION)
+ s="DTLSv1.2";
else if (x->ssl_version == DTLS1_BAD_VER)
s="DTLSv1-bad";
else
if (BIO_puts(bp,"\n PSK identity hint: ") <= 0) goto err;
if (BIO_printf(bp, "%s", x->psk_identity_hint ? x->psk_identity_hint : "None") <= 0) goto err;
#endif
+#ifndef OPENSSL_NO_SRP
+ if (BIO_puts(bp,"\n SRP username: ") <= 0) goto err;
+ if (BIO_printf(bp, "%s", x->srp_username ? x->srp_username : "None") <= 0) goto err;
+#endif
#ifndef OPENSSL_NO_TLSEXT
if (x->tlsext_tick_lifetime_hint)
{
{
SSL_COMP *comp = NULL;
- ssl_cipher_get_evp(x,NULL,NULL,NULL,NULL,&comp);
+ ssl_cipher_get_evp(x,NULL,NULL,NULL,NULL,&comp, 0);
if (comp == NULL)
{
if (BIO_printf(bp,"\n Compression: %d",x->compress_meth) <= 0) goto err;
return(0);
}
+/* print session id and master key in NSS keylog format
+ (RSA Session-ID:<session id> Master-Key:<master key>) */
+int SSL_SESSION_print_keylog(BIO *bp, const SSL_SESSION *x)
+ {
+ unsigned int i;
+
+ if (x == NULL) goto err;
+ if (x->session_id_length==0 || x->master_key_length==0) goto err;
+
+ /* the RSA prefix is required by the format's definition although there's
+ nothing RSA-specifc in the output, therefore, we don't have to check
+ if the cipher suite is based on RSA */
+ if (BIO_puts(bp,"RSA ") <= 0) goto err;
+
+ if (BIO_puts(bp,"Session-ID:") <= 0) goto err;
+ for (i=0; i<x->session_id_length; i++)
+ {
+ if (BIO_printf(bp,"%02X",x->session_id[i]) <= 0) goto err;
+ }
+ if (BIO_puts(bp," Master-Key:") <= 0) goto err;
+ for (i=0; i<(unsigned int)x->master_key_length; i++)
+ {
+ if (BIO_printf(bp,"%02X",x->master_key[i]) <= 0) goto err;
+ }
+ if (BIO_puts(bp,"\n") <= 0) goto err;
+
+ return(1);
+err:
+ return(0);
+ }