diff options
| author | Simon MacMullen <simon@rabbitmq.com> | 2010-12-07 18:20:07 +0000 |
|---|---|---|
| committer | Simon MacMullen <simon@rabbitmq.com> | 2010-12-07 18:20:07 +0000 |
| commit | cbd64f3448f4df626874c1b0c3dac101e1b018c2 (patch) | |
| tree | c02cbf3c6c207d59873868cec891f471778ec527 /src | |
| parent | 1ffd85e580b5d5e8e7bb6b7123126933aa1cf168 (diff) | |
| download | rabbitmq-server-git-cbd64f3448f4df626874c1b0c3dac101e1b018c2.tar.gz | |
SSL protocol / algorithm information.
Diffstat (limited to 'src')
| -rw-r--r-- | src/rabbit_net.erl | 10 | ||||
| -rw-r--r-- | src/rabbit_reader.erl | 17 |
2 files changed, 26 insertions, 1 deletions
diff --git a/src/rabbit_net.erl b/src/rabbit_net.erl index 89954b06ef..c6a083bb7d 100644 --- a/src/rabbit_net.erl +++ b/src/rabbit_net.erl @@ -32,7 +32,7 @@ -module(rabbit_net). -include("rabbit.hrl"). --export([is_ssl/1, controlling_process/2, getstat/2, +-export([is_ssl/1, ssl_info/1, controlling_process/2, getstat/2, async_recv/3, port_command/2, send/2, close/1, sockname/1, peername/1, peercert/1]). @@ -50,6 +50,9 @@ -type(socket() :: port() | #ssl_socket{}). -spec(is_ssl/1 :: (socket()) -> boolean()). +-spec(ssl_info/1 :: (socket()) + -> 'nossl' | ok_val_or_error( + {atom(), {atom(), atom(), atom()}})). -spec(controlling_process/2 :: (socket(), pid()) -> ok_or_any_error()). -spec(getstat/2 :: (socket(), [stat_option()]) @@ -77,6 +80,11 @@ is_ssl(Sock) -> ?IS_SSL(Sock). +ssl_info(Sock) when ?IS_SSL(Sock) -> + ssl:connection_info(Sock#ssl_socket.ssl); +ssl_info(_Sock) -> + nossl. + controlling_process(Sock, Pid) when ?IS_SSL(Sock) -> ssl:controlling_process(Sock#ssl_socket.ssl, Pid); controlling_process(Sock, Pid) when is_port(Sock) -> diff --git a/src/rabbit_reader.erl b/src/rabbit_reader.erl index 4dd150a26f..a1bd5b3178 100644 --- a/src/rabbit_reader.erl +++ b/src/rabbit_reader.erl @@ -63,6 +63,8 @@ -define(CREATION_EVENT_KEYS, [pid, address, port, peer_address, peer_port, ssl, peer_cert_subject, peer_cert_issuer, + peer_cert_validity, ssl_protocol, + ssl_key_exchange, ssl_cipher, ssl_hash, peer_cert_validity, protocol, user, vhost, timeout, frame_max, client_properties]). @@ -843,6 +845,14 @@ i(peer_port, #v1{sock = Sock}) -> socket_info(fun rabbit_net:peername/1, fun ({_, P}) -> P end, Sock); i(ssl, #v1{sock = Sock}) -> rabbit_net:is_ssl(Sock); +i(ssl_protocol, #v1{sock = Sock}) -> + ssl_info(fun ({P, _}) -> P end, Sock); +i(ssl_key_exchange, #v1{sock = Sock}) -> + ssl_info(fun ({_, {K, _, _}}) -> K end, Sock); +i(ssl_cipher, #v1{sock = Sock}) -> + ssl_info(fun ({_, {_, C, _}}) -> C end, Sock); +i(ssl_hash, #v1{sock = Sock}) -> + ssl_info(fun ({_, {_, _, H}}) -> H end, Sock); i(peer_cert_issuer, #v1{sock = Sock}) -> cert_info(fun rabbit_ssl:peer_cert_issuer/1, Sock); i(peer_cert_subject, #v1{sock = Sock}) -> @@ -889,6 +899,13 @@ socket_info(Get, Select) -> {error, _} -> '' end. +ssl_info(F, Sock) -> + case rabbit_net:ssl_info(Sock) of + nossl -> ''; + {error, _} -> ''; + {ok, Info} -> F(Info) + end. + cert_info(F, Sock) -> case rabbit_net:peercert(Sock) of nossl -> ''; |