[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#7683) Feature request: write TLS prot/cipher to syslog

michael@stroeder.com wrote:
> Full_Name:
> Version: HEAD
> OS:
> URL:
> Submission from: (NULL) (
> For debugging which TLS protocol version and cipher suites were actually
> negotiated with several LDAP clients this information would be written to the
> syslog message.
> Current logging:
> conn=1000 fd=12 TLS established tls_ssf=256 ssf=256
> Suggestion:
> conn=1000 fd=12 TLS established tls_ssf=256 ssf=256 tls_proto=TLSv1.1
> tls_cipher=DHE-RSA-AES256-SHA256
Added to master. MozNSS version is untested due to absence of PEM support in 
MozNSS. (See https://bugzilla.mozilla.org/show_bug.cgi?id=402712 - whatever 
PEM support that may exist is not of usable quality.)

   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/