[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Logging TLS connection parameters

To: Hallvard Breien Furuseth <h.b.furuseth@usit.uio.no>, openldap-devel@openldap.org
Subject: Re: Logging TLS connection parameters
From: Quanah Gibson-Mount <quanah@symas.com>
Date: Mon, 14 Jan 2019 09:55:57 -0800
Content-disposition: inline
In-reply-to: <hbf.20190114pjs7@bombur.uio.no>
References: <hbf.20190114pjs7@bombur.uio.no>

--On Monday, January 14, 2019 6:44 PM +0100 Hallvard Breien Furuseth<h.b.furuseth@usit.uio.no> wrote:

I'd like TLS version/cipher logged with "TLS established", so I've
cherry-picked these commits to our RE24 installation:

  7d6d694 ITS#7683 log tls prot/cipher info
  0045e56 ITS#7683 more for tls version/cipher info

Also this looks like it should go with them, though we use OpenSSL:

  7a7d941 ITS#7979 MozNSS fix for TLS_PROTOCOL_MIN

Do anyone remember if this is complete, or if any fixups are needed?
I've not spotted any more commits, anyway.

I've used the first two commits in RE24 for several years. The MozNSS oneI skipped since it has no impact outside of tls_m.c, which is not used withOpenSSL based builds.


--Quanah


--

Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>

Follow-Ups:
- Re: Logging TLS connection parameters
  - From: Hallvard Breien Furuseth <h.b.furuseth@usit.uio.no>

References:
- Logging TLS connection parameters
  - From: Hallvard Breien Furuseth <h.b.furuseth@usit.uio.no>

Prev by Date: Logging TLS connection parameters
Next by Date: Re: Logging TLS connection parameters
Index(es):
- Chronological
- Thread