Add logging of connection security to ippeveprinter.

michaelrsweet · michaelrsweet · commit d65e69e3149c · 2025-04-07T15:02:13.000-04:00
diff --git a/tools/ippeveprinter.c b/tools/ippeveprinter.c
@@ -4745,6 +4745,8 @@ process_client(ippeve_client_t *client)	// I - Client
 
       if (recv(httpGetFd(client->http), buf, 1, MSG_PEEK) == 1 && (!buf[0] || !strchr("DGHOPT", buf[0])))
       {
+        char	security[256];		// Security description
+
         fprintf(stderr, "%s Starting HTTPS session.\n", client->hostname);
 
 	if (!httpSetEncryption(client->http, HTTP_ENCRYPTION_ALWAYS))
@@ -4753,7 +4755,7 @@ process_client(ippeve_client_t *client)	// I - Client
 	  break;
         }
 
-        fprintf(stderr, "%s Connection now encrypted.\n", client->hostname);
+        fprintf(stderr, "%s Connection now encrypted (%s).\n", client->hostname, httpGetSecurity(client->http, security, sizeof(security)));
       }
 
       first_time = false;
@@ -4890,6 +4892,8 @@ process_http(ippeve_client_t *client)	// I - Client connection
   {
     if (strstr(httpGetField(client->http, HTTP_FIELD_UPGRADE), "TLS/") != NULL && !httpIsEncrypted(client->http))
     {
+      char	security[256];		// Security description
+
       if (!respond_http(client, HTTP_STATUS_SWITCHING_PROTOCOLS, NULL, NULL, 0))
         return (0);
 
@@ -4901,7 +4905,7 @@ process_http(ippeve_client_t *client)	// I - Client connection
 	return (0);
       }
 
-      fprintf(stderr, "%s Connection now encrypted.\n", client->hostname);
+      fprintf(stderr, "%s Connection now encrypted (%s).\n", client->hostname, httpGetSecurity(client->http, security, sizeof(security)));
     }
     else if (!respond_http(client, HTTP_STATUS_NOT_IMPLEMENTED, NULL, NULL, 0))
       return (0);

Original file line number	Diff line number	Diff line change
`@@ -4745,6 +4745,8 @@ process_client(ippeve_client_t *client) // I - Client`
`4745`	`4745`
`4746`	`4746`	`if (recv(httpGetFd(client->http), buf, 1, MSG_PEEK) == 1 && (!buf[0] \|\| !strchr("DGHOPT", buf[0])))`
`4747`	`4747`	`{`
	`4748`	`+ char security[256]; // Security description`
	`4749`	`+`
`4748`	`4750`	`fprintf(stderr, "%s Starting HTTPS session.\n", client->hostname);`
`4749`	`4751`
`4750`	`4752`	`if (!httpSetEncryption(client->http, HTTP_ENCRYPTION_ALWAYS))`
`@@ -4753,7 +4755,7 @@ process_client(ippeve_client_t *client) // I - Client`
`4753`	`4755`	`break;`
`4754`	`4756`	`}`
`4755`	`4757`
`4756`		`- fprintf(stderr, "%s Connection now encrypted.\n", client->hostname);`
	`4758`	`+ fprintf(stderr, "%s Connection now encrypted (%s).\n", client->hostname, httpGetSecurity(client->http, security, sizeof(security)));`
`4757`	`4759`	`}`
`4758`	`4760`
`4759`	`4761`	`first_time = false;`
`@@ -4890,6 +4892,8 @@ process_http(ippeve_client_t *client) // I - Client connection`
`4890`	`4892`	`{`
`4891`	`4893`	`if (strstr(httpGetField(client->http, HTTP_FIELD_UPGRADE), "TLS/") != NULL && !httpIsEncrypted(client->http))`
`4892`	`4894`	`{`
	`4895`	`+ char security[256]; // Security description`
	`4896`	`+`
`4893`	`4897`	`if (!respond_http(client, HTTP_STATUS_SWITCHING_PROTOCOLS, NULL, NULL, 0))`
`4894`	`4898`	`return (0);`
`4895`	`4899`
`@@ -4901,7 +4905,7 @@ process_http(ippeve_client_t *client) // I - Client connection`
`4901`	`4905`	`return (0);`
`4902`	`4906`	`}`
`4903`	`4907`
`4904`		`- fprintf(stderr, "%s Connection now encrypted.\n", client->hostname);`
	`4908`	`+ fprintf(stderr, "%s Connection now encrypted (%s).\n", client->hostname, httpGetSecurity(client->http, security, sizeof(security)));`
`4905`	`4909`	`}`
`4906`	`4910`	`else if (!respond_http(client, HTTP_STATUS_NOT_IMPLEMENTED, NULL, NULL, 0))`
`4907`	`4911`	`return (0);`