GnuTLS: Implement tls_get_cipher()

Provide OpenSSL-style name for the negotiated cipher suite.

Signed-off-by: Jouni Malinen <j@w1.fi>

diff --git a/src/crypto/tls_gnutls.c b/src/crypto/tls_gnutls.c
index da205a864c9b4664b73f9d00dd30ba79cf726676..ffc9813c0f721f7ef2b727688fb2a87508138a23 100644 (file)
--- a/src/crypto/tls_gnutls.c
+++ b/src/crypto/tls_gnutls.c
@@ -1538,8 +1538,35 @@ int tls_get_version(void *ssl_ctx, struct tls_connection *conn,
 int tls_get_cipher(void *ssl_ctx, struct tls_connection *conn,
                   char *buf, size_t buflen)
 {
-       /* TODO */
-       buf[0] = '\0';
+       gnutls_cipher_algorithm_t cipher;
+       gnutls_kx_algorithm_t kx;
+       gnutls_mac_algorithm_t mac;
+       const char *kx_str, *cipher_str, *mac_str;
+       int res;
+
+       cipher = gnutls_cipher_get(conn->session);
+       cipher_str = gnutls_cipher_get_name(cipher);
+       if (!cipher_str)
+               cipher_str = "";
+
+       kx = gnutls_kx_get(conn->session);
+       kx_str = gnutls_kx_get_name(kx);
+       if (!kx_str)
+               kx_str = "";
+
+       mac = gnutls_mac_get(conn->session);
+       mac_str = gnutls_mac_get_name(mac);
+       if (!mac_str)
+               mac_str = "";
+
+       if (kx == GNUTLS_KX_RSA)
+               res = os_snprintf(buf, buflen, "%s-%s", cipher_str, mac_str);
+       else
+               res = os_snprintf(buf, buflen, "%s-%s-%s",
+                                 kx_str, cipher_str, mac_str);
+       if (os_snprintf_error(buflen, res))
+               return -1;
+
        return 0;
 }