diff options
author | Gert Doering <gert@greenie.muc.de> | 2014-04-13 17:29:32 +0200 |
---|---|---|
committer | Gert Doering <gert@greenie.muc.de> | 2014-04-18 20:51:16 +0200 |
commit | 25bc9f082432034315b3efd9401aa8a9e5884506 (patch) | |
tree | b690ad2bc53a13479b0f7f2f2d1a47de39c333da | |
parent | 22e834bee82b046e753d74ee374299720d0ec0bb (diff) | |
download | openvpn-25bc9f082432034315b3efd9401aa8a9e5884506.tar.gz openvpn-25bc9f082432034315b3efd9401aa8a9e5884506.tar.xz openvpn-25bc9f082432034315b3efd9401aa8a9e5884506.zip |
Add SSL library version reporting.
Print the version of the SSL and LZO library (if any) used.
SSL library version is also sent as IV_SSL=<version> to the server if
--push-peer-info is enabled.
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Acked-by: Steffan Karger <steffan.karger@fox-it.com>
Message-Id: <20140416152456.GI16637@greenie.muc.de>
URL: http://article.gmane.org/gmane.network.openvpn.devel/8537
(cherry picked from commit 1ec984b154aa3247ef58c9d44e7e477880b632b1)
-rw-r--r-- | src/openvpn/openvpn.c | 1 | ||||
-rw-r--r-- | src/openvpn/options.c | 18 | ||||
-rw-r--r-- | src/openvpn/ssl.c | 1 | ||||
-rw-r--r-- | src/openvpn/ssl_backend.h | 6 | ||||
-rw-r--r-- | src/openvpn/ssl_openssl.c | 6 | ||||
-rw-r--r-- | src/openvpn/ssl_polarssl.c | 10 |
6 files changed, 42 insertions, 0 deletions
diff --git a/src/openvpn/openvpn.c b/src/openvpn/openvpn.c index 5125eae..fd87fc1 100644 --- a/src/openvpn/openvpn.c +++ b/src/openvpn/openvpn.c @@ -220,6 +220,7 @@ openvpn_main (int argc, char *argv[]) /* print version number */ msg (M_INFO, "%s", title_string); + show_library_versions(M_INFO); /* misc stuff */ pre_setup (&c.options); diff --git a/src/openvpn/options.c b/src/openvpn/options.c index 7741dbf..dcdc200 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -3436,10 +3436,28 @@ usage_small (void) openvpn_exit (OPENVPN_EXIT_STATUS_USAGE); /* exit point */ } +void +show_library_versions(const unsigned int flags) +{ + msg (flags, "library versions: %s%s%s", +#ifdef ENABLE_SSL + get_ssl_library_version(), +#else + "", +#endif +#ifdef ENABLE_LZO + ", LZO ", lzo_version_string() +#else + "", "" +#endif + ); +} + static void usage_version (void) { msg (M_INFO|M_NOPREFIX, "%s", title_string); + show_library_versions( M_INFO|M_NOPREFIX ); msg (M_INFO|M_NOPREFIX, "Originally developed by James Yonan"); msg (M_INFO|M_NOPREFIX, "Copyright (C) 2002-2010 OpenVPN Technologies, Inc. <sales@openvpn.net>"); #ifndef ENABLE_SMALL diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c index 800fcba..93d81e2 100644 --- a/src/openvpn/ssl.c +++ b/src/openvpn/ssl.c @@ -1836,6 +1836,7 @@ push_peer_info(struct buffer *buf, struct tls_session *session) get_default_gateway (&rgi); if (rgi.flags & RGI_HWADDR_DEFINED) buf_printf (&out, "IV_HWADDR=%s\n", format_hex_ex (rgi.hwaddr, 6, 0, 1, ":", &gc)); + buf_printf (&out, "IV_SSL=%s\n", get_ssl_library_version() ); } /* push env vars that begin with UV_ and IV_GUI_VER */ diff --git a/src/openvpn/ssl_backend.h b/src/openvpn/ssl_backend.h index 54383fe..9777242 100644 --- a/src/openvpn/ssl_backend.h +++ b/src/openvpn/ssl_backend.h @@ -465,4 +465,10 @@ void show_available_tls_ciphers (const char *tls_ciphers); */ void get_highest_preference_tls_cipher (char *buf, int size); +/** + * return a pointer to a static memory area containing the + * name and version number of the SSL library in use + */ +char * get_ssl_library_version(void); + #endif /* SSL_BACKEND_H_ */ diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c index 5689e7c..08e3592 100644 --- a/src/openvpn/ssl_openssl.c +++ b/src/openvpn/ssl_openssl.c @@ -1345,4 +1345,10 @@ get_highest_preference_tls_cipher (char *buf, int size) SSL_CTX_free (ctx); } +char * +get_ssl_library_version(void) +{ + return SSLeay_version(SSLEAY_VERSION); +} + #endif /* defined(ENABLE_SSL) && defined(ENABLE_CRYPTO_OPENSSL) */ diff --git a/src/openvpn/ssl_polarssl.c b/src/openvpn/ssl_polarssl.c index 551c352..6334783 100644 --- a/src/openvpn/ssl_polarssl.c +++ b/src/openvpn/ssl_polarssl.c @@ -1068,4 +1068,14 @@ get_highest_preference_tls_cipher (char *buf, int size) strncpynt (buf, cipher_name, size); } +char * +get_ssl_library_version(void) +{ + static char polar_version[30]; + unsigned int pv = version_get_number(); + sprintf( polar_version, "PolarSSL %d.%d.%d", + (pv>>24)&0xff, (pv>>16)&0xff, (pv>>8)&0xff ); + return polar_version; +} + #endif /* defined(ENABLE_SSL) && defined(ENABLE_CRYPTO_POLARSSL) */ |