From b9131c4fa214f39705da4246425645a6c587d488 Mon Sep 17 00:00:00 2001
From: rcritten <>
Date: Thu, 2 Mar 2006 19:21:54 +0000
Subject: Add support for Elliptical Curve Cryptography (ECC). This is disabled
 by default. To enable it, pass --enable-ecc to configure.

---
 nss_engine_vars.c | 23 +++++++++++++++++++++--
 1 file changed, 21 insertions(+), 2 deletions(-)

(limited to 'nss_engine_vars.c')

diff --git a/nss_engine_vars.c b/nss_engine_vars.c
index 4d18c9a..f5fb045 100644
--- a/nss_engine_vars.c
+++ b/nss_engine_vars.c
@@ -363,10 +363,10 @@ static char *nss_var_lookup_nss_cert(apr_pool_t *p, CERTCertificate *xs, char *v
             if (SSL_GetCipherSuiteInfo(channel.cipherSuite,
                 &suite, sizeof suite) == SECSuccess)
             {
-                result = apr_psprintf(p, "%s", suite.keaTypeName);
+                result = apr_psprintf(p, "%s_%s", suite.keaTypeName, suite.authAlgorithmName);
             }
         } else
-            result = apr_pstrdup(p, "UNKNOWN");
+            result = apr_pstrdup(p, "UNKNOWN_UNKNOWN");
 
         resdup = FALSE;
     }
@@ -582,6 +582,25 @@ static char *nss_var_lookup_nss_cipher(apr_pool_t *p, conn_rec *c, char *var)
         result = apr_psprintf(p, "%d", keySize);
         resdup = FALSE;
     }
+    else if (strcEQ(var, "_NAME")) {
+        SSLChannelInfo      channel;
+        SSLCipherSuiteInfo  suite;
+        SSLConnRec *sslconn = myConnConfig(c);
+
+        if (SSL_GetChannelInfo(sslconn->ssl, &channel, sizeof channel) ==
+            SECSuccess && channel.length == sizeof channel &&
+            channel.cipherSuite)
+        {
+            if (SSL_GetCipherSuiteInfo(channel.cipherSuite,
+                &suite, sizeof suite) == SECSuccess)
+            {
+                result = apr_psprintf(p, "%s",  suite.cipherSuiteName);
+            }
+        } else
+            result = apr_pstrdup(p, "UNKNOWN");
+
+        resdup = FALSE;
+    }
 
     if (result != NULL && resdup)
         result = apr_pstrdup(p, result);
-- 
cgit