Add option to retrieve hex representation of client ciphers

Summary: A more compact hex representation of ciphers in ClientHello can be useful, e.g., for logging. Reviewed By: knekritz Differential Revision: D3052308 fb-gh-sync-id: beaf6fcd4705d4d7fae652d8d8b95b52ca9e07a9 shipit-source-id: beaf6fcd4705d4d7fae652d8d8b95b52ca9e07a9

Add option to retrieve hex representation of client ciphers
Summary: A more compact hex representation of ciphers in ClientHello can be useful, e.g., for logging. Reviewed By: knekritz Differential Revision: D3052308 fb-gh-sync-id: beaf6fcd4705d4d7fae652d8d8b95b52ca9e07a9 shipit-source-id: beaf6fcd4705d4d7fae652d8d8b95b52ca9e07a9
c7087eb7 · Anirudh Ramachandran · Facebook Github Bot 3 · 5b48f33a · c7087eb7
Commit c7087eb7 authored Mar 21, 2016 by Anirudh Ramachandran Committed by Facebook Github Bot 3 Mar 21, 2016
Hide whitespace changes
Inline Side-by-side

Showing with 16 additions and 11 deletions

folly/io/async/AsyncSSLSocket.h folly/io/async/AsyncSSLSocket.h +16 -11

No files found.
--- a/folly/io/async/AsyncSSLSocket.h
+++ b/folly/io/async/AsyncSSLSocket.h
@@ -538,7 +538,9 @@ class AsyncSSLSocket : public virtual AsyncSocket {
   * Get the list of supported ciphers sent by the client in the client's
   * preference order.
   */
-  void getSSLClientCiphers(std::string& clientCiphers) const {
+  void getSSLClientCiphers(
+      std::string& clientCiphers,
+      bool convertToString = true) const {
    std::stringstream ciphersStream;
    std::string cipherName;
@@ -550,22 +552,25 @@ class AsyncSSLSocket : public virtual AsyncSocket {
    for (auto originalCipherCode : clientHelloInfo_->clientHelloCipherSuites_)
    {
-      // OpenSSL expects code as a big endian char array
+      const SSL_CIPHER* cipher = nullptr;
-      auto cipherCode = htons(originalCipherCode);
+      if (convertToString) {
+        // OpenSSL expects code as a big endian char array
+        auto cipherCode = htons(originalCipherCode);
 #if defined(SSL_OP_NO_TLSv1_2)
-      const SSL_CIPHER* cipher =
+        cipher =
-          TLSv1_2_method()->get_cipher_by_char((unsigned char*)&cipherCode);
+            TLSv1_2_method()->get_cipher_by_char((unsigned char*)&cipherCode);
 #elif defined(SSL_OP_NO_TLSv1_1)
-      const SSL_CIPHER* cipher =
+        cipher =
-          TLSv1_1_method()->get_cipher_by_char((unsigned char*)&cipherCode);
+            TLSv1_1_method()->get_cipher_by_char((unsigned char*)&cipherCode);
 #elif defined(SSL_OP_NO_TLSv1)
-      const SSL_CIPHER* cipher =
+        cipher =
-          TLSv1_method()->get_cipher_by_char((unsigned char*)&cipherCode);
+            TLSv1_method()->get_cipher_by_char((unsigned char*)&cipherCode);
 #else
-      const SSL_CIPHER* cipher =
+        cipher =
-          SSLv3_method()->get_cipher_by_char((unsigned char*)&cipherCode);
+            SSLv3_method()->get_cipher_by_char((unsigned char*)&cipherCode);
 #endif
+      }
      if (cipher == nullptr) {
        ciphersStream << std::setfill('0') << std::setw(4) << std::hex