From patchwork Sat Nov 11 05:11:22 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Gert van Dijk <gert@gertvandijk.net>
X-Patchwork-Id: 65
Return-Path: <openvpn-devel-bounces@lists.sourceforge.net>
Delivered-To: patchwork@openvpn.net
Delivered-To: patchwork@openvpn.net
Received: from director3.mail.ord1d.rsapps.net ([172.27.255.57])
	by backend31.mail.ord1d.rsapps.net (Dovecot) with LMTP id
 87MTFk0hB1qjVQAAgoeIoA
	for <patchwork@openvpn.net>; Sat, 11 Nov 2017 11:11:57 -0500
Received: from proxy14.mail.iad3a.rsapps.net ([172.27.255.57])
	by director3.mail.ord1d.rsapps.net (Dovecot) with LMTP id
 qxV9EE0hB1rDKgAAkXNnRw
	; Sat, 11 Nov 2017 11:11:57 -0500
Received: from smtp26.gate.iad3a ([172.27.255.57])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	by proxy14.mail.iad3a.rsapps.net (Dovecot) with LMTP id
 QtxODU0hB1oWHwAA1+b4IQ
	; Sat, 11 Nov 2017 11:11:57 -0500
X-Spam-Threshold: 95
X-Spam-Score: 0
X-Spam-Flag: NO
X-Virus-Scanned: OK
X-Orig-To: openvpnslackdevel@openvpn.net
X-Originating-Ip: [216.34.181.88]
Authentication-Results: smtp26.gate.iad3a.rsapps.net;
 iprev=pass policy.iprev="216.34.181.88";
 spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net"
 smtp.helo="lists.sourceforge.net";
 dkim=fail (signature verification failed) header.d=sourceforge.net;
 dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil;
 dis=none) header.from=gertvandijk.net
X-Classification-ID: 09f479fa-c6fb-11e7-b65c-0026b95a1d0c-1-1
Received: from [216.34.181.88] ([216.34.181.88:1661]
 helo=lists.sourceforge.net)
	by smtp26.gate.iad3a.rsapps.net (envelope-from
 <openvpn-devel-bounces@lists.sourceforge.net>)
	(ecelerity 4.2.1.56364 r(Core:4.2.1.14)) with ESMTPS
 (cipher=DHE-RSA-AES256-GCM-SHA384)
	id B6/52-25444-C41270A5; Sat, 11 Nov 2017 11:11:56 -0500
Received: from localhost ([127.0.0.1] helo=sfs-ml-3.v29.ch3.sourceforge.com)
	by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.89)
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	id 1eDYNU-0000SS-PR; Sat, 11 Nov 2017 16:11:28 +0000
Received: from sfi-mx-1.v28.ch3.sourceforge.com ([172.29.28.191]
 helo=mx.sourceforge.net)
 by sfs-ml-3.v29.ch3.sourceforge.com with esmtps
 (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.89)
 (envelope-from <gert@gertvandijk.net>) id 1eDYNR-0000SK-Ux
 for openvpn-devel@lists.sourceforge.net; Sat, 11 Nov 2017 16:11:25 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
 d=sourceforge.net; s=x; h=References:In-Reply-To:Message-Id:Date:Subject:To:
 From:Sender:Reply-To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:
 Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:
 Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:
 List-Subscribe:List-Post:List-Owner:List-Archive;
 bh=7Xjw/Uw3k4413JOhSC7enQkFwvHyspL1U+B3C5aUBuk=; b=j5AoQKatyWN0Qcl7fU+/dIWXRn
 HcXIiVsk+x5QkTvhvusORDQIuJwcrFG0t+dZL79CqaXSCKG1TDW7x7uNlOaBY6SFvK4PA19f221c0
 DJqin9rW7jTJLvyS+0/IVkkKNe+PNJwPLkEJPxiy0hHOYr/ydaj65bQbwJeV6VAF6FUY=;
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x
 ;
 h=References:In-Reply-To:Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc
 :MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:
 Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
 :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
 List-Post:List-Owner:List-Archive;
 bh=7Xjw/Uw3k4413JOhSC7enQkFwvHyspL1U+B3C5aUBuk=; b=MTllgrcqJfjaQ3dbcY5p4hbwln
 cfEeLK4IHRg4dSjHuFAkqSdZJuJ8cjZm44uL5nSwiYN0fNLCeXYs8mHRT72rf0HkaeDIEjzg3M0uz
 bXeifyJOPvtXEIteFV6Ht2gphu9/4GWbB4/5lxVIgohbUOnIOASWbc1XWv53aC4VyKAc=;
Received: from droplet1.do.gertvandijk.net ([95.85.39.237])
 by sfi-mx-1.v28.ch3.sourceforge.com with esmtps
 (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.89)
 id 1eDYNP-0001zf-JE
 for openvpn-devel@lists.sourceforge.net; Sat, 11 Nov 2017 16:11:25 +0000
From: Gert van Dijk <gert@gertvandijk.net>
To: openvpn-devel@lists.sourceforge.net
Date: Sat, 11 Nov 2017 17:11:22 +0100
Message-Id: <20171111161122.30087-2-gert@gertvandijk.net>
In-Reply-To: <20171111161122.30087-1-gert@gertvandijk.net>
References: <20171111161122.30087-1-gert@gertvandijk.net>
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
 See http://spamassassin.org/tag/ for more details.
 -0.0 SPF_PASS               SPF: sender matches SPF record
 -0.0 RP_MATCHES_RCVD Envelope sender domain matches handover relay domain
X-Headers-End: 1eDYNP-0001zf-JE
Subject: [Openvpn-devel] [PATCH 2/2] Add negotiated cipher to status file
 format 2 and 3
X-BeenThere: openvpn-devel@lists.sourceforge.net
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <openvpn-devel.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/options/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: 
 <http://sourceforge.net/mailarchive/forum.php?forum_name=openvpn-devel>
List-Post: <mailto:openvpn-devel@lists.sourceforge.net>
List-Help: <mailto:openvpn-devel-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=subscribe>
MIME-Version: 1.0
Errors-To: openvpn-devel-bounces@lists.sourceforge.net
X-getmail-retrieved-from-mailbox: Inbox

With NCP turned off, this will still display the cipher used.

Trac: #814

Signed-off-by: Gert van Dijk <gert@gertvandijk.net>
Acked-by: Arne Schwabe <arne@rfc2549.org>
Tested-by: Arne Schwabe <arne@rfc2549.org>
---
 doc/openvpn.8       |  2 +-
 src/openvpn/multi.c | 11 +++++++----
 2 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/doc/openvpn.8 b/doc/openvpn.8
index 267497fd..00dbff6f 100644
--- a/doc/openvpn.8
+++ b/doc/openvpn.8
@@ -2477,7 +2477,7 @@ Connected Since.
 .B 2
 \-\- a more reliable format for external processing. Compared to version 1, the
 client list contains some additional fields: Virtual Address, Virtual IPv6
-Address, Username, Client ID, Peer ID.
+Address, Username, Client ID, Peer ID, Data Channel Cipher.
 Future versions may extend the number of fields.
 .br
 .B 3
diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c
index 82a0b9d9..dfad582f 100644
--- a/src/openvpn/multi.c
+++ b/src/openvpn/multi.c
@@ -50,6 +50,8 @@
 #include "forward-inline.h"
 #include "pf-inline.h"
 
+#include "crypto_backend.h"
+
 /*#define MULTI_DEBUG_EVENT_LOOP*/
 
 #ifdef MULTI_DEBUG_EVENT_LOOP
@@ -940,8 +942,8 @@ multi_print_status(struct multi_context *m, struct status_output *so, const int
              */
             status_printf(so, "TITLE%c%s", sep, title_string);
             status_printf(so, "TIME%c%s%c%u", sep, time_string(now, 0, false, &gc_top), sep, (unsigned int)now);
-            status_printf(so, "HEADER%cCLIENT_LIST%cCommon Name%cReal Address%cVirtual Address%cVirtual IPv6 Address%cBytes Received%cBytes Sent%cConnected Since%cConnected Since (time_t)%cUsername%cClient ID%cPeer ID",
-                          sep, sep, sep, sep, sep, sep, sep, sep, sep, sep, sep, sep);
+            status_printf(so, "HEADER%cCLIENT_LIST%cCommon Name%cReal Address%cVirtual Address%cVirtual IPv6 Address%cBytes Received%cBytes Sent%cConnected Since%cConnected Since (time_t)%cUsername%cClient ID%cPeer ID%cData Channel Cipher",
+                          sep, sep, sep, sep, sep, sep, sep, sep, sep, sep, sep, sep, sep);
             hash_iterator_init(m->hash, &hi);
             while ((he = hash_iterator_next(&hi)))
             {
@@ -956,7 +958,7 @@ multi_print_status(struct multi_context *m, struct status_output *so, const int
 #else
                                   ""
 #endif
-                                  "%c%" PRIu32,
+                                  "%c%" PRIu32 "%c%s",
                                   sep, tls_common_name(mi->context.c2.tls_multi, false),
                                   sep, mroute_addr_print(&mi->real, &gc),
                                   sep, print_in_addr_t(mi->reporting_addr, IA_EMPTY_IF_UNDEF, &gc),
@@ -971,7 +973,8 @@ multi_print_status(struct multi_context *m, struct status_output *so, const int
 #else
                                   sep,
 #endif
-                                  sep, mi->context.c2.tls_multi ? mi->context.c2.tls_multi->peer_id : UINT32_MAX);
+                                  sep, mi->context.c2.tls_multi ? mi->context.c2.tls_multi->peer_id : UINT32_MAX,
+                                  sep, translate_cipher_name_to_openvpn(mi->context.options.ciphername));
                 }
                 gc_free(&gc);
             }