openssl: info log with cipher details and tls version

lib/tls/openssl/openssl-client.c

@@ -21,6 +21,8 @@
 
 #include "core/private.h"
 
+int lws_openssl_describe_cipher(struct lws *wsi);
+
 extern int openssl_websocket_private_data_index,
     openssl_SSL_CTX_private_data_index;
 
@@ -250,6 +252,7 @@ lws_tls_client_connect(struct lws *wsi)
 		lws_role_call_alpn_negotiated(wsi, (const char *)a);
 #endif
 		lwsl_info("client connect OK\n");
+		lws_openssl_describe_cipher(wsi);
 		return LWS_SSL_CAPABLE_DONE;
 	}
 

lib/tls/openssl/openssl-server.c

@@ -24,6 +24,8 @@
 extern int openssl_websocket_private_data_index,
 	   openssl_SSL_CTX_private_data_index;
 
+int lws_openssl_describe_cipher(struct lws *wsi);
+
 static int
 OpenSSL_verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx)
 {
@@ -479,6 +481,9 @@ lws_tls_server_accept(struct lws *wsi)
 				    __func__, ir.ns.name);
 		else
 			lwsl_info("%s: couldn't get client cert CN\n", __func__);
+
+		lws_openssl_describe_cipher(wsi);
+
 		return LWS_SSL_CAPABLE_DONE;
 	}
 

lib/tls/openssl/ssl.c

@@ -25,6 +25,21 @@
 int openssl_websocket_private_data_index,
 	   openssl_SSL_CTX_private_data_index;
 
+int lws_openssl_describe_cipher(struct lws *wsi)
+{
+#if !defined(LWS_WITH_NO_LOGS)
+	int np = -1;
+	SSL *s = wsi->tls.ssl;
+
+	SSL_get_cipher_bits(s, &np);
+	lwsl_info("%s: wsi %p: %s, %s, %d bits, %s\n", __func__, wsi,
+			SSL_get_cipher_name(s), SSL_get_cipher(s), np,
+			SSL_get_cipher_version(s));
+#endif
+
+	return 0;
+}
+
 int lws_ssl_get_error(struct lws *wsi, int n)
 {
 	int m;