[ejabberd] Logging TLS version and cipher for ejabberd 15.x c2s/s2s

Jonathan Siegle jsiegle at psu.edu
Wed Jan 6 16:45:57 MSK 2016


Greetings,
 	I wish to log the TLS version(1.0,1.1,1.2) and the cipher in an 
effort to understand what XMPP clients and servers are using and what 
happens when I turn off TLS version 1 and 1.1. I would like to do it in such a fashion 
that I can pin it to a user or IP address for c2s connections and the name 
of the domain for s2s connections.


I could call syslog from the c code(/deps/p1_tls/c_src/p1_tls_drv.c) . It 
is not obvious to me that any state information is being passed into the c 
module from the erlang code (./deps/p1_tls/src/p1_tls.erl)

I'm open to ideas on where in the code to put this. Is it 
code(/deps/p1_tls/c_src/p1_tls_drv.c or
./src/ejabberd_c2s.erl or ??

The c2s log line in ejabberd.log for an accepted authentication looks 
like:
016-01-06 08:43:13.343 [info] <0.441.0>@ejabberd_listener:accept:299 
(#Port<0.1307111>) Accepted connection 128.118.57.79:35542 -> 
128.118.2.219:5222
2016-01-06 08:43:13.397 [info] 
<0.15735.60>@ejabberd_c2s:wait_for_feature_request:747 
({socket_state,p1_tls,{tlssock,#Port<0.1307111>,#Port<0.1307109>},<0.15736.60>}) 
Accepted authentication for userid by ejabberd_auth_pam from 
128.118.57.79
2016-01-06 08:43:13.401 [info] 
<0.15735.60>@ejabberd_c2s:wait_for_session:1117 
({socket_state,p1_tls,{tlssock,#Port<0.1307111>,#Port<0.1307109>},<0.15736.60>}) 
Opened session for userid at chat.aittest.psu.edu/jmslaptop


Is "(#Port<0.1307111>)" a piece of state information that may be available 
to the c source?

The s2s log line in ejabberd.log looks like:

2016-01-06 07:55:11.032 [info] 
<0.12225.60>@ejabberd_s2s_in:stream_established:514 Accepted s2s dialback 
authentication for jabber.org (TLS=true)


from ./src/ejabberd_s2s_in.erl .


Thanks,
Jonathan




More information about the ejabberd mailing list