rgw::io::add_conlen_controlling(
&real_client))));
RGWRestfulIO client(cct, &real_client_io);
+ // getting ssl_cipher and tls_version
+ if(is_ssl) {
+ ceph_assert(typeid(Stream) == typeid(boost::asio::ssl::stream<tcp::socket&>));
+ const SSL * native_handle = reinterpret_cast<const SSL *>(stream.native_handle());
+ const auto ssl_cipher = SSL_CIPHER_get_name(SSL_get_current_cipher(native_handle));
+ const auto tls_version = SSL_get_version(native_handle);
+ auto& client_env = client.get_env();
+ client_env.set("SSL_CIPHER", ssl_cipher);
+ client_env.set("TLS_VERSION", tls_version);
+ }
optional_yield y = null_yield;
if (cct->_conf->rgw_beast_enable_async) {
y = optional_yield{yield};
switch (conf.logging_type) {
case LoggingType::Standard:
- record = fmt::format("{} {} [{:%d/%b/%Y:%H:%M:%S %z}] {} {} {} {} {} \"{} {}{}{} HTTP/1.1\" {} {} {} {} {} {} {} {} {} {} {} {} {} {} {} {} {}",
+ record = fmt::format("{} {} [{:%d/%b/%Y:%H:%M:%S %z}] {} {} {} {} {} \"{} {}{}{} HTTP/1.1\" {} {} {} {} {} {} {} \"{}\" {} {} {} {} {} {} {} {} {}",
dash_if_empty(bucket_owner),
dash_if_empty(bucket_name),
t,
- "-", // no requester IP
+ s->info.env->get("REMOTE_ADDR", "-"),
dash_if_empty(user_or_account),
dash_if_empty(s->req_id),
op_name,
dash_if_empty_or_null(obj, obj->get_instance()),
s->info.x_meta_map.contains("x-amz-id-2") ? s->info.x_meta_map.at("x-amz-id-2") : "-",
aws_version,
- "-", // TODO: SSL cipher. e.g. "ECDHE-RSA-AES128-GCM-SHA256"
+ s->info.env->get("SSL_CIPHER", "-"),
auth_type,
dash_if_empty(fqdn),
- "-", // TODO: TLS version. e.g. "TLSv1.2" or "TLSv1.3"
+ s->info.env->get("TLS_VERSION", "-"),
"-", // no access point ARN
(s->has_acl_header) ? "Yes" : "-");
break;
projects / ceph-ci.git / commitdiff