From ebe33dbfab2b86ae08bb6cd5e109574e2113c45e Mon Sep 17 00:00:00 2001
From: William Pitcock <nenolod@dereferenced.org>
Date: Fri, 11 Dec 2015 08:19:50 -0600
Subject: [PATCH] sslproc: set Client.localClient.cipher_string if sent by ssld

---
 include/client.h |  1 +
 src/sslproc.c    | 29 +++++++++++++++++++++++++++++
 2 files changed, 30 insertions(+)

diff --git a/include/client.h b/include/client.h
index 30116b47c..650f58105 100644
--- a/include/client.h
+++ b/include/client.h
@@ -228,6 +228,7 @@ struct LocalUser
 	char *opername; /* name of operator{} block being used or tried (challenge) */
 	char *challenge;
 	char *fullcaps;
+	char *cipher_string;
 
 	int caps;		/* capabilities bit-field */
 	rb_fde_t *F;		/* >= 0, for local clients */
diff --git a/src/sslproc.c b/src/sslproc.c
index 9fb5147cc..0aec7a3d5 100644
--- a/src/sslproc.c
+++ b/src/sslproc.c
@@ -384,6 +384,32 @@ ssl_process_dead_fd(ssl_ctl_t * ctl, ssl_ctl_buf_t * ctl_buf)
 	exit_client(client_p, client_p, &me, reason);
 }
 
+
+static void
+ssl_process_cipher_string(ssl_ctl_t *ctl, ssl_ctl_buf_t *ctl_buf)
+{
+	struct Client *client_p;
+	const char *cstring;
+	uint32_t fd;
+
+	if(ctl_buf->buflen < 6)
+		return;         /* bogus message..drop it.. XXX should warn here */
+
+	fd = buf_to_uint32(&ctl_buf->buf[1]);
+	cstring = (const char *)&ctl_buf->buf[5];
+
+	if(EmptyString(cstring))
+		return;
+
+	client_p = find_cli_fd_hash(fd);
+	if(client_p != NULL && client_p->localClient != NULL)
+	{
+		rb_free(client_p->localClient->cipher_string);
+		client_p->localClient->cipher_string = rb_strdup(cstring);
+	}
+}
+
+
 static void
 ssl_process_certfp(ssl_ctl_t * ctl, ssl_ctl_buf_t * ctl_buf)
 {
@@ -431,6 +457,9 @@ ssl_process_cmd_recv(ssl_ctl_t * ctl)
 		case 'D':
 			ssl_process_dead_fd(ctl, ctl_buf);
 			break;
+		case 'C':
+			ssl_process_cipher_string(ctl, ctl_buf);
+			break;
 		case 'F':
 			ssl_process_certfp(ctl, ctl_buf);
 			break;