#!/usr/sbin/dtrace -s #pragma D option quiet BEGIN { log = $2; } pid$1::ssl2_*:entry, pid$1::ssl_GatherRecord1stHandshake:entry, pid$1::sendRSAClientKeyExchange:entry, pid$1::sendDHClientKeyExchange:entry, pid$1::ssl3_*:entry, pid$1::SSL3_*:entry / log == "log=verbose" / { printf("t@%d: %-20Y: Entered %s ...\n", tid, walltimestamp, probefunc); @count_table[probefunc] = count() ; } pid$1::*Listen*accept*:entry { printf("t@%d: %-20Y: ListenSocket::accept called\n ", tid, walltimestamp); } pid$1::*HttpRequest*UnacceleratedRespond*:entry { /* strcpy(rqSn.sn.inbuf->address, clientIP) */ self->getClientIP = 1; } pid$1::strcpy:entry / self->getClientIP == 1 / { self->ip = copyinstr(arg0); self->getClientIP = 0; } pid$1::*Connection*create*:entry { self->connection = arg0; } pid$1::*Connection*create*:return { self->ip = copyinstr(self->connection+8+112+112); printf("t@%d: %-20Y: %s Connection created\n", tid, walltimestamp, self->ip); } pid$1::SSL_SecurityStatus:entry { self->getPblock = 1; /* first pblock call in this function is setting cipher */ } pid$1::*pblock_kvinsert:entry / self->getPblock == 1 / { self->getPblock = 0; self->cipher = copyinstr(arg1); printf("t@%d: %-20Y: %s Negotiated cipher %s\n", tid, walltimestamp, (self->ip != 0? self->ip : ""), (self->cipher != 0? self->cipher : "")); @count_cipher_freq[(self->cipher != 0?self->cipher:" ")] = count(); } END { printf("SSL Functions Called\n"); printf("--------------------\n"); printf("%-10s %-25s\n", "count", "Function"); printa("%@-10u %-25s\n", @count_table); printf("SSL Ciphers used\n"); printf("--------------------\n"); printf("%-10s %-25s\n", "count", "cipher suite"); printa("%@-10u %-25s\n", @count_cipher_freq); }