Be more verbose when rejecting connections; including which bogus ciphersuite.

commit: 36f7934bd38f22905a9eba016885fe04856ca4d1 [log] [tgz]
author: Brad Fitzpatrick <brad@danga.com> Sat Jan 17 12:24:34 2015 -0800
committer: Brad Fitzpatrick <brad@danga.com> Sat Jan 17 12:24:34 2015 -0800
tree: fb766cf25c3b01ec8e9f71eb29d5cceaf56ce73c
parent: 76847809286eae2e2f066cd3f88c8bc960a08dbd [diff]
diff --git a/server.go b/server.go
index 7ab54f8..c719146 100644
--- a/server.go
+++ b/server.go

@@ -251,7 +251,7 @@
 			// excuses here. If we really must, we could allow an
 			// "AllowInsecureWeakCiphers" option on the server later.
 			// Let's see how it plays out first.
-			sc.rejectConn(ErrCodeInadequateSecurity, "Prohibited TLS 1.2 Cipher Suite")
+			sc.rejectConn(ErrCodeInadequateSecurity, fmt.Sprintf("Prohibited TLS 1.2 Cipher Suite: %x", sc.tlsState.CipherSuite))
 			return
 		}
 	}
@@ -287,6 +287,7 @@
 }
 
 func (sc *serverConn) rejectConn(err ErrCode, debug string) {
+	log.Printf("REJECTING conn: %v, %s", err, debug)
 	// ignoring errors. hanging up anyway.
 	sc.framer.WriteGoAway(0, err, []byte(debug))
 	sc.bw.Flush()
commit	36f7934bd38f22905a9eba016885fe04856ca4d1	[log] [tgz]
author	Brad Fitzpatrick <brad@danga.com>	Sat Jan 17 12:24:34 2015 -0800
committer	Brad Fitzpatrick <brad@danga.com>	Sat Jan 17 12:24:34 2015 -0800
tree	fb766cf25c3b01ec8e9f71eb29d5cceaf56ce73c
parent	76847809286eae2e2f066cd3f88c8bc960a08dbd [diff]