From d235a5d2c7ad5cd7ea45c56602bbfc6cd25f2425 Mon Sep 17 00:00:00 2001
From: Kristofers Solo <dev@kristofers.xyz>
Date: Thu, 5 Feb 2026 13:09:56 +0200
Subject: [PATCH] feat(server): log negotiated cipher suite after handshake

---
 common/src/protocol.rs | 17 ++++++-----------
 runner/src/main.rs     |  3 +++
 server/src/main.rs     | 13 +++++++++----
 3 files changed, 18 insertions(+), 15 deletions(-)

diff --git a/common/src/protocol.rs b/common/src/protocol.rs
index e0468cf..bf9abfa 100644
--- a/common/src/protocol.rs
+++ b/common/src/protocol.rs
@@ -52,12 +52,7 @@ pub async fn write_request<W: AsyncWriteExt + Unpin>(writer: &mut W, size: u64)
 /// The pattern is a repeating sequence: 0x00, 0x01, ..., 0xFF, 0x00, ...
 #[must_use]
 pub fn generate_payload(size: u64) -> Vec<u8> {
-    let size = size as usize;
-    let mut payload = Vec::with_capacity(size);
-    for i in 0..size {
-        payload.push((i & 0xFF) as u8);
-    }
-    payload
+    (0..size).map(|i| (i & 0xFF) as u8).collect()
 }
 
 /// Write deterministic payload to a stream.
@@ -69,13 +64,13 @@ pub fn generate_payload(size: u64) -> Vec<u8> {
 pub async fn write_payload<W: AsyncWriteExt + Unpin>(writer: &mut W, size: u64) -> io::Result<()> {
     const CHUNK_SIZE: usize = 64 * 1024;
     let mut remaining = size as usize;
-    let mut offset = 0usize;
+    let mut offset = 0;
 
     while remaining > 0 {
         let chunk_len = remaining.min(CHUNK_SIZE);
-        let chunk: Vec<u8> = (0..chunk_len)
+        let chunk = (0..chunk_len)
             .map(|i| ((offset + i) & 0xFF) as u8)
-            .collect();
+            .collect::<Vec<_>>();
         writer.write_all(&chunk).await?;
         remaining -= chunk_len;
         offset += chunk_len;
@@ -93,8 +88,8 @@ pub async fn read_payload<R: AsyncReadExt + Unpin>(
     expected_size: u64,
 ) -> io::Result<u64> {
     const CHUNK_SIZE: usize = 64 * 1024;
-    let mut buf = vec![0u8; CHUNK_SIZE];
-    let mut total_read = 0u64;
+    let mut buf = vec![0; CHUNK_SIZE];
+    let mut total_read = 0;
 
     while total_read < expected_size {
         let to_read = ((expected_size - total_read) as usize).min(CHUNK_SIZE);
diff --git a/runner/src/main.rs b/runner/src/main.rs
index 4c461bf..79ad0d9 100644
--- a/runner/src/main.rs
+++ b/runner/src/main.rs
@@ -165,6 +165,9 @@ async fn run_iteration(
         .await
         .map_err(|e| miette!("TLS handshake failed: {e}"))?;
 
+    let (_, conn) = tls_stream.get_ref();
+    info!(cipher = ?conn.negotiated_cipher_suite(), "connection established");
+
     let handshake_ns = start.elapsed().as_nanos() as u64;
 
     write_request(&mut tls_stream, u64::from(payload_bytes))
diff --git a/server/src/main.rs b/server/src/main.rs
index b8b9011..4cc8f1e 100644
--- a/server/src/main.rs
+++ b/server/src/main.rs
@@ -78,19 +78,24 @@ async fn handle_connection(stream: TcpStream, peer: SocketAddr, tls_config: Arc<
     let start_handshake = match acceptor.await {
         Ok(sh) => sh,
         Err(e) => {
-            warn!(peer = %peer, error = %e, "TLS accept error");
-            return;
+            return warn!(peer = %peer, error = %e, "TLS accept error");
         }
     };
 
     let mut tls_stream = match start_handshake.into_stream(tls_config).await {
         Ok(s) => s,
         Err(e) => {
-            warn!(peer = %peer, error = %e, "TLS handshake error");
-            return;
+            return warn!(peer = %peer, error = %e, "TLS handshake error");
         }
     };
 
+    let (_, conn) = tls_stream.get_ref();
+    info!(
+        cipher = ?conn.negotiated_cipher_suite(),
+        version = ?conn.protocol_version(),
+        "connection established"
+    );
+
     loop {
         let payload_size = match read_request(&mut tls_stream).await {
             Ok(size) => size,