wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add trace support for HelloRetryRequest

Browse source 
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2341)
This commit is contained in:
Matt Caswell 2017-02-02 11:16:25 +00:00
parent aff9929b43
commit 87d70b63a5
1 changed files with 38 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

48
ssl/t1_trce.c
View file

@ -83,16 +83,17 @@ static ssl_trace_tbl ssl_handshake_tbl[] = {
{SSL3_MT_SERVER_HELLO, "ServerHello"},
{DTLS1_MT_HELLO_VERIFY_REQUEST, "HelloVerifyRequest"},
{SSL3_MT_NEWSESSION_TICKET, "NewSessionTicket"},
{SSL3_MT_HELLO_RETRY_REQUEST, "HelloRetryRequest"},
{SSL3_MT_ENCRYPTED_EXTENSIONS, "EncryptedExtensions"},
{SSL3_MT_CERTIFICATE, "Certificate"},
{SSL3_MT_SERVER_KEY_EXCHANGE, "ServerKeyExchange"},
{SSL3_MT_CERTIFICATE_REQUEST, "CertificateRequest"},
{SSL3_MT_CLIENT_KEY_EXCHANGE, "ClientKeyExchange"},
{SSL3_MT_CERTIFICATE_STATUS, "CertificateStatus"},
{SSL3_MT_SERVER_DONE, "ServerHelloDone"},
{SSL3_MT_CERTIFICATE_VERIFY, "CertificateVerify"},
{SSL3_MT_CLIENT_KEY_EXCHANGE, "ClientKeyExchange"},
{SSL3_MT_CERTIFICATE_STATUS, "CertificateStatus"},
{SSL3_MT_CLIENT_KEY_EXCHANGE, "ClientKeyExchange"},
{SSL3_MT_FINISHED, "Finished"},
{SSL3_MT_ENCRYPTED_EXTENSIONS, "EncryptedExtensions"},
{SSL3_MT_CERTIFICATE_STATUS, "CertificateStatus"}
};
@ -650,7 +651,8 @@ static int ssl_print_signature(BIO *bio, int indent, SSL *s,
return ssl_print_hexbuf(bio, indent, "Signature", 2, pmsg, pmsglen);
}
static int ssl_print_extension(BIO *bio, int indent, int server, int extype,
static int ssl_print_extension(BIO *bio, int indent, int server,
unsigned char mt, int extype,
const unsigned char *ext, size_t extlen)
{
size_t xlen, share_len;
@ -729,6 +731,17 @@ static int ssl_print_extension(BIO *bio, int indent, int server, int extype,
break;
case TLSEXT_TYPE_key_share:
if (mt == SSL3_MT_HELLO_RETRY_REQUEST) {
int group_id;
if (extlen != 2)
return 0;
group_id = (ext[0] << 8) | ext[1];
BIO_indent(bio, indent + 4, 80);
BIO_printf(bio, "NamedGroup: %s\n",
ssl_trace_str(group_id, ssl_groups_tbl));
break;
}
if (extlen < 2)
return 0;
if (server) {
@ -782,7 +795,8 @@ static int ssl_print_extension(BIO *bio, int indent, int server, int extype,
}
static int ssl_print_extensions(BIO *bio, int indent, int server,
const unsigned char **msgin, size_t *msginlen)
unsigned char mt, const unsigned char **msgin,
size_t *msginlen)
{
size_t extslen, msglen = *msginlen;
const unsigned char *msg = *msgin;
@ -808,7 +822,8 @@ static int ssl_print_extensions(BIO *bio, int indent, int server,
if (msglen < extlen + 4)
return 0;
msg += 4;
if (!ssl_print_extension(bio, indent + 2, server, extype, msg, extlen))
if (!ssl_print_extension(bio, indent + 2, server, mt, extype, msg,
extlen))
return 0;
msg += extlen;
msglen -= extlen + 4;
@ -869,7 +884,8 @@ static int ssl_print_client_hello(BIO *bio, SSL *ssl, int indent,
msglen--;
len--;
}
if (!ssl_print_extensions(bio, indent, 0, &msg, &msglen))
if (!ssl_print_extensions(bio, indent, 0, SSL3_MT_CLIENT_HELLO, &msg,
&msglen))
return 0;
return 1;
}
@ -914,7 +930,8 @@ static int ssl_print_server_hello(BIO *bio, int indent,
msg++;
msglen--;
}
if (!ssl_print_extensions(bio, indent, 1, &msg, &msglen))
if (!ssl_print_extensions(bio, indent, 1, SSL3_MT_SERVER_HELLO, &msg,
&msglen))
return 0;
return 1;
}
@ -1130,7 +1147,8 @@ static int ssl_print_certificates(BIO *bio, SSL *s, int server, int indent,
while (clen > 0) {
if (!ssl_print_certificate(bio, indent + 2, &msg, &clen))
return 0;
if (!ssl_print_extensions(bio, indent + 2, server, &msg, &clen))
if (!ssl_print_extensions(bio, indent + 2, server, SSL3_MT_CERTIFICATE,
&msg, &clen))
return 0;
}
@ -1318,8 +1336,18 @@ static int ssl_print_handshake(BIO *bio, SSL *ssl, int server,
return 0;
break;
case SSL3_MT_HELLO_RETRY_REQUEST:
if (!ssl_print_version(bio, indent + 2, "server_version", &msg, &msglen,
NULL)
|| !ssl_print_extensions(bio, indent + 2, 1,
SSL3_MT_HELLO_RETRY_REQUEST, &msg,
&msglen))
return 0;
break;
case SSL3_MT_ENCRYPTED_EXTENSIONS:
if (!ssl_print_extensions(bio, indent + 2, 1, &msg, &msglen))
if (!ssl_print_extensions(bio, indent + 2, 1,
SSL3_MT_ENCRYPTED_EXTENSIONS, &msg, &msglen))
return 0;
break;