Add support to SSL_trace() for inner content types (ad5100bc) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

include/openssl/ssl3.h

+2 −1

Original line number	Original line	Diff line number	Diff line
	@@ -223,8 +223,9 @@ extern "C" {
	# define TLS1_RT_CRYPTO_IV (TLS1_RT_CRYPTO \| 0x7)		# define TLS1_RT_CRYPTO_IV (TLS1_RT_CRYPTO \| 0x7)
	# define TLS1_RT_CRYPTO_FIXED_IV (TLS1_RT_CRYPTO \| 0x8)		# define TLS1_RT_CRYPTO_FIXED_IV (TLS1_RT_CRYPTO \| 0x8)

	/* Pseudo content type for SSL/TLS header info */		/* Pseudo content types for SSL/TLS header info */
	# define SSL3_RT_HEADER 0x100		# define SSL3_RT_HEADER 0x100
			# define SSL3_RT_INNER_CONTENT_TYPE 0x101

	# define SSL3_AL_WARNING 1		# define SSL3_AL_WARNING 1
	# define SSL3_AL_FATAL 2		# define SSL3_AL_FATAL 2

+7 −0

Original line number	Original line	Diff line number	Diff line
	@@ -995,6 +995,13 @@ int do_ssl3_write(SSL s, int type, const unsigned char buf,
	s->msg_callback(1, 0, SSL3_RT_HEADER, recordstart,		s->msg_callback(1, 0, SSL3_RT_HEADER, recordstart,
	SSL3_RT_HEADER_LENGTH, s,		SSL3_RT_HEADER_LENGTH, s,
	s->msg_callback_arg);		s->msg_callback_arg);

			if (SSL_TREAT_AS_TLS13(s) && s->enc_write_ctx != NULL) {
			unsigned char ctype = type;

			s->msg_callback(1, s->version, SSL3_RT_INNER_CONTENT_TYPE,
			&ctype, 1, s, s->msg_callback_arg);
			}
	}		}

	if (!WPACKET_finish(thispkt)) {		if (!WPACKET_finish(thispkt)) {

+3 −5

Original line number	Original line	Diff line number	Diff line
	@@ -247,11 +247,6 @@ int ssl3_get_record(SSL *s)
	}		}
	} else {		} else {
	/* SSLv3+ style record */		/* SSLv3+ style record */
	/*
	* TODO(TLS1.3): This callback only provides the "outer" record
	* type to the callback. Somehow we need to pass the "inner"
	* record type
	*/
	if (s->msg_callback)		if (s->msg_callback)
	s->msg_callback(0, 0, SSL3_RT_HEADER, p, 5, s,		s->msg_callback(0, 0, SSL3_RT_HEADER, p, 5, s,
	s->msg_callback_arg);		s->msg_callback_arg);
	@@ -643,6 +638,9 @@ int ssl3_get_record(SSL *s)
	SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_BAD_RECORD_TYPE);		SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_BAD_RECORD_TYPE);
	goto f_err;		goto f_err;
	}		}
			if (s->msg_callback)
			s->msg_callback(0, s->version, SSL3_RT_INNER_CONTENT_TYPE,
			&thisrr->data[end], 1, s, s->msg_callback_arg);
	}		}

	if (thisrr->length > SSL3_RT_MAX_PLAIN_LENGTH) {		if (thisrr->length > SSL3_RT_MAX_PLAIN_LENGTH) {

+6 −0

Original line number	Original line	Diff line number	Diff line
	@@ -1494,6 +1494,12 @@ void SSL_trace(int write_p, int version, int content_type,
	msg[msglen - 2] << 8 \| msg[msglen - 1]);		msg[msglen - 2] << 8 \| msg[msglen - 1]);
	}		}
	break;		break;

			case SSL3_RT_INNER_CONTENT_TYPE:
			BIO_printf(bio, " Inner Content Type = %s (%d)",
			ssl_trace_str(msg[0], ssl_content_tbl), msg[0]);
			break;

	case SSL3_RT_HANDSHAKE:		case SSL3_RT_HANDSHAKE:
	if (!ssl_print_handshake(bio, ssl, ssl->server ? write_p : !write_p,		if (!ssl_print_handshake(bio, ssl, ssl->server ? write_p : !write_p,
	msg, msglen, 4))		msg, msglen, 4))