{SSL3_RT_ALERT, "Alert"},
{SSL3_RT_HANDSHAKE, "Handshake"},
{SSL3_RT_APPLICATION_DATA, "ApplicationData"},
- {DTLS1_RT_HEARTBEAT, "HeartBeat"}
};
/* Handshake types */
{TLSEXT_TYPE_client_authz, "client_authz"},
{TLSEXT_TYPE_server_authz, "server_authz"},
{TLSEXT_TYPE_cert_type, "cert_type"},
- {TLSEXT_TYPE_elliptic_curves, "elliptic_curves"},
+ {TLSEXT_TYPE_key_share, "key_share"},
+ {TLSEXT_TYPE_supported_groups, "supported_groups"},
{TLSEXT_TYPE_ec_point_formats, "ec_point_formats"},
{TLSEXT_TYPE_srp, "srp"},
{TLSEXT_TYPE_signature_algorithms, "signature_algorithms"},
{TLSEXT_TYPE_use_srtp, "use_srtp"},
- {TLSEXT_TYPE_heartbeat, "heartbeat"},
{TLSEXT_TYPE_session_ticket, "session_ticket"},
{TLSEXT_TYPE_supported_versions, "supported_versions"},
{TLSEXT_TYPE_renegotiate, "renegotiate"},
{TLSEXT_TYPE_extended_master_secret, "extended_master_secret"}
};
-static ssl_trace_tbl ssl_curve_tbl[] = {
+static ssl_trace_tbl ssl_groups_tbl[] = {
{1, "sect163k1 (K-163)"},
{2, "sect163r1"},
{3, "sect163r2 (B-163)"},
{2, "peer_not_allowed_to_send"}
};
-static ssl_trace_tbl ssl_hb_type_tbl[] = {
- {1, "heartbeat_request"},
- {2, "heartbeat_response"}
-};
-
static ssl_trace_tbl ssl_ctype_tbl[] = {
{1, "rsa_sign"},
{2, "dss_sign"},
static int ssl_print_extension(BIO *bio, int indent, int server, int extype,
const unsigned char *ext, size_t extlen)
{
- size_t xlen;
+ size_t xlen, share_len;
BIO_indent(bio, indent, 80);
BIO_printf(bio, "extension_type=%s(%d), length=%d\n",
ssl_trace_str(extype, ssl_exts_tbl), extype, (int)extlen);
return 0;
return ssl_trace_list(bio, indent + 2, ext + 1, xlen, 1, ssl_point_tbl);
- case TLSEXT_TYPE_elliptic_curves:
+ case TLSEXT_TYPE_supported_groups:
if (extlen < 2)
return 0;
xlen = (ext[0] << 8) | ext[1];
if (extlen != xlen + 2)
return 0;
- return ssl_trace_list(bio, indent + 2, ext + 2, xlen, 2, ssl_curve_tbl);
+ return ssl_trace_list(bio, indent + 2, ext + 2, xlen, 2, ssl_groups_tbl);
case TLSEXT_TYPE_signature_algorithms:
break;
case TLSEXT_TYPE_heartbeat:
- if (extlen != 1)
- return 0;
- BIO_indent(bio, indent + 2, 80);
- BIO_printf(bio, "HeartbeatMode: %s\n",
- ssl_trace_str(ext[0], ssl_hb_tbl));
- break;
+ return 0;
case TLSEXT_TYPE_session_ticket:
if (extlen != 0)
ssl_print_hex(bio, indent + 4, "ticket", ext, extlen);
break;
+ case TLSEXT_TYPE_key_share:
+ if (extlen < 2)
+ return 0;
+ if (server) {
+ xlen = extlen;
+ } else {
+ xlen = (ext[0] << 8) | ext[1];
+ if (extlen != xlen + 2)
+ return 0;
+ ext += 2;
+ }
+ for (; xlen > 0; ext += share_len, xlen -= share_len) {
+ int group_id;
+
+ if (xlen < 4)
+ return 0;
+ group_id = (ext[0] << 8) | ext[1];
+ share_len = (ext[2] << 8) | ext[3];
+ ext += 4;
+ xlen -= 4;
+ if (xlen < share_len)
+ return 0;
+ BIO_indent(bio, indent + 4, 80);
+ BIO_printf(bio, "NamedGroup: %s\n",
+ ssl_trace_str(group_id, ssl_groups_tbl));
+ ssl_print_hex(bio, indent + 4, "key_exchange: ", ext, share_len);
+ }
+ break;
+
case TLSEXT_TYPE_supported_versions:
if (extlen < 1)
return 0;
return 0;
curve = (msg[1] << 8) | msg[2];
BIO_printf(bio, "named_curve: %s (%d)\n",
- ssl_trace_str(curve, ssl_curve_tbl), curve);
+ ssl_trace_str(curve, ssl_groups_tbl), curve);
msg += 3;
msglen -= 3;
if (!ssl_print_hexbuf(bio, indent + 2, "point", 1, &msg, &msglen))
return 1;
}
-static int ssl_print_heartbeat(BIO *bio, int indent,
- const unsigned char *msg, size_t msglen)
-{
- if (msglen < 3)
- return 0;
- BIO_indent(bio, indent, 80);
- BIO_printf(bio, "HeartBeatMessageType: %s\n",
- ssl_trace_str(msg[0], ssl_hb_type_tbl));
- msg++;
- msglen--;
- if (!ssl_print_hexbuf(bio, indent, "payload", 2, &msg, &msglen))
- return 0;
- ssl_print_hex(bio, indent, "padding", msg, msglen);
- return 1;
-}
-
const char *SSL_CIPHER_standard_name(const SSL_CIPHER *c)
{
return ssl_trace_str(c->id & 0xFFFF, ssl_ciphers_tbl);
SSL_alert_type_string_long(msg[0] << 8),
msg[0], SSL_alert_desc_string_long(msg[1]), msg[1]);
}
- case DTLS1_RT_HEARTBEAT:
- ssl_print_heartbeat(bio, 4, msg, msglen);
- break;
}