X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=apps%2Fs_cb.c;h=141c222895206400b9880e6d1d75513094e59685;hp=c4f55122477a399e6241b60303eabef2f1af40e6;hb=d0595f170c225b918a980f49c5d16ec53545a6ad;hpb=cba9ffc32a68586ff00c1770df1a516bebf992d2

diff --git a/apps/s_cb.c b/apps/s_cb.c
index c4f5512247..141c222895 100644
--- a/apps/s_cb.c
+++ b/apps/s_cb.c
@@ -278,6 +278,88 @@ int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key)
 	return 1;
 	}
 
+int ssl_print_sigalgs(BIO *out, SSL *s)
+	{
+	int i, nsig;
+	nsig = SSL_get_sigalgs(s, -1, NULL, NULL, NULL, NULL, NULL);
+	if (nsig == 0)
+		return 1;
+
+	BIO_puts(out, "Signature Algorithms: ");
+	for (i = 0; i < nsig; i++)
+		{
+		int hash_nid, sign_nid;
+		unsigned char rhash, rsign;
+		const char *sstr = NULL;
+		SSL_get_sigalgs(s, i, &sign_nid, &hash_nid, NULL,
+							&rsign, &rhash);
+		if (i)
+			BIO_puts(out, ":");
+		if (sign_nid == EVP_PKEY_RSA)
+			sstr = "RSA";
+		else if(sign_nid == EVP_PKEY_DSA)
+			sstr = "DSA";
+		else if(sign_nid == EVP_PKEY_EC)
+			sstr = "ECDSA";
+		if (sstr)
+			BIO_printf(out,"%s+", sstr);
+		else
+			BIO_printf(out,"0x%02X+", (int)rsign);
+		if (hash_nid != NID_undef)
+			BIO_printf(out, "%s", OBJ_nid2sn(hash_nid));
+		else
+			BIO_printf(out,"0x%02X", (int)rhash);
+		}
+	BIO_puts(out, "\n");
+	return 1;
+	}
+
+int ssl_print_curves(BIO *out, SSL *s)
+	{
+	int i, ncurves, *curves, nid;
+	const char *cname;
+	ncurves = SSL_get1_curves(s, NULL);
+	if (ncurves <= 0)
+		return 1;
+	curves = OPENSSL_malloc(ncurves * sizeof(int));
+	SSL_get1_curves(s, curves);
+
+	BIO_puts(out, "Supported Elliptic Curves: ");
+	for (i = 0; i < ncurves; i++)
+		{
+		if (i)
+			BIO_puts(out, ":");
+		nid = curves[i];
+		/* If unrecognised print out hex version */
+		if (nid & TLSEXT_nid_unknown)
+			BIO_printf(out, "0x%04X", nid & 0xFFFF);
+		else
+			{
+			/* Use NIST name for curve if it exists */
+			cname = EC_curve_nid2nist(nid);
+			if (!cname)
+				cname = OBJ_nid2sn(nid);
+			BIO_printf(out, "%s", cname);
+			}
+		}
+	BIO_puts(out, "\nShared Elliptic curves: ");
+	OPENSSL_free(curves);
+	ncurves = SSL_get_shared_curve(s, -1);
+	for (i = 0; i < ncurves; i++)
+		{
+		if (i)
+			BIO_puts(out, ":");
+		nid = SSL_get_shared_curve(s, i);
+		cname = EC_curve_nid2nist(nid);
+		if (!cname)
+			cname = OBJ_nid2sn(nid);
+		BIO_printf(out, "%s", cname);
+		}
+	BIO_puts(out, "\n");
+	return 1;
+	}
+
+
 long MS_CALLBACK bio_dump_callback(BIO *bio, int cmd, const char *argp,
 				   int argi, long argl, long ret)
 	{
@@ -357,6 +439,12 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *
 	case TLS1_VERSION:
 		str_version = "TLS 1.0 ";
 		break;
+	case TLS1_1_VERSION:
+		str_version = "TLS 1.1 ";
+		break;
+	case TLS1_2_VERSION:
+		str_version = "TLS 1.2 ";
+		break;
 	case DTLS1_VERSION:
 		str_version = "DTLS 1.0 ";
 		break;
@@ -549,6 +637,9 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *
 				case 114:
 					str_details2 = " bad_certificate_hash_value";
 					break;
+				case 115:
+					str_details2 = " unknown_psk_identity";
+					break;
 					}
 				}
 			}
@@ -597,6 +688,26 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *
 					}
 				}
 			}
+
+#ifndef OPENSSL_NO_HEARTBEATS
+		if (content_type == 24) /* Heartbeat */
+			{
+			str_details1 = ", Heartbeat";
+			
+			if (len > 0)
+				{
+				switch (((const unsigned char*)buf)[0])
+					{
+				case 1:
+					str_details1 = ", HeartbeatRequest";
+					break;
+				case 2:
+					str_details1 = ", HeartbeatResponse";
+					break;
+					}
+				}
+			}
+#endif
 		}
 
 	BIO_printf(bio, "%s %s%s [length %04lx]%s%s\n", str_write_p, str_version, str_content_type, (unsigned long)len, str_details1, str_details2);
@@ -657,6 +768,22 @@ void MS_CALLBACK tlsext_cb(SSL *s, int client_server, int type,
 		extname = "status request";
 		break;
 
+		case TLSEXT_TYPE_user_mapping:
+		extname = "user mapping";
+		break;
+
+		case TLSEXT_TYPE_client_authz:
+		extname = "client authz";
+		break;
+
+		case TLSEXT_TYPE_server_authz:
+		extname = "server authz";
+		break;
+
+		case TLSEXT_TYPE_cert_type:
+		extname = "cert type";
+		break;
+
 		case TLSEXT_TYPE_elliptic_curves:
 		extname = "elliptic curves";
 		break;
@@ -665,12 +792,28 @@ void MS_CALLBACK tlsext_cb(SSL *s, int client_server, int type,
 		extname = "EC point formats";
 		break;
 
+		case TLSEXT_TYPE_srp:
+		extname = "SRP";
+		break;
+
+		case TLSEXT_TYPE_signature_algorithms:
+		extname = "signature algorithms";
+		break;
+
+		case TLSEXT_TYPE_use_srtp:
+		extname = "use SRTP";
+		break;
+
+		case TLSEXT_TYPE_heartbeat:
+		extname = "heartbeat";
+		break;
+
 		case TLSEXT_TYPE_session_ticket:
-		extname = "server ticket";
+		extname = "session ticket";
 		break;
 
-		case TLSEXT_TYPE_renegotiate:
-		extname = "renegotiate";
+		case TLSEXT_TYPE_renegotiate: 
+		extname = "renegotiation info";
 		break;
 
 #ifdef TLSEXT_TYPE_opaque_prf_input
@@ -678,6 +821,11 @@ void MS_CALLBACK tlsext_cb(SSL *s, int client_server, int type,
 		extname = "opaque PRF input";
 		break;
 #endif
+#ifdef TLSEXT_TYPE_next_proto_neg
+		case TLSEXT_TYPE_next_proto_neg:
+		extname = "next protocol";
+		break;
+#endif
 
 		default:
 		extname = "unknown";