+ if (rl->msg_callback != NULL) {
+ unsigned char dummyrec[SSL3_RT_HEADER_LENGTH];
+
+ /*
+ * For the purposes of the callback we "pretend" to be normal TLS,
+ * and manufacture a dummy record header
+ */
+ dummyrec[0] = (rl->level == OSSL_RECORD_PROTECTION_LEVEL_NONE)
+ ? template->type
+ : SSL3_RT_APPLICATION_DATA;
+ dummyrec[1] = (unsigned char)((template->version >> 8) & 0xff);
+ dummyrec[2] = (unsigned char)(template->version & 0xff);
+ /*
+ * We assume that buflen is always <= UINT16_MAX. Since this is
+ * generated by libssl itself we actually expect it to never
+ * exceed SSL3_RT_MAX_PLAIN_LENGTH - so it should be a safe
+ * assumption
+ */
+ dummyrec[3] = (unsigned char)((template->buflen >> 8) & 0xff);
+ dummyrec[4] = (unsigned char)(template->buflen & 0xff);
+
+ rl->msg_callback(1, TLS1_3_VERSION, SSL3_RT_HEADER, dummyrec,
+ SSL3_RT_HEADER_LENGTH, rl->cbarg);
+
+ if (rl->level != OSSL_RECORD_PROTECTION_LEVEL_NONE) {
+ rl->msg_callback(1, TLS1_3_VERSION, SSL3_RT_INNER_CONTENT_TYPE,
+ &template->type, 1, rl->cbarg);
+ }
+ }
+