Ensure that the -trace option can interpret the supported_versions extension
authorMatt Caswell <matt@openssl.org>
Fri, 21 Oct 2016 22:41:18 +0000 (23:41 +0100)
committerMatt Caswell <matt@openssl.org>
Wed, 9 Nov 2016 16:03:08 +0000 (16:03 +0000)
Reviewed-by: Rich Salz <rsalz@openssl.org>
ssl/t1_trce.c

index d8ad103..a1157e2 100644 (file)
@@ -453,6 +453,7 @@ static ssl_trace_tbl ssl_exts_tbl[] = {
     {TLSEXT_TYPE_use_srtp, "use_srtp"},
     {TLSEXT_TYPE_heartbeat, "heartbeat"},
     {TLSEXT_TYPE_session_ticket, "session_ticket"},
+    {TLSEXT_TYPE_supported_versions, "supported_versions"},
     {TLSEXT_TYPE_renegotiate, "renegotiate"},
 # ifndef OPENSSL_NO_NEXTPROTONEG
     {TLSEXT_TYPE_next_proto_neg, "next_proto_neg"},
@@ -564,6 +565,15 @@ static ssl_trace_tbl ssl_crypto_tbl[] = {
     {TLS1_RT_CRYPTO_FIXED_IV | TLS1_RT_CRYPTO_READ, "Read IV (fixed part)"}
 };
 
+static ssl_trace_tbl ssl_supp_versions_tbl[] = {
+    {SSL3_VERSION, "SSLv3"},
+    {TLS1_VERSION, "TLSv1.0"},
+    {TLS1_1_VERSION, "TLSv1.1"},
+    {TLS1_2_VERSION, "TLSv1.2"},
+    {TLS1_3_VERSION, "TLSv1.3"},
+    {TLS1_3_VERSION_DRAFT, "TLSv1.3 draft 17"}
+};
+
 static void ssl_print_hex(BIO *bio, int indent, const char *name,
                           const unsigned char *msg, size_t msglen)
 {
@@ -727,6 +737,15 @@ static int ssl_print_extension(BIO *bio, int indent, int server, int extype,
             ssl_print_hex(bio, indent + 4, "ticket", ext, extlen);
         break;
 
+    case TLSEXT_TYPE_supported_versions:
+        if (extlen < 1)
+            return 0;
+        xlen = ext[0];
+        if (extlen != xlen + 1)
+            return 0;
+        return ssl_trace_list(bio, indent + 2, ext + 1, xlen, 2,
+                              ssl_supp_versions_tbl);
+
     default:
         BIO_dump_indent(bio, (const char *)ext, extlen, indent + 2);
     }