send out the raw SSL/TLS headers to the msg_callback and display them in SSL_trace

diff --git a/ssl/s23_clnt.c b/ssl/s23_clnt.c
index 20a8b3ba5ca42fc3d0924181829d3c0a2985a0b4..2c38b1a76a676e541fe5570c2925443884b5794a 100644 (file)
--- a/ssl/s23_clnt.c
+++ b/ssl/s23_clnt.c
@@ -587,7 +587,10 @@ static int ssl23_client_hello(SSL *s)
                if (ssl2_compat)
                        s->msg_callback(1, SSL2_VERSION, 0, s->init_buf->data+2, ret-2, s, s->msg_callback_arg);
                else
                if (ssl2_compat)
                        s->msg_callback(1, SSL2_VERSION, 0, s->init_buf->data+2, ret-2, s, s->msg_callback_arg);
                else

+                       {
+                       s->msg_callback(1, version, SSL3_RT_HEADER, s->init_buf->data, 5, s, s->msg_callback_arg);

                        s->msg_callback(1, version, SSL3_RT_HANDSHAKE, s->init_buf->data+5, ret-5, s, s->msg_callback_arg);
                        s->msg_callback(1, version, SSL3_RT_HANDSHAKE, s->init_buf->data+5, ret-5, s, s->msg_callback_arg);

+                       }

                }
 
        return ret;
                }
 
        return ret;


@@ -743,7 +746,10 @@ static int ssl23_get_server_hello(SSL *s)
                                }
                        
                        if (s->msg_callback)
                                }
                        
                        if (s->msg_callback)

+                               {
+                               s->msg_callback(0, s->version, SSL3_RT_HEADER, p, 5, s, s->msg_callback_arg);

                                s->msg_callback(0, s->version, SSL3_RT_ALERT, p+5, 2, s, s->msg_callback_arg);
                                s->msg_callback(0, s->version, SSL3_RT_ALERT, p+5, 2, s, s->msg_callback_arg);

+                               }

 
                        s->rwstate=SSL_NOTHING;
                        SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_AD_REASON_OFFSET+p[6]);
 
                        s->rwstate=SSL_NOTHING;
                        SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_AD_REASON_OFFSET+p[6]);

diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index dca345865a10a5fae10741e009676731181fc60d..4299af1e7cccf343d6ec8eb26f041514588306e1 100644 (file)
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -321,6 +321,8 @@ again:
                s->rstate=SSL_ST_READ_BODY;
 
                p=s->packet;
                s->rstate=SSL_ST_READ_BODY;
 
                p=s->packet;

+               if (s->msg_callback)
+                       s->msg_callback(0, 0, SSL3_RT_HEADER, p, 5, s, s->msg_callback_arg);

 
                /* Pull apart the header into the SSL3_RECORD */
                rr->type= *(p++);
 
                /* Pull apart the header into the SSL3_RECORD */
                rr->type= *(p++);


@@ -822,6 +824,9 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
        /* record length after mac and block padding */
        s2n(wr->length,plen);
 
        /* record length after mac and block padding */
        s2n(wr->length,plen);
 

+       if (s->msg_callback)
+               s->msg_callback(1, 0, SSL3_RT_HEADER, plen - 5, 5, s, s->msg_callback_arg);
+

        /* we should now have
         * wr->data pointing to the encrypted data, which is
         * wr->length long */
        /* we should now have
         * wr->data pointing to the encrypted data, which is
         * wr->length long */

diff --git a/ssl/ssl3.h b/ssl/ssl3.h
index b0b6539d5e55930ff4090f917ea82839e737b032..d2a5208824933baca05a0163809d017f6dc6cbcf 100644 (file)
--- a/ssl/ssl3.h
+++ b/ssl/ssl3.h
@@ -338,6 +338,9 @@ extern "C" {
 #define TLS1_RT_CRYPTO_IV              (TLS1_RT_CRYPTO | 0x7)
 #define TLS1_RT_CRYPTO_FIXED_IV                (TLS1_RT_CRYPTO | 0x8)
 
 #define TLS1_RT_CRYPTO_IV              (TLS1_RT_CRYPTO | 0x7)
 #define TLS1_RT_CRYPTO_FIXED_IV                (TLS1_RT_CRYPTO | 0x8)
 

+/* Pseudo content type for SSL/TLS header info */
+#define SSL3_RT_HEADER                 0x100
+

 #define SSL3_AL_WARNING                        1
 #define SSL3_AL_FATAL                  2
 
 #define SSL3_AL_WARNING                        1
 #define SSL3_AL_FATAL                  2
 

diff --git a/ssl/t1_trce.c b/ssl/t1_trce.c
index f3a2352949b782c1c93eea9f30449a5ba36285d5..b8651641a36d2318574b7f6ebbd834f169b1f312 100644 (file)
--- a/ssl/t1_trce.c
+++ b/ssl/t1_trce.c
@@ -1224,18 +1224,19 @@ void SSL_trace(int write_p, int version, int content_type,
                                msg, msglen);
                return;
                }
                                msg, msglen);
                return;
                }

-
-       BIO_printf(bio, "%s Record: Version = %s (0x%x)",
-                               write_p ? "Sent" : "Received",
-                               ssl_trace_str(version, ssl_version_tbl),
-                               version);
-       BIO_printf(bio, " Length=%d\n", (int)msglen);
-       BIO_printf(bio, "  Content Type = %s (%d)\n",
-                               ssl_trace_str(content_type, ssl_content_tbl),
-                               content_type);
-

        switch (content_type)
                {
        switch (content_type)
                {

+       case SSL3_RT_HEADER:
+               {
+               int hvers = msg[1] << 8 | msg[2];
+               BIO_puts(bio, write_p ? "Sent" : "Received");
+               BIO_printf(bio, " Record\nHeader:\n  Version = %s (0x%x)\n",
+                               ssl_trace_str(hvers, ssl_version_tbl), hvers);
+               BIO_printf(bio, "  Content Type = %s (%d)\n  Length = %d",
+                               ssl_trace_str(msg[0], ssl_content_tbl), msg[0],
+                               msg[3] << 8 | msg[4]);
+               }
+               break;

        case SSL3_RT_HANDSHAKE:
                if (!ssl_print_handshake(bio, ssl, msg, msglen, 4))
                        BIO_printf(bio, "Message length parse error!\n");
        case SSL3_RT_HANDSHAKE:
                if (!ssl_print_handshake(bio, ssl, msg, msglen, 4))
                        BIO_printf(bio, "Message length parse error!\n");