| OLD | NEW |
|---|
| (Empty) | |
| 1 /* |
| 2 * Functions to trace SSL protocol behavior in DEBUG builds. |
| 3 * |
| 4 * ***** BEGIN LICENSE BLOCK ***** |
| 5 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
| 6 * |
| 7 * The contents of this file are subject to the Mozilla Public License Version |
| 8 * 1.1 (the "License"); you may not use this file except in compliance with |
| 9 * the License. You may obtain a copy of the License at |
| 10 * http://www.mozilla.org/MPL/ |
| 11 * |
| 12 * Software distributed under the License is distributed on an "AS IS" basis, |
| 13 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License |
| 14 * for the specific language governing rights and limitations under the |
| 15 * License. |
| 16 * |
| 17 * The Original Code is the Netscape security libraries. |
| 18 * |
| 19 * The Initial Developer of the Original Code is |
| 20 * Netscape Communications Corporation. |
| 21 * Portions created by the Initial Developer are Copyright (C) 1994-2000 |
| 22 * the Initial Developer. All Rights Reserved. |
| 23 * |
| 24 * Contributor(s): |
| 25 * |
| 26 * Alternatively, the contents of this file may be used under the terms of |
| 27 * either the GNU General Public License Version 2 or later (the "GPL"), or |
| 28 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), |
| 29 * in which case the provisions of the GPL or the LGPL are applicable instead |
| 30 * of those above. If you wish to allow use of your version of this file only |
| 31 * under the terms of either the GPL or the LGPL, and not to allow others to |
| 32 * use your version of this file under the terms of the MPL, indicate your |
| 33 * decision by deleting the provisions above and replace them with the notice |
| 34 * and other provisions required by the GPL or the LGPL. If you do not delete |
| 35 * the provisions above, a recipient may use your version of this file under |
| 36 * the terms of any one of the MPL, the GPL or the LGPL. |
| 37 * |
| 38 * ***** END LICENSE BLOCK ***** */ |
| 39 /* $Id: ssltrace.c,v 1.4 2007/01/31 04:20:26 nelson%bolyard.com Exp $ */ |
| 40 #include <stdarg.h> |
| 41 #include "cert.h" |
| 42 #include "ssl.h" |
| 43 #include "sslimpl.h" |
| 44 #include "sslproto.h" |
| 45 #include "prprf.h" |
| 46 |
| 47 #if defined(DEBUG) || defined(TRACE) |
| 48 static const char *hex = "0123456789abcdef"; |
| 49 |
| 50 static const char printable[257] = { |
| 51 "................" /* 0x */ |
| 52 "................" /* 1x */ |
| 53 " !\"#$%&'()*+,-./" /* 2x */ |
| 54 "0123456789:;<=>?" /* 3x */ |
| 55 "@ABCDEFGHIJKLMNO" /* 4x */ |
| 56 "PQRSTUVWXYZ[\\]^_" /* 5x */ |
| 57 "`abcdefghijklmno" /* 6x */ |
| 58 "pqrstuvwxyz{|}~." /* 7x */ |
| 59 "................" /* 8x */ |
| 60 "................" /* 9x */ |
| 61 "................" /* ax */ |
| 62 "................" /* bx */ |
| 63 "................" /* cx */ |
| 64 "................" /* dx */ |
| 65 "................" /* ex */ |
| 66 "................" /* fx */ |
| 67 }; |
| 68 |
| 69 void ssl_PrintBuf(sslSocket *ss, const char *msg, const void *vp, int len) |
| 70 { |
| 71 const unsigned char *cp = (const unsigned char *)vp; |
| 72 char buf[80]; |
| 73 char *bp; |
| 74 char *ap; |
| 75 |
| 76 if (ss) { |
| 77 SSL_TRACE(("%d: SSL[%d]: %s [Len: %d]", SSL_GETPID(), ss->fd, |
| 78 msg, len)); |
| 79 } else { |
| 80 SSL_TRACE(("%d: SSL: %s [Len: %d]", SSL_GETPID(), msg, len)); |
| 81 } |
| 82 memset(buf, ' ', sizeof buf); |
| 83 bp = buf; |
| 84 ap = buf + 50; |
| 85 while (--len >= 0) { |
| 86 unsigned char ch = *cp++; |
| 87 *bp++ = hex[(ch >> 4) & 0xf]; |
| 88 *bp++ = hex[ch & 0xf]; |
| 89 *bp++ = ' '; |
| 90 *ap++ = printable[ch]; |
| 91 if (ap - buf >= 66) { |
| 92 *ap = 0; |
| 93 SSL_TRACE((" %s", buf)); |
| 94 memset(buf, ' ', sizeof buf); |
| 95 bp = buf; |
| 96 ap = buf + 50; |
| 97 } |
| 98 } |
| 99 if (bp > buf) { |
| 100 *ap = 0; |
| 101 SSL_TRACE((" %s", buf)); |
| 102 } |
| 103 } |
| 104 |
| 105 #define LEN(cp) (((cp)[0] << 8) | ((cp)[1])) |
| 106 |
| 107 static void PrintType(sslSocket *ss, char *msg) |
| 108 { |
| 109 if (ss) { |
| 110 SSL_TRACE(("%d: SSL[%d]: dump-msg: %s", SSL_GETPID(), ss->fd, |
| 111 msg)); |
| 112 } else { |
| 113 SSL_TRACE(("%d: SSL: dump-msg: %s", SSL_GETPID(), msg)); |
| 114 } |
| 115 } |
| 116 |
| 117 static void PrintInt(sslSocket *ss, char *msg, unsigned v) |
| 118 { |
| 119 if (ss) { |
| 120 SSL_TRACE(("%d: SSL[%d]: %s=%u", SSL_GETPID(), ss->fd, |
| 121 msg, v)); |
| 122 } else { |
| 123 SSL_TRACE(("%d: SSL: %s=%u", SSL_GETPID(), msg, v)); |
| 124 } |
| 125 } |
| 126 |
| 127 /* PrintBuf is just like ssl_PrintBuf above, except that: |
| 128 * a) It prefixes each line of the buffer with "XX: SSL[xxx] " |
| 129 * b) It dumps only hex, not ASCII. |
| 130 */ |
| 131 static void PrintBuf(sslSocket *ss, char *msg, unsigned char *cp, int len) |
| 132 { |
| 133 char buf[80]; |
| 134 char *bp; |
| 135 |
| 136 if (ss) { |
| 137 SSL_TRACE(("%d: SSL[%d]: %s [Len: %d]", |
| 138 SSL_GETPID(), ss->fd, msg, len)); |
| 139 } else { |
| 140 SSL_TRACE(("%d: SSL: %s [Len: %d]", |
| 141 SSL_GETPID(), msg, len)); |
| 142 } |
| 143 bp = buf; |
| 144 while (--len >= 0) { |
| 145 unsigned char ch = *cp++; |
| 146 *bp++ = hex[(ch >> 4) & 0xf]; |
| 147 *bp++ = hex[ch & 0xf]; |
| 148 *bp++ = ' '; |
| 149 if (bp + 4 > buf + 50) { |
| 150 *bp = 0; |
| 151 if (ss) { |
| 152 SSL_TRACE(("%d: SSL[%d]: %s", |
| 153 SSL_GETPID(), ss->fd, buf)); |
| 154 } else { |
| 155 SSL_TRACE(("%d: SSL: %s", SSL_GETPID(), buf)); |
| 156 } |
| 157 bp = buf; |
| 158 } |
| 159 } |
| 160 if (bp > buf) { |
| 161 *bp = 0; |
| 162 if (ss) { |
| 163 SSL_TRACE(("%d: SSL[%d]: %s", |
| 164 SSL_GETPID(), ss->fd, buf)); |
| 165 } else { |
| 166 SSL_TRACE(("%d: SSL: %s", SSL_GETPID(), buf)); |
| 167 } |
| 168 } |
| 169 } |
| 170 |
| 171 void ssl_DumpMsg(sslSocket *ss, unsigned char *bp, unsigned len) |
| 172 { |
| 173 switch (bp[0]) { |
| 174 case SSL_MT_ERROR: |
| 175 PrintType(ss, "Error"); |
| 176 PrintInt(ss, "error", LEN(bp+1)); |
| 177 break; |
| 178 |
| 179 case SSL_MT_CLIENT_HELLO: |
| 180 { |
| 181 unsigned lcs = LEN(bp+3); |
| 182 unsigned ls = LEN(bp+5); |
| 183 unsigned lc = LEN(bp+7); |
| 184 |
| 185 PrintType(ss, "Client-Hello"); |
| 186 |
| 187 PrintInt(ss, "version (Major)", bp[1]); |
| 188 PrintInt(ss, "version (minor)", bp[2]); |
| 189 |
| 190 PrintBuf(ss, "cipher-specs", bp+9, lcs); |
| 191 PrintBuf(ss, "session-id", bp+9+lcs, ls); |
| 192 PrintBuf(ss, "challenge", bp+9+lcs+ls, lc); |
| 193 } |
| 194 break; |
| 195 case SSL_MT_CLIENT_MASTER_KEY: |
| 196 { |
| 197 unsigned lck = LEN(bp+4); |
| 198 unsigned lek = LEN(bp+6); |
| 199 unsigned lka = LEN(bp+8); |
| 200 |
| 201 PrintType(ss, "Client-Master-Key"); |
| 202 |
| 203 PrintInt(ss, "cipher-choice", bp[1]); |
| 204 PrintInt(ss, "key-length", LEN(bp+2)); |
| 205 |
| 206 PrintBuf(ss, "clear-key", bp+10, lck); |
| 207 PrintBuf(ss, "encrypted-key", bp+10+lck, lek); |
| 208 PrintBuf(ss, "key-arg", bp+10+lck+lek, lka); |
| 209 } |
| 210 break; |
| 211 case SSL_MT_CLIENT_FINISHED: |
| 212 PrintType(ss, "Client-Finished"); |
| 213 PrintBuf(ss, "connection-id", bp+1, len-1); |
| 214 break; |
| 215 case SSL_MT_SERVER_HELLO: |
| 216 { |
| 217 unsigned lc = LEN(bp+5); |
| 218 unsigned lcs = LEN(bp+7); |
| 219 unsigned lci = LEN(bp+9); |
| 220 |
| 221 PrintType(ss, "Server-Hello"); |
| 222 |
| 223 PrintInt(ss, "session-id-hit", bp[1]); |
| 224 PrintInt(ss, "certificate-type", bp[2]); |
| 225 PrintInt(ss, "version (Major)", bp[3]); |
| 226 PrintInt(ss, "version (minor)", bp[3]); |
| 227 PrintBuf(ss, "certificate", bp+11, lc); |
| 228 PrintBuf(ss, "cipher-specs", bp+11+lc, lcs); |
| 229 PrintBuf(ss, "connection-id", bp+11+lc+lcs, lci); |
| 230 } |
| 231 break; |
| 232 case SSL_MT_SERVER_VERIFY: |
| 233 PrintType(ss, "Server-Verify"); |
| 234 PrintBuf(ss, "challenge", bp+1, len-1); |
| 235 break; |
| 236 case SSL_MT_SERVER_FINISHED: |
| 237 PrintType(ss, "Server-Finished"); |
| 238 PrintBuf(ss, "session-id", bp+1, len-1); |
| 239 break; |
| 240 case SSL_MT_REQUEST_CERTIFICATE: |
| 241 PrintType(ss, "Request-Certificate"); |
| 242 PrintInt(ss, "authentication-type", bp[1]); |
| 243 PrintBuf(ss, "certificate-challenge", bp+2, len-2); |
| 244 break; |
| 245 case SSL_MT_CLIENT_CERTIFICATE: |
| 246 { |
| 247 unsigned lc = LEN(bp+2); |
| 248 unsigned lr = LEN(bp+4); |
| 249 PrintType(ss, "Client-Certificate"); |
| 250 PrintInt(ss, "certificate-type", bp[1]); |
| 251 PrintBuf(ss, "certificate", bp+6, lc); |
| 252 PrintBuf(ss, "response", bp+6+lc, lr); |
| 253 } |
| 254 break; |
| 255 default: |
| 256 ssl_PrintBuf(ss, "sending *unknown* message type", bp, len); |
| 257 return; |
| 258 } |
| 259 } |
| 260 |
| 261 void |
| 262 ssl_Trace(const char *format, ... ) |
| 263 { |
| 264 char buf[2000]; |
| 265 va_list args; |
| 266 |
| 267 if (ssl_trace_iob) { |
| 268 va_start(args, format); |
| 269 PR_vsnprintf(buf, sizeof(buf), format, args); |
| 270 va_end(args); |
| 271 |
| 272 fputs(buf, ssl_trace_iob); |
| 273 fputs("\n", ssl_trace_iob); |
| 274 } |
| 275 } |
| 276 #endif |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 394003:
Linux: enable building with a local version of libssl. (Closed)
