net/third_party/nss/ssl/ssltrace.c - Issue 1844813002: Uprev NSS to 3.23 on iOS

Side by Side Diff: net/third_party/nss/ssl/ssltrace.c

Issue 1844813002: Uprev NSS to 3.23 on iOS (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: One more GN fix Created 4 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 /*	1 /*

2 * Functions to trace SSL protocol behavior in DEBUG builds.	2 * Functions to trace SSL protocol behavior in DEBUG builds.

3 *	3 *

4 * This Source Code Form is subject to the terms of the Mozilla Public	4 * This Source Code Form is subject to the terms of the Mozilla Public

5 * License, v. 2.0. If a copy of the MPL was not distributed with this	5 * License, v. 2.0. If a copy of the MPL was not distributed with this

6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */	6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

7 #include <stdarg.h>	7 #include <stdarg.h>

8 #include "cert.h"	8 #include "cert.h"

9 #include "ssl.h"	9 #include "ssl.h"

10 #include "sslimpl.h"	10 #include "sslimpl.h"

11 #include "sslproto.h"	11 #include "sslproto.h"

12 #include "prprf.h"	12 #include "prprf.h"

13	13

14 #if defined(DEBUG) \|\| defined(TRACE)	14 #if defined(DEBUG) \|\| defined(TRACE)

15 static const char *hex = "0123456789abcdef";	15 static const char *hex = "0123456789abcdef";

16	16

17 static const char printable[257] = {	17 static const char printable[257] = {

18 » "................"» /* 0x */	18 "................" /* 0x */

19 » "................"» /* 1x */	19 "................" /* 1x */

20 » " !\"#$%&'()+,-./"» / 2x */	20 " !\"#$%&'()+,-./" / 2x */

21 » "0123456789:;<=>?"» /* 3x */	21 "0123456789:;<=>?" /* 3x */

22 » "@ABCDEFGHIJKLMNO"» /* 4x */	22 "@ABCDEFGHIJKLMNO" /* 4x */

23 » "PQRSTUVWXYZ[\\]^_"» /* 5x */	23 "PQRSTUVWXYZ[\\]^_" /* 5x */

24 » "`abcdefghijklmno"» /* 6x */	24 "`abcdefghijklmno" /* 6x */

25 » "pqrstuvwxyz{\|}~."» /* 7x */	25 "pqrstuvwxyz{\|}~." /* 7x */

26 » "................"» /* 8x */	26 "................" /* 8x */

27 » "................"» /* 9x */	27 "................" /* 9x */

28 » "................"» /* ax */	28 "................" /* ax */

29 » "................"» /* bx */	29 "................" /* bx */

30 » "................"» /* cx */	30 "................" /* cx */

31 » "................"» /* dx */	31 "................" /* dx */

32 » "................"» /* ex */	32 "................" /* ex */

33 » "................"» /* fx */	33 "................" /* fx */

34 };	34 };

35	35

36 void ssl_PrintBuf(sslSocket ss, const char msg, const void *vp, int len)	36 void

	37 ssl_PrintBuf(sslSocket ss, const char msg, const void *vp, int len)

37 {	38 {

38 const unsigned char cp = (const unsigned char )vp;	39 const unsigned char cp = (const unsigned char )vp;

39 char buf[80];	40 char buf[80];

40 char *bp;	41 char *bp;

41 char *ap;	42 char *ap;

42	43

43 if (ss) {	44 if (ss) {

44 » SSL_TRACE(("%d: SSL[%d]: %s [Len: %d]", SSL_GETPID(), ss->fd,	45 SSL_TRACE(("%d: SSL[%d]: %s [Len: %d]", SSL_GETPID(), ss->fd,

45 » » msg, len));	46 msg, len));

46 } else {	47 } else {

47 » SSL_TRACE(("%d: SSL: %s [Len: %d]", SSL_GETPID(), msg, len));	48 SSL_TRACE(("%d: SSL: %s [Len: %d]", SSL_GETPID(), msg, len));

48 }	49 }

49 memset(buf, ' ', sizeof buf);	50 memset(buf, ' ', sizeof buf);

50 bp = buf;	51 bp = buf;

51 ap = buf + 50;	52 ap = buf + 50;

52 while (--len >= 0) {	53 while (--len >= 0) {

53 » unsigned char ch = *cp++;	54 unsigned char ch = *cp++;

54 » *bp++ = hex[(ch >> 4) & 0xf];	55 *bp++ = hex[(ch >> 4) & 0xf];

55 » *bp++ = hex[ch & 0xf];	56 *bp++ = hex[ch & 0xf];

56 » *bp++ = ' ';	57 *bp++ = ' ';

57 » *ap++ = printable[ch];	58 *ap++ = printable[ch];

58 » if (ap - buf >= 66) {	59 if (ap - buf >= 66) {

59 » *ap = 0;	60 *ap = 0;

60 » SSL_TRACE((" %s", buf));	61 SSL_TRACE((" %s", buf));

61 » memset(buf, ' ', sizeof buf);	62 memset(buf, ' ', sizeof buf);

62 » bp = buf;	63 bp = buf;

63 » ap = buf + 50;	64 ap = buf + 50;

64 » }	65 }

65 }	66 }

66 if (bp > buf) {	67 if (bp > buf) {

67 » *ap = 0;	68 *ap = 0;

68 » SSL_TRACE((" %s", buf));	69 SSL_TRACE((" %s", buf));

69 }	70 }

70 }	71 }

71	72

72 #define LEN(cp)»» (((cp)[0] << 8) \| ((cp)[1]))	73 #define LEN(cp) (((cp)[0] << 8) \| ((cp)[1]))

73	74

74 static void PrintType(sslSocket ss, char msg)	75 static void

	76 PrintType(sslSocket ss, char msg)

75 {	77 {

76 if (ss) {	78 if (ss) {

77 » SSL_TRACE(("%d: SSL[%d]: dump-msg: %s", SSL_GETPID(), ss->fd,	79 SSL_TRACE(("%d: SSL[%d]: dump-msg: %s", SSL_GETPID(), ss->fd, msg));

78 » » msg));

79 } else {	80 } else {

80 » SSL_TRACE(("%d: SSL: dump-msg: %s", SSL_GETPID(), msg));	81 SSL_TRACE(("%d: SSL: dump-msg: %s", SSL_GETPID(), msg));

81 }	82 }

82 }	83 }

83	84

84 static void PrintInt(sslSocket ss, char msg, unsigned v)	85 static void

	86 PrintInt(sslSocket ss, char msg, unsigned v)

85 {	87 {

86 if (ss) {	88 if (ss) {

87 » SSL_TRACE(("%d: SSL[%d]: %s=%u", SSL_GETPID(), ss->fd,	89 SSL_TRACE(("%d: SSL[%d]: %s=%u", SSL_GETPID(), ss->fd, msg, v) );

88 » » msg, v));

89 } else {	90 } else {

90 » SSL_TRACE(("%d: SSL: %s=%u", SSL_GETPID(), msg, v));	91 SSL_TRACE(("%d: SSL: %s=%u", SSL_GETPID(), msg, v));

91 }	92 }

92 }	93 }

93	94

94 /* PrintBuf is just like ssl_PrintBuf above, except that:	95 /* PrintBuf is just like ssl_PrintBuf above, except that:

95 * a) It prefixes each line of the buffer with "XX: SSL[xxx] "	96 * a) It prefixes each line of the buffer with "XX: SSL[xxx] "

96 * b) It dumps only hex, not ASCII.	97 * b) It dumps only hex, not ASCII.

97 */	98 */

98 static void PrintBuf(sslSocket ss, char msg, unsigned char *cp, int len)	99 static void

	100 PrintBuf(sslSocket ss, char msg, unsigned char *cp, int len)

99 {	101 {

100 char buf[80];	102 char buf[80];

101 char *bp;	103 char *bp;

102	104

103 if (ss) {	105 if (ss) {

104 » SSL_TRACE(("%d: SSL[%d]: %s [Len: %d]",	106 SSL_TRACE(("%d: SSL[%d]: %s [Len: %d]",

105 » » SSL_GETPID(), ss->fd, msg, len));	107 SSL_GETPID(), ss->fd, msg, len));

106 } else {	108 } else {

107 » SSL_TRACE(("%d: SSL: %s [Len: %d]",	109 SSL_TRACE(("%d: SSL: %s [Len: %d]",

108 » » SSL_GETPID(), msg, len));	110 SSL_GETPID(), msg, len));

109 }	111 }

110 bp = buf;	112 bp = buf;

111 while (--len >= 0) {	113 while (--len >= 0) {

112 » unsigned char ch = *cp++;	114 unsigned char ch = *cp++;

113 » *bp++ = hex[(ch >> 4) & 0xf];	115 *bp++ = hex[(ch >> 4) & 0xf];

114 » *bp++ = hex[ch & 0xf];	116 *bp++ = hex[ch & 0xf];

115 » *bp++ = ' ';	117 *bp++ = ' ';

116 » if (bp + 4 > buf + 50) {	118 if (bp + 4 > buf + 50) {

117 » *bp = 0;	119 *bp = 0;

118 » if (ss) {	120 if (ss) {

119 » » SSL_TRACE(("%d: SSL[%d]: %s",	121 SSL_TRACE(("%d: SSL[%d]: %s",

120 » » » SSL_GETPID(), ss->fd, buf));	122 SSL_GETPID(), ss->fd, buf));

121 » } else {	123 } else {

122 » » SSL_TRACE(("%d: SSL: %s", SSL_GETPID(), buf));	124 SSL_TRACE(("%d: SSL: %s", SSL_GETPID(), buf));

123 » }	125 }

124 » bp = buf;	126 bp = buf;

125 » }	127 }

126 }	128 }

127 if (bp > buf) {	129 if (bp > buf) {

128 » *bp = 0;	130 *bp = 0;

129 » if (ss) {	131 if (ss) {

130 » SSL_TRACE(("%d: SSL[%d]: %s",	132 SSL_TRACE(("%d: SSL[%d]: %s",

131 » » SSL_GETPID(), ss->fd, buf));	133 SSL_GETPID(), ss->fd, buf));

132 » } else {	134 } else {

133 » SSL_TRACE(("%d: SSL: %s", SSL_GETPID(), buf));	135 SSL_TRACE(("%d: SSL: %s", SSL_GETPID(), buf));

134 » }	136 }

135 }

136 }

137

138 void ssl_DumpMsg(sslSocket ss, unsigned char bp, unsigned len)

139 {

140 switch (bp[0]) {

141 case SSL_MT_ERROR:

142 » PrintType(ss, "Error");

143 » PrintInt(ss, "error", LEN(bp+1));

144 » break;

145

146 case SSL_MT_CLIENT_HELLO:

147 » {

148 » unsigned lcs = LEN(bp+3);

149 » unsigned ls = LEN(bp+5);

150 » unsigned lc = LEN(bp+7);

151

152 » PrintType(ss, "Client-Hello");

153

154 » PrintInt(ss, "version (Major)", bp[1]);

155 » PrintInt(ss, "version (minor)", bp[2]);

156

157 » PrintBuf(ss, "cipher-specs", bp+9, lcs);

158 » PrintBuf(ss, "session-id", bp+9+lcs, ls);

159 » PrintBuf(ss, "challenge", bp+9+lcs+ls, lc);

160 » }

161 » break;

162 case SSL_MT_CLIENT_MASTER_KEY:

163 » {

164 » unsigned lck = LEN(bp+4);

165 » unsigned lek = LEN(bp+6);

166 » unsigned lka = LEN(bp+8);

167

168 » PrintType(ss, "Client-Master-Key");

169

170 » PrintInt(ss, "cipher-choice", bp[1]);

171 » PrintInt(ss, "key-length", LEN(bp+2));

172

173 » PrintBuf(ss, "clear-key", bp+10, lck);

174 » PrintBuf(ss, "encrypted-key", bp+10+lck, lek);

175 » PrintBuf(ss, "key-arg", bp+10+lck+lek, lka);

176 » }

177 » break;

178 case SSL_MT_CLIENT_FINISHED:

179 » PrintType(ss, "Client-Finished");

180 » PrintBuf(ss, "connection-id", bp+1, len-1);

181 » break;

182 case SSL_MT_SERVER_HELLO:

183 » {

184 » unsigned lc = LEN(bp+5);

185 » unsigned lcs = LEN(bp+7);

186 » unsigned lci = LEN(bp+9);

187

188 » PrintType(ss, "Server-Hello");

189

190 » PrintInt(ss, "session-id-hit", bp[1]);

191 » PrintInt(ss, "certificate-type", bp[2]);

192 » PrintInt(ss, "version (Major)", bp[3]);

193 » PrintInt(ss, "version (minor)", bp[3]);

194 » PrintBuf(ss, "certificate", bp+11, lc);

195 » PrintBuf(ss, "cipher-specs", bp+11+lc, lcs);

196 » PrintBuf(ss, "connection-id", bp+11+lc+lcs, lci);

197 » }

198 » break;

199 case SSL_MT_SERVER_VERIFY:

200 » PrintType(ss, "Server-Verify");

201 » PrintBuf(ss, "challenge", bp+1, len-1);

202 » break;

203 case SSL_MT_SERVER_FINISHED:

204 » PrintType(ss, "Server-Finished");

205 » PrintBuf(ss, "session-id", bp+1, len-1);

206 » break;

207 case SSL_MT_REQUEST_CERTIFICATE:

208 » PrintType(ss, "Request-Certificate");

209 » PrintInt(ss, "authentication-type", bp[1]);

210 » PrintBuf(ss, "certificate-challenge", bp+2, len-2);

211 » break;

212 case SSL_MT_CLIENT_CERTIFICATE:

213 » {

214 » unsigned lc = LEN(bp+2);

215 » unsigned lr = LEN(bp+4);

216 » PrintType(ss, "Client-Certificate");

217 » PrintInt(ss, "certificate-type", bp[1]);

218 » PrintBuf(ss, "certificate", bp+6, lc);

219 » PrintBuf(ss, "response", bp+6+lc, lr);

220 » }

221 » break;

222 default:

223 » ssl_PrintBuf(ss, "sending unknown message type", bp, len);

224 » return;

225 }	137 }

226 }	138 }

227	139

228 void	140 void

229 ssl_Trace(const char *format, ... )	141 ssl_DumpMsg(sslSocket ss, unsigned char bp, unsigned len)

230 {	142 {

231 char buf[2000];	143 switch (bp[0]) {

	144 case SSL_MT_ERROR:

	145 PrintType(ss, "Error");

	146 PrintInt(ss, "error", LEN(bp + 1));

	147 break;

	148

	149 case SSL_MT_CLIENT_HELLO: {

	150 unsigned lcs = LEN(bp + 3);

	151 unsigned ls = LEN(bp + 5);

	152 unsigned lc = LEN(bp + 7);

	153

	154 PrintType(ss, "Client-Hello");

	155

	156 PrintInt(ss, "version (Major)", bp[1]);

	157 PrintInt(ss, "version (minor)", bp[2]);

	158

	159 PrintBuf(ss, "cipher-specs", bp + 9, lcs);

	160 PrintBuf(ss, "session-id", bp + 9 + lcs, ls);

	161 PrintBuf(ss, "challenge", bp + 9 + lcs + ls, lc);

	162 } break;

	163 case SSL_MT_CLIENT_MASTER_KEY: {

	164 unsigned lck = LEN(bp + 4);

	165 unsigned lek = LEN(bp + 6);

	166 unsigned lka = LEN(bp + 8);

	167

	168 PrintType(ss, "Client-Master-Key");

	169

	170 PrintInt(ss, "cipher-choice", bp[1]);

	171 PrintInt(ss, "key-length", LEN(bp + 2));

	172

	173 PrintBuf(ss, "clear-key", bp + 10, lck);

	174 PrintBuf(ss, "encrypted-key", bp + 10 + lck, lek);

	175 PrintBuf(ss, "key-arg", bp + 10 + lck + lek, lka);

	176 } break;

	177 case SSL_MT_CLIENT_FINISHED:

	178 PrintType(ss, "Client-Finished");

	179 PrintBuf(ss, "connection-id", bp + 1, len - 1);

	180 break;

	181 case SSL_MT_SERVER_HELLO: {

	182 unsigned lc = LEN(bp + 5);

	183 unsigned lcs = LEN(bp + 7);

	184 unsigned lci = LEN(bp + 9);

	185

	186 PrintType(ss, "Server-Hello");

	187

	188 PrintInt(ss, "session-id-hit", bp[1]);

	189 PrintInt(ss, "certificate-type", bp[2]);

	190 PrintInt(ss, "version (Major)", bp[3]);

	191 PrintInt(ss, "version (minor)", bp[3]);

	192 PrintBuf(ss, "certificate", bp + 11, lc);

	193 PrintBuf(ss, "cipher-specs", bp + 11 + lc, lcs);

	194 PrintBuf(ss, "connection-id", bp + 11 + lc + lcs, lci);

	195 } break;

	196 case SSL_MT_SERVER_VERIFY:

	197 PrintType(ss, "Server-Verify");

	198 PrintBuf(ss, "challenge", bp + 1, len - 1);

	199 break;

	200 case SSL_MT_SERVER_FINISHED:

	201 PrintType(ss, "Server-Finished");

	202 PrintBuf(ss, "session-id", bp + 1, len - 1);

	203 break;

	204 case SSL_MT_REQUEST_CERTIFICATE:

	205 PrintType(ss, "Request-Certificate");

	206 PrintInt(ss, "authentication-type", bp[1]);

	207 PrintBuf(ss, "certificate-challenge", bp + 2, len - 2);

	208 break;

	209 case SSL_MT_CLIENT_CERTIFICATE: {

	210 unsigned lc = LEN(bp + 2);

	211 unsigned lr = LEN(bp + 4);

	212 PrintType(ss, "Client-Certificate");

	213 PrintInt(ss, "certificate-type", bp[1]);

	214 PrintBuf(ss, "certificate", bp + 6, lc);

	215 PrintBuf(ss, "response", bp + 6 + lc, lr);

	216 } break;

	217 default:

	218 ssl_PrintBuf(ss, "sending unknown message type", bp, len);

	219 return;

	220 }

	221 }

	222

	223 void

	224 ssl_Trace(const char *format, ...)

	225 {

	226 char buf[2000];

232 va_list args;	227 va_list args;

233	228

234 if (ssl_trace_iob) {	229 if (ssl_trace_iob) {

235 » va_start(args, format);	230 va_start(args, format);

236 » PR_vsnprintf(buf, sizeof(buf), format, args);	231 PR_vsnprintf(buf, sizeof(buf), format, args);

237 » va_end(args);	232 va_end(args);

238	233

239 » fputs(buf, ssl_trace_iob);	234 fputs(buf, ssl_trace_iob);

240 » fputs("\n", ssl_trace_iob);	235 fputs("\n", ssl_trace_iob);

241 }	236 }

242 }	237 }

243 #endif	238 #endif

OLD	NEW

« no previous file with comments | « net/third_party/nss/ssl/sslt.h ('k') | net/third_party/nss/ssl/tls13con.h » ('j') | no next file with comments »