| OLD | NEW |
|---|
| (Empty) |
| 1 /* | |
| 2 * Functions to trace SSL protocol behavior in DEBUG builds. | |
| 3 * | |
| 4 * This Source Code Form is subject to the terms of the Mozilla Public | |
| 5 * License, v. 2.0. If a copy of the MPL was not distributed with this | |
| 6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | |
| 7 #include <stdarg.h> | |
| 8 #include "cert.h" | |
| 9 #include "ssl.h" | |
| 10 #include "sslimpl.h" | |
| 11 #include "sslproto.h" | |
| 12 #include "prprf.h" | |
| 13 | |
| 14 #if defined(DEBUG) || defined(TRACE) | |
| 15 static const char *hex = "0123456789abcdef"; | |
| 16 | |
| 17 static const char printable[257] = { | |
| 18 "................" /* 0x */ | |
| 19 "................" /* 1x */ | |
| 20 " !\"#$%&'()*+,-./" /* 2x */ | |
| 21 "0123456789:;<=>?" /* 3x */ | |
| 22 "@ABCDEFGHIJKLMNO" /* 4x */ | |
| 23 "PQRSTUVWXYZ[\\]^_" /* 5x */ | |
| 24 "`abcdefghijklmno" /* 6x */ | |
| 25 "pqrstuvwxyz{|}~." /* 7x */ | |
| 26 "................" /* 8x */ | |
| 27 "................" /* 9x */ | |
| 28 "................" /* ax */ | |
| 29 "................" /* bx */ | |
| 30 "................" /* cx */ | |
| 31 "................" /* dx */ | |
| 32 "................" /* ex */ | |
| 33 "................" /* fx */ | |
| 34 }; | |
| 35 | |
| 36 void | |
| 37 ssl_PrintBuf(sslSocket *ss, const char *msg, const void *vp, int len) | |
| 38 { | |
| 39 const unsigned char *cp = (const unsigned char *)vp; | |
| 40 char buf[80]; | |
| 41 char *bp; | |
| 42 char *ap; | |
| 43 | |
| 44 if (ss) { | |
| 45 SSL_TRACE(("%d: SSL[%d]: %s [Len: %d]", SSL_GETPID(), ss->fd, | |
| 46 msg, len)); | |
| 47 } else { | |
| 48 SSL_TRACE(("%d: SSL: %s [Len: %d]", SSL_GETPID(), msg, len)); | |
| 49 } | |
| 50 memset(buf, ' ', sizeof buf); | |
| 51 bp = buf; | |
| 52 ap = buf + 50; | |
| 53 while (--len >= 0) { | |
| 54 unsigned char ch = *cp++; | |
| 55 *bp++ = hex[(ch >> 4) & 0xf]; | |
| 56 *bp++ = hex[ch & 0xf]; | |
| 57 *bp++ = ' '; | |
| 58 *ap++ = printable[ch]; | |
| 59 if (ap - buf >= 66) { | |
| 60 *ap = 0; | |
| 61 SSL_TRACE((" %s", buf)); | |
| 62 memset(buf, ' ', sizeof buf); | |
| 63 bp = buf; | |
| 64 ap = buf + 50; | |
| 65 } | |
| 66 } | |
| 67 if (bp > buf) { | |
| 68 *ap = 0; | |
| 69 SSL_TRACE((" %s", buf)); | |
| 70 } | |
| 71 } | |
| 72 | |
| 73 #define LEN(cp) (((cp)[0] << 8) | ((cp)[1])) | |
| 74 | |
| 75 static void | |
| 76 PrintType(sslSocket *ss, char *msg) | |
| 77 { | |
| 78 if (ss) { | |
| 79 SSL_TRACE(("%d: SSL[%d]: dump-msg: %s", SSL_GETPID(), ss->fd, msg)); | |
| 80 } else { | |
| 81 SSL_TRACE(("%d: SSL: dump-msg: %s", SSL_GETPID(), msg)); | |
| 82 } | |
| 83 } | |
| 84 | |
| 85 static void | |
| 86 PrintInt(sslSocket *ss, char *msg, unsigned v) | |
| 87 { | |
| 88 if (ss) { | |
| 89 SSL_TRACE(("%d: SSL[%d]: %s=%u", SSL_GETPID(), ss->fd, msg, v)
); | |
| 90 } else { | |
| 91 SSL_TRACE(("%d: SSL: %s=%u", SSL_GETPID(), msg, v)); | |
| 92 } | |
| 93 } | |
| 94 | |
| 95 /* PrintBuf is just like ssl_PrintBuf above, except that: | |
| 96 * a) It prefixes each line of the buffer with "XX: SSL[xxx] " | |
| 97 * b) It dumps only hex, not ASCII. | |
| 98 */ | |
| 99 static void | |
| 100 PrintBuf(sslSocket *ss, char *msg, unsigned char *cp, int len) | |
| 101 { | |
| 102 char buf[80]; | |
| 103 char *bp; | |
| 104 | |
| 105 if (ss) { | |
| 106 SSL_TRACE(("%d: SSL[%d]: %s [Len: %d]", | |
| 107 SSL_GETPID(), ss->fd, msg, len)); | |
| 108 } else { | |
| 109 SSL_TRACE(("%d: SSL: %s [Len: %d]", | |
| 110 SSL_GETPID(), msg, len)); | |
| 111 } | |
| 112 bp = buf; | |
| 113 while (--len >= 0) { | |
| 114 unsigned char ch = *cp++; | |
| 115 *bp++ = hex[(ch >> 4) & 0xf]; | |
| 116 *bp++ = hex[ch & 0xf]; | |
| 117 *bp++ = ' '; | |
| 118 if (bp + 4 > buf + 50) { | |
| 119 *bp = 0; | |
| 120 if (ss) { | |
| 121 SSL_TRACE(("%d: SSL[%d]: %s", | |
| 122 SSL_GETPID(), ss->fd, buf)); | |
| 123 } else { | |
| 124 SSL_TRACE(("%d: SSL: %s", SSL_GETPID(), buf)); | |
| 125 } | |
| 126 bp = buf; | |
| 127 } | |
| 128 } | |
| 129 if (bp > buf) { | |
| 130 *bp = 0; | |
| 131 if (ss) { | |
| 132 SSL_TRACE(("%d: SSL[%d]: %s", | |
| 133 SSL_GETPID(), ss->fd, buf)); | |
| 134 } else { | |
| 135 SSL_TRACE(("%d: SSL: %s", SSL_GETPID(), buf)); | |
| 136 } | |
| 137 } | |
| 138 } | |
| 139 | |
| 140 void | |
| 141 ssl_DumpMsg(sslSocket *ss, unsigned char *bp, unsigned len) | |
| 142 { | |
| 143 switch (bp[0]) { | |
| 144 case SSL_MT_ERROR: | |
| 145 PrintType(ss, "Error"); | |
| 146 PrintInt(ss, "error", LEN(bp + 1)); | |
| 147 break; | |
| 148 | |
| 149 case SSL_MT_CLIENT_HELLO: { | |
| 150 unsigned lcs = LEN(bp + 3); | |
| 151 unsigned ls = LEN(bp + 5); | |
| 152 unsigned lc = LEN(bp + 7); | |
| 153 | |
| 154 PrintType(ss, "Client-Hello"); | |
| 155 | |
| 156 PrintInt(ss, "version (Major)", bp[1]); | |
| 157 PrintInt(ss, "version (minor)", bp[2]); | |
| 158 | |
| 159 PrintBuf(ss, "cipher-specs", bp + 9, lcs); | |
| 160 PrintBuf(ss, "session-id", bp + 9 + lcs, ls); | |
| 161 PrintBuf(ss, "challenge", bp + 9 + lcs + ls, lc); | |
| 162 } break; | |
| 163 case SSL_MT_CLIENT_MASTER_KEY: { | |
| 164 unsigned lck = LEN(bp + 4); | |
| 165 unsigned lek = LEN(bp + 6); | |
| 166 unsigned lka = LEN(bp + 8); | |
| 167 | |
| 168 PrintType(ss, "Client-Master-Key"); | |
| 169 | |
| 170 PrintInt(ss, "cipher-choice", bp[1]); | |
| 171 PrintInt(ss, "key-length", LEN(bp + 2)); | |
| 172 | |
| 173 PrintBuf(ss, "clear-key", bp + 10, lck); | |
| 174 PrintBuf(ss, "encrypted-key", bp + 10 + lck, lek); | |
| 175 PrintBuf(ss, "key-arg", bp + 10 + lck + lek, lka); | |
| 176 } break; | |
| 177 case SSL_MT_CLIENT_FINISHED: | |
| 178 PrintType(ss, "Client-Finished"); | |
| 179 PrintBuf(ss, "connection-id", bp + 1, len - 1); | |
| 180 break; | |
| 181 case SSL_MT_SERVER_HELLO: { | |
| 182 unsigned lc = LEN(bp + 5); | |
| 183 unsigned lcs = LEN(bp + 7); | |
| 184 unsigned lci = LEN(bp + 9); | |
| 185 | |
| 186 PrintType(ss, "Server-Hello"); | |
| 187 | |
| 188 PrintInt(ss, "session-id-hit", bp[1]); | |
| 189 PrintInt(ss, "certificate-type", bp[2]); | |
| 190 PrintInt(ss, "version (Major)", bp[3]); | |
| 191 PrintInt(ss, "version (minor)", bp[3]); | |
| 192 PrintBuf(ss, "certificate", bp + 11, lc); | |
| 193 PrintBuf(ss, "cipher-specs", bp + 11 + lc, lcs); | |
| 194 PrintBuf(ss, "connection-id", bp + 11 + lc + lcs, lci); | |
| 195 } break; | |
| 196 case SSL_MT_SERVER_VERIFY: | |
| 197 PrintType(ss, "Server-Verify"); | |
| 198 PrintBuf(ss, "challenge", bp + 1, len - 1); | |
| 199 break; | |
| 200 case SSL_MT_SERVER_FINISHED: | |
| 201 PrintType(ss, "Server-Finished"); | |
| 202 PrintBuf(ss, "session-id", bp + 1, len - 1); | |
| 203 break; | |
| 204 case SSL_MT_REQUEST_CERTIFICATE: | |
| 205 PrintType(ss, "Request-Certificate"); | |
| 206 PrintInt(ss, "authentication-type", bp[1]); | |
| 207 PrintBuf(ss, "certificate-challenge", bp + 2, len - 2); | |
| 208 break; | |
| 209 case SSL_MT_CLIENT_CERTIFICATE: { | |
| 210 unsigned lc = LEN(bp + 2); | |
| 211 unsigned lr = LEN(bp + 4); | |
| 212 PrintType(ss, "Client-Certificate"); | |
| 213 PrintInt(ss, "certificate-type", bp[1]); | |
| 214 PrintBuf(ss, "certificate", bp + 6, lc); | |
| 215 PrintBuf(ss, "response", bp + 6 + lc, lr); | |
| 216 } break; | |
| 217 default: | |
| 218 ssl_PrintBuf(ss, "sending *unknown* message type", bp, len); | |
| 219 return; | |
| 220 } | |
| 221 } | |
| 222 | |
| 223 void | |
| 224 ssl_Trace(const char *format, ...) | |
| 225 { | |
| 226 char buf[2000]; | |
| 227 va_list args; | |
| 228 | |
| 229 if (ssl_trace_iob) { | |
| 230 va_start(args, format); | |
| 231 PR_vsnprintf(buf, sizeof(buf), format, args); | |
| 232 va_end(args); | |
| 233 | |
| 234 fputs(buf, ssl_trace_iob); | |
| 235 fputs("\n", ssl_trace_iob); | |
| 236 } | |
| 237 } | |
| 238 #endif | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1882433002:
Removing NSS files and USE_OPENSSL flag (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master