diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2017-02-22 17:26:04 +0000 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2017-02-27 18:23:18 +0000 |
| commit | fa64210a88a90277aa499fd1616102e5f11967be (patch) | |
| tree | 2eaac19385bb74c7ed432a04659ef38635b898f0 /ssl/t1_trce.c | |
| parent | 03f44b974b1c85804b54af7c3ffb5241d5ffd952 (diff) | |
Trace support for TLS 1.3 certificate request message
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2728)
Diffstat (limited to 'ssl/t1_trce.c')
| -rw-r--r-- | ssl/t1_trce.c | 75 |
1 files changed, 42 insertions, 33 deletions
diff --git a/ssl/t1_trce.c b/ssl/t1_trce.c index 7340fd1cdb..e99a2ceca8 100644 --- a/ssl/t1_trce.c +++ b/ssl/t1_trce.c @@ -1206,46 +1206,50 @@ static int ssl_print_cert_request(BIO *bio, int indent, SSL *s, size_t xlen; unsigned int sigalg; - if (msglen < 1) - return 0; - xlen = msg[0]; - if (msglen < xlen + 1) - return 0; - msg++; - BIO_indent(bio, indent, 80); - BIO_printf(bio, "certificate_types (len=%d)\n", (int)xlen); - if (!ssl_trace_list(bio, indent + 2, msg, xlen, 1, ssl_ctype_tbl)) - return 0; - msg += xlen; - msglen -= xlen + 1; - if (!SSL_USE_SIGALGS(s)) - goto skip_sig; - if (msglen < 2) - return 0; - xlen = (msg[0] << 8) | msg[1]; - if (msglen < xlen + 2 || (xlen & 1)) - return 0; - msg += 2; - BIO_indent(bio, indent, 80); - BIO_printf(bio, "signature_algorithms (len=%d)\n", (int)xlen); - while (xlen > 0) { - BIO_indent(bio, indent + 2, 80); - sigalg = (msg[0] << 8) | msg[1]; - BIO_printf(bio, "%s (0x%04x)\n", - ssl_trace_str(sigalg, ssl_sigalg_tbl), sigalg); - xlen -= 2; + if (SSL_IS_TLS13(s)) { + if (!ssl_print_hexbuf(bio, indent, "request_context", 1, &msg, &msglen)) + return 0; + } else { + if (msglen < 1) + return 0; + xlen = msg[0]; + if (msglen < xlen + 1) + return 0; + msg++; + BIO_indent(bio, indent, 80); + BIO_printf(bio, "certificate_types (len=%d)\n", (int)xlen); + if (!ssl_trace_list(bio, indent + 2, msg, xlen, 1, ssl_ctype_tbl)) + return 0; + msg += xlen; + msglen -= xlen + 1; + } + if (SSL_USE_SIGALGS(s)) { + if (msglen < 2) + return 0; + xlen = (msg[0] << 8) | msg[1]; + if (msglen < xlen + 2 || (xlen & 1)) + return 0; msg += 2; + msglen -= xlen + 2; + BIO_indent(bio, indent, 80); + BIO_printf(bio, "signature_algorithms (len=%d)\n", (int)xlen); + while (xlen > 0) { + BIO_indent(bio, indent + 2, 80); + sigalg = (msg[0] << 8) | msg[1]; + BIO_printf(bio, "%s (0x%04x)\n", + ssl_trace_str(sigalg, ssl_sigalg_tbl), sigalg); + xlen -= 2; + msg += 2; + } + msg += xlen; } - msg += xlen; - msglen -= xlen + 2; - skip_sig: xlen = (msg[0] << 8) | msg[1]; BIO_indent(bio, indent, 80); if (msglen < xlen + 2) return 0; msg += 2; - msglen -= 2; + msglen -= 2 + xlen; BIO_printf(bio, "certificate_authorities (len=%d)\n", (int)xlen); while (xlen > 0) { size_t dlen; @@ -1271,7 +1275,12 @@ static int ssl_print_cert_request(BIO *bio, int indent, SSL *s, xlen -= dlen + 2; msg += dlen; } - return 1; + if (SSL_IS_TLS13(s)) { + if (!ssl_print_hexbuf(bio, indent, "request_extensions", 2, + &msg, &msglen)) + return 0; + } + return msglen == 0; } static int ssl_print_ticket(BIO *bio, int indent, SSL *s, |