2
* Functions to trace SSL protocol behavior in DEBUG builds.
4
* The contents of this file are subject to the Mozilla Public
5
* License Version 1.1 (the "License"); you may not use this file
6
* except in compliance with the License. You may obtain a copy of
7
* the License at http://www.mozilla.org/MPL/
9
* Software distributed under the License is distributed on an "AS
10
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
11
* implied. See the License for the specific language governing
12
* rights and limitations under the License.
14
* The Original Code is the Netscape security libraries.
16
* The Initial Developer of the Original Code is Netscape
17
* Communications Corporation. Portions created by Netscape are
18
* Copyright (C) 1994-2000 Netscape Communications Corporation. All
23
* Alternatively, the contents of this file may be used under the
24
* terms of the GNU General Public License Version 2 or later (the
25
* "GPL"), in which case the provisions of the GPL are applicable
26
* instead of those above. If you wish to allow use of your
27
* version of this file only under the terms of the GPL and not to
28
* allow others to use your version of this file under the MPL,
29
* indicate your decision by deleting the provisions above and
30
* replace them with the notice and other provisions required by
31
* the GPL. If you do not delete the provisions above, a recipient
32
* may use your version of this file under either the MPL or the
35
* $Id: ssltrace.c,v 1.1 2000/03/31 19:37:16 relyea%netscape.com Exp $
44
#if defined(DEBUG) || defined(TRACE)
45
static const char *hex = "0123456789abcdef";
47
static const char printable[257] = {
48
"................" /* 0x */
49
"................" /* 1x */
50
" !\"#$%&'()*+,-./" /* 2x */
51
"0123456789:;<=>?" /* 3x */
52
"@ABCDEFGHIJKLMNO" /* 4x */
53
"PQRSTUVWXYZ[\\]^_" /* 5x */
54
"`abcdefghijklmno" /* 6x */
55
"pqrstuvwxyz{|}~." /* 7x */
56
"................" /* 8x */
57
"................" /* 9x */
58
"................" /* ax */
59
"................" /* bx */
60
"................" /* cx */
61
"................" /* dx */
62
"................" /* ex */
63
"................" /* fx */
66
void ssl_PrintBuf(sslSocket *ss, const char *msg, const void *vp, int len)
68
const unsigned char *cp = (const unsigned char *)vp;
74
SSL_TRACE(("%d: SSL[%d]: %s [Len: %d]", SSL_GETPID(), ss->fd,
77
SSL_TRACE(("%d: SSL: %s [Len: %d]", SSL_GETPID(), msg, len));
79
memset(buf, ' ', sizeof buf);
83
unsigned char ch = *cp++;
84
*bp++ = hex[(ch >> 4) & 0xf];
85
*bp++ = hex[ch & 0xf];
87
*ap++ = printable[ch];
90
SSL_TRACE((" %s", buf));
91
memset(buf, ' ', sizeof buf);
98
SSL_TRACE((" %s", buf));
102
#define LEN(cp) (((cp)[0] << 8) | ((cp)[1]))
104
static void PrintType(sslSocket *ss, char *msg)
107
SSL_TRACE(("%d: SSL[%d]: dump-msg: %s", SSL_GETPID(), ss->fd,
110
SSL_TRACE(("%d: SSL: dump-msg: %s", SSL_GETPID(), msg));
114
static void PrintInt(sslSocket *ss, char *msg, unsigned v)
117
SSL_TRACE(("%d: SSL[%d]: %s=%u", SSL_GETPID(), ss->fd,
120
SSL_TRACE(("%d: SSL: %s=%u", SSL_GETPID(), msg, v));
124
/* PrintBuf is just like ssl_PrintBuf above, except that:
125
* a) It prefixes each line of the buffer with "XX: SSL[xxx] "
126
* b) It dumps only hex, not ASCII.
128
static void PrintBuf(sslSocket *ss, char *msg, unsigned char *cp, int len)
134
SSL_TRACE(("%d: SSL[%d]: %s [Len: %d]",
135
SSL_GETPID(), ss->fd, msg, len));
137
SSL_TRACE(("%d: SSL: %s [Len: %d]",
138
SSL_GETPID(), msg, len));
142
unsigned char ch = *cp++;
143
*bp++ = hex[(ch >> 4) & 0xf];
144
*bp++ = hex[ch & 0xf];
146
if (bp + 4 > buf + 50) {
149
SSL_TRACE(("%d: SSL[%d]: %s",
150
SSL_GETPID(), ss->fd, buf));
152
SSL_TRACE(("%d: SSL: %s", SSL_GETPID(), buf));
160
SSL_TRACE(("%d: SSL[%d]: %s",
161
SSL_GETPID(), ss->fd, buf));
163
SSL_TRACE(("%d: SSL: %s", SSL_GETPID(), buf));
168
void ssl_DumpMsg(sslSocket *ss, unsigned char *bp, unsigned len)
172
PrintType(ss, "Error");
173
PrintInt(ss, "error", LEN(bp+1));
176
case SSL_MT_CLIENT_HELLO:
178
unsigned lcs = LEN(bp+3);
179
unsigned ls = LEN(bp+5);
180
unsigned lc = LEN(bp+7);
182
PrintType(ss, "Client-Hello");
184
PrintInt(ss, "version (Major)", bp[1]);
185
PrintInt(ss, "version (minor)", bp[2]);
187
PrintBuf(ss, "cipher-specs", bp+9, lcs);
188
PrintBuf(ss, "session-id", bp+9+lcs, ls);
189
PrintBuf(ss, "challenge", bp+9+lcs+ls, lc);
192
case SSL_MT_CLIENT_MASTER_KEY:
194
unsigned lck = LEN(bp+4);
195
unsigned lek = LEN(bp+6);
196
unsigned lka = LEN(bp+8);
198
PrintType(ss, "Client-Master-Key");
200
PrintInt(ss, "cipher-choice", bp[1]);
201
PrintInt(ss, "key-length", LEN(bp+2));
203
PrintBuf(ss, "clear-key", bp+10, lck);
204
PrintBuf(ss, "encrypted-key", bp+10+lck, lek);
205
PrintBuf(ss, "key-arg", bp+10+lck+lek, lka);
208
case SSL_MT_CLIENT_FINISHED:
209
PrintType(ss, "Client-Finished");
210
PrintBuf(ss, "connection-id", bp+1, len-1);
212
case SSL_MT_SERVER_HELLO:
214
unsigned lc = LEN(bp+5);
215
unsigned lcs = LEN(bp+7);
216
unsigned lci = LEN(bp+9);
218
PrintType(ss, "Server-Hello");
220
PrintInt(ss, "session-id-hit", bp[1]);
221
PrintInt(ss, "certificate-type", bp[2]);
222
PrintInt(ss, "version (Major)", bp[3]);
223
PrintInt(ss, "version (minor)", bp[3]);
224
PrintBuf(ss, "certificate", bp+11, lc);
225
PrintBuf(ss, "cipher-specs", bp+11+lc, lcs);
226
PrintBuf(ss, "connection-id", bp+11+lc+lcs, lci);
229
case SSL_MT_SERVER_VERIFY:
230
PrintType(ss, "Server-Verify");
231
PrintBuf(ss, "challenge", bp+1, len-1);
233
case SSL_MT_SERVER_FINISHED:
234
PrintType(ss, "Server-Finished");
235
PrintBuf(ss, "session-id", bp+1, len-1);
237
case SSL_MT_REQUEST_CERTIFICATE:
238
PrintType(ss, "Request-Certificate");
239
PrintInt(ss, "authentication-type", bp[1]);
240
PrintBuf(ss, "certificate-challenge", bp+2, len-2);
242
case SSL_MT_CLIENT_CERTIFICATE:
244
unsigned lc = LEN(bp+2);
245
unsigned lr = LEN(bp+4);
246
PrintType(ss, "Client-Certificate");
247
PrintInt(ss, "certificate-type", bp[1]);
248
PrintBuf(ss, "certificate", bp+6, lc);
249
PrintBuf(ss, "response", bp+6+lc, lr);
253
ssl_PrintBuf(ss, "sending *unknown* message type", bp, len);
259
ssl_Trace(const char *format, ... )
264
va_start(args, format);
265
PR_vsnprintf(buf, sizeof(buf), format, args);