Tree - source-git/mingw-nss - CentOS Git server

source-git / mingw-nss

Blame nss/lib/ssl/ssltrace.c

Blob History Raw

Packit	40b132	`/*`
Packit	40b132	`* Functions to trace SSL protocol behavior in DEBUG builds.`
Packit	40b132	`*`
Packit	40b132	`* This Source Code Form is subject to the terms of the Mozilla Public`
Packit	40b132	`* License, v. 2.0. If a copy of the MPL was not distributed with this`
Packit	40b132	`* file, You can obtain one at http://mozilla.org/MPL/2.0/. */`
Packit	40b132	`#include <stdarg.h>`
Packit	40b132	`#include "cert.h"`
Packit	40b132	`#include "ssl.h"`
Packit	40b132	`#include "sslimpl.h"`
Packit	40b132	`#include "sslproto.h"`
Packit	40b132	`#include "prprf.h"`
Packit	40b132
Packit	40b132	`#if defined(DEBUG) \|\| defined(TRACE)`
Packit	40b132	`static const char *hex = "0123456789abcdef";`
Packit	40b132
Packit	40b132	`static const char printable[257] = {`
Packit	40b132	`"................" /* 0x */`
Packit	40b132	`"................" /* 1x */`
Packit	40b132	`" !\"#$%&'()+,-./" / 2x */`
Packit	40b132	`"0123456789:;<=>?" /* 3x */`
Packit	40b132	`"@ABCDEFGHIJKLMNO" /* 4x */`
Packit	40b132	`"PQRSTUVWXYZ[\\]^_" /* 5x */`
Packit	40b132	"`abcdefghijklmno" /* 6x */
Packit	40b132	`"pqrstuvwxyz{\|}~." /* 7x */`
Packit	40b132	`"................" /* 8x */`
Packit	40b132	`"................" /* 9x */`
Packit	40b132	`"................" /* ax */`
Packit	40b132	`"................" /* bx */`
Packit	40b132	`"................" /* cx */`
Packit	40b132	`"................" /* dx */`
Packit	40b132	`"................" /* ex */`
Packit	40b132	`"................" /* fx */`
Packit	40b132	`};`
Packit	40b132
Packit	40b132	`void ssl_PrintBuf(sslSocket ss, const char msg, const void *vp, int len)`
Packit	40b132	`{`
Packit	40b132	`const unsigned char cp = (const unsigned char )vp;`
Packit	40b132	`char buf[80];`
Packit	40b132	`char *bp;`
Packit	40b132	`char *ap;`
Packit	40b132
Packit	40b132	`if (ss) {`
Packit	40b132	`SSL_TRACE(("%d: SSL[%d]: %s [Len: %d]", SSL_GETPID(), ss->fd,`
Packit	40b132	`msg, len));`
Packit	40b132	`} else {`
Packit	40b132	`SSL_TRACE(("%d: SSL: %s [Len: %d]", SSL_GETPID(), msg, len));`
Packit	40b132	`}`
Packit	40b132	`memset(buf, ' ', sizeof buf);`
Packit	40b132	`bp = buf;`
Packit	40b132	`ap = buf + 50;`
Packit	40b132	`while (--len >= 0) {`
Packit	40b132	`unsigned char ch = *cp++;`
Packit	40b132	`*bp++ = hex[(ch >> 4) & 0xf];`
Packit	40b132	`*bp++ = hex[ch & 0xf];`
Packit	40b132	`*bp++ = ' ';`
Packit	40b132	`*ap++ = printable[ch];`
Packit	40b132	`if (ap - buf >= 66) {`
Packit	40b132	`*ap = 0;`
Packit	40b132	`SSL_TRACE((" %s", buf));`
Packit	40b132	`memset(buf, ' ', sizeof buf);`
Packit	40b132	`bp = buf;`
Packit	40b132	`ap = buf + 50;`
Packit	40b132	`}`
Packit	40b132	`}`
Packit	40b132	`if (bp > buf) {`
Packit	40b132	`*ap = 0;`
Packit	40b132	`SSL_TRACE((" %s", buf));`
Packit	40b132	`}`
Packit	40b132	`}`
Packit	40b132
Packit	40b132	`#define LEN(cp) (((cp)[0] << 8) \| ((cp)[1]))`
Packit	40b132
Packit	40b132	`static void PrintType(sslSocket ss, char msg)`
Packit	40b132	`{`
Packit	40b132	`if (ss) {`
Packit	40b132	`SSL_TRACE(("%d: SSL[%d]: dump-msg: %s", SSL_GETPID(), ss->fd,`
Packit	40b132	`msg));`
Packit	40b132	`} else {`
Packit	40b132	`SSL_TRACE(("%d: SSL: dump-msg: %s", SSL_GETPID(), msg));`
Packit	40b132	`}`
Packit	40b132	`}`
Packit	40b132
Packit	40b132	`static void PrintInt(sslSocket ss, char msg, unsigned v)`
Packit	40b132	`{`
Packit	40b132	`if (ss) {`
Packit	40b132	`SSL_TRACE(("%d: SSL[%d]: %s=%u", SSL_GETPID(), ss->fd,`
Packit	40b132	`msg, v));`
Packit	40b132	`} else {`
Packit	40b132	`SSL_TRACE(("%d: SSL: %s=%u", SSL_GETPID(), msg, v));`
Packit	40b132	`}`
Packit	40b132	`}`
Packit	40b132
Packit	40b132	`/* PrintBuf is just like ssl_PrintBuf above, except that:`
Packit	40b132	`* a) It prefixes each line of the buffer with "XX: SSL[xxx] "`
Packit	40b132	`* b) It dumps only hex, not ASCII.`
Packit	40b132	`*/`
Packit	40b132	`static void PrintBuf(sslSocket ss, char msg, unsigned char *cp, int len)`
Packit	40b132	`{`
Packit	40b132	`char buf[80];`
Packit	40b132	`char *bp;`
Packit	40b132
Packit	40b132	`if (ss) {`
Packit	40b132	`SSL_TRACE(("%d: SSL[%d]: %s [Len: %d]",`
Packit	40b132	`SSL_GETPID(), ss->fd, msg, len));`
Packit	40b132	`} else {`
Packit	40b132	`SSL_TRACE(("%d: SSL: %s [Len: %d]",`
Packit	40b132	`SSL_GETPID(), msg, len));`
Packit	40b132	`}`
Packit	40b132	`bp = buf;`
Packit	40b132	`while (--len >= 0) {`
Packit	40b132	`unsigned char ch = *cp++;`
Packit	40b132	`*bp++ = hex[(ch >> 4) & 0xf];`
Packit	40b132	`*bp++ = hex[ch & 0xf];`
Packit	40b132	`*bp++ = ' ';`
Packit	40b132	`if (bp + 4 > buf + 50) {`
Packit	40b132	`*bp = 0;`
Packit	40b132	`if (ss) {`
Packit	40b132	`SSL_TRACE(("%d: SSL[%d]: %s",`
Packit	40b132	`SSL_GETPID(), ss->fd, buf));`
Packit	40b132	`} else {`
Packit	40b132	`SSL_TRACE(("%d: SSL: %s", SSL_GETPID(), buf));`
Packit	40b132	`}`
Packit	40b132	`bp = buf;`
Packit	40b132	`}`
Packit	40b132	`}`
Packit	40b132	`if (bp > buf) {`
Packit	40b132	`*bp = 0;`
Packit	40b132	`if (ss) {`
Packit	40b132	`SSL_TRACE(("%d: SSL[%d]: %s",`
Packit	40b132	`SSL_GETPID(), ss->fd, buf));`
Packit	40b132	`} else {`
Packit	40b132	`SSL_TRACE(("%d: SSL: %s", SSL_GETPID(), buf));`
Packit	40b132	`}`
Packit	40b132	`}`
Packit	40b132	`}`
Packit	40b132
Packit	40b132	`void ssl_DumpMsg(sslSocket ss, unsigned char bp, unsigned len)`
Packit	40b132	`{`
Packit	40b132	`switch (bp[0]) {`
Packit	40b132	`case SSL_MT_ERROR:`
Packit	40b132	`PrintType(ss, "Error");`
Packit	40b132	`PrintInt(ss, "error", LEN(bp+1));`
Packit	40b132	`break;`
Packit	40b132
Packit	40b132	`case SSL_MT_CLIENT_HELLO:`
Packit	40b132	`{`
Packit	40b132	`unsigned lcs = LEN(bp+3);`
Packit	40b132	`unsigned ls = LEN(bp+5);`
Packit	40b132	`unsigned lc = LEN(bp+7);`
Packit	40b132
Packit	40b132	`PrintType(ss, "Client-Hello");`
Packit	40b132
Packit	40b132	`PrintInt(ss, "version (Major)", bp[1]);`
Packit	40b132	`PrintInt(ss, "version (minor)", bp[2]);`
Packit	40b132
Packit	40b132	`PrintBuf(ss, "cipher-specs", bp+9, lcs);`
Packit	40b132	`PrintBuf(ss, "session-id", bp+9+lcs, ls);`
Packit	40b132	`PrintBuf(ss, "challenge", bp+9+lcs+ls, lc);`
Packit	40b132	`}`
Packit	40b132	`break;`
Packit	40b132	`case SSL_MT_CLIENT_MASTER_KEY:`
Packit	40b132	`{`
Packit	40b132	`unsigned lck = LEN(bp+4);`
Packit	40b132	`unsigned lek = LEN(bp+6);`
Packit	40b132	`unsigned lka = LEN(bp+8);`
Packit	40b132
Packit	40b132	`PrintType(ss, "Client-Master-Key");`
Packit	40b132
Packit	40b132	`PrintInt(ss, "cipher-choice", bp[1]);`
Packit	40b132	`PrintInt(ss, "key-length", LEN(bp+2));`
Packit	40b132
Packit	40b132	`PrintBuf(ss, "clear-key", bp+10, lck);`
Packit	40b132	`PrintBuf(ss, "encrypted-key", bp+10+lck, lek);`
Packit	40b132	`PrintBuf(ss, "key-arg", bp+10+lck+lek, lka);`
Packit	40b132	`}`
Packit	40b132	`break;`
Packit	40b132	`case SSL_MT_CLIENT_FINISHED:`
Packit	40b132	`PrintType(ss, "Client-Finished");`
Packit	40b132	`PrintBuf(ss, "connection-id", bp+1, len-1);`
Packit	40b132	`break;`
Packit	40b132	`case SSL_MT_SERVER_HELLO:`
Packit	40b132	`{`
Packit	40b132	`unsigned lc = LEN(bp+5);`
Packit	40b132	`unsigned lcs = LEN(bp+7);`
Packit	40b132	`unsigned lci = LEN(bp+9);`
Packit	40b132
Packit	40b132	`PrintType(ss, "Server-Hello");`
Packit	40b132
Packit	40b132	`PrintInt(ss, "session-id-hit", bp[1]);`
Packit	40b132	`PrintInt(ss, "certificate-type", bp[2]);`
Packit	40b132	`PrintInt(ss, "version (Major)", bp[3]);`
Packit	40b132	`PrintInt(ss, "version (minor)", bp[3]);`
Packit	40b132	`PrintBuf(ss, "certificate", bp+11, lc);`
Packit	40b132	`PrintBuf(ss, "cipher-specs", bp+11+lc, lcs);`
Packit	40b132	`PrintBuf(ss, "connection-id", bp+11+lc+lcs, lci);`
Packit	40b132	`}`
Packit	40b132	`break;`
Packit	40b132	`case SSL_MT_SERVER_VERIFY:`
Packit	40b132	`PrintType(ss, "Server-Verify");`
Packit	40b132	`PrintBuf(ss, "challenge", bp+1, len-1);`
Packit	40b132	`break;`
Packit	40b132	`case SSL_MT_SERVER_FINISHED:`
Packit	40b132	`PrintType(ss, "Server-Finished");`
Packit	40b132	`PrintBuf(ss, "session-id", bp+1, len-1);`
Packit	40b132	`break;`
Packit	40b132	`case SSL_MT_REQUEST_CERTIFICATE:`
Packit	40b132	`PrintType(ss, "Request-Certificate");`
Packit	40b132	`PrintInt(ss, "authentication-type", bp[1]);`
Packit	40b132	`PrintBuf(ss, "certificate-challenge", bp+2, len-2);`
Packit	40b132	`break;`
Packit	40b132	`case SSL_MT_CLIENT_CERTIFICATE:`
Packit	40b132	`{`
Packit	40b132	`unsigned lc = LEN(bp+2);`
Packit	40b132	`unsigned lr = LEN(bp+4);`
Packit	40b132	`PrintType(ss, "Client-Certificate");`
Packit	40b132	`PrintInt(ss, "certificate-type", bp[1]);`
Packit	40b132	`PrintBuf(ss, "certificate", bp+6, lc);`
Packit	40b132	`PrintBuf(ss, "response", bp+6+lc, lr);`
Packit	40b132	`}`
Packit	40b132	`break;`
Packit	40b132	`default:`
Packit	40b132	`ssl_PrintBuf(ss, "sending unknown message type", bp, len);`
Packit	40b132	`return;`
Packit	40b132	`}`
Packit	40b132	`}`
Packit	40b132
Packit	40b132	`void`
Packit	40b132	`ssl_Trace(const char *format, ... )`
Packit	40b132	`{`
Packit	40b132	`char buf[2000];`
Packit	40b132	`va_list args;`
Packit	40b132
Packit	40b132	`if (ssl_trace_iob) {`
Packit	40b132	`va_start(args, format);`
Packit	40b132	`PR_vsnprintf(buf, sizeof(buf), format, args);`
Packit	40b132	`va_end(args);`
Packit	40b132
Packit	40b132	`fputs(buf, ssl_trace_iob);`
Packit	40b132	`fputs("\n", ssl_trace_iob);`
Packit	40b132	`}`
Packit	40b132	`}`
Packit	40b132	`#endif`

source-git / mingw-nss

Source Code

Blame nss/lib/ssl/ssltrace.c