mirror of
https://github.com/rn10950/RetroZilla.git
synced 2024-11-11 02:10:17 +01:00
244 lines
6.3 KiB
C
244 lines
6.3 KiB
C
/*
|
|
* Functions to trace SSL protocol behavior in DEBUG builds.
|
|
*
|
|
* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
#include <stdarg.h>
|
|
#include "cert.h"
|
|
#include "ssl.h"
|
|
#include "sslimpl.h"
|
|
#include "sslproto.h"
|
|
#include "prprf.h"
|
|
|
|
#if defined(DEBUG) || defined(TRACE)
|
|
static const char *hex = "0123456789abcdef";
|
|
|
|
static const char printable[257] = {
|
|
"................" /* 0x */
|
|
"................" /* 1x */
|
|
" !\"#$%&'()*+,-./" /* 2x */
|
|
"0123456789:;<=>?" /* 3x */
|
|
"@ABCDEFGHIJKLMNO" /* 4x */
|
|
"PQRSTUVWXYZ[\\]^_" /* 5x */
|
|
"`abcdefghijklmno" /* 6x */
|
|
"pqrstuvwxyz{|}~." /* 7x */
|
|
"................" /* 8x */
|
|
"................" /* 9x */
|
|
"................" /* ax */
|
|
"................" /* bx */
|
|
"................" /* cx */
|
|
"................" /* dx */
|
|
"................" /* ex */
|
|
"................" /* fx */
|
|
};
|
|
|
|
void ssl_PrintBuf(sslSocket *ss, const char *msg, const void *vp, int len)
|
|
{
|
|
const unsigned char *cp = (const unsigned char *)vp;
|
|
char buf[80];
|
|
char *bp;
|
|
char *ap;
|
|
|
|
if (ss) {
|
|
SSL_TRACE(("%d: SSL[%d]: %s [Len: %d]", SSL_GETPID(), ss->fd,
|
|
msg, len));
|
|
} else {
|
|
SSL_TRACE(("%d: SSL: %s [Len: %d]", SSL_GETPID(), msg, len));
|
|
}
|
|
memset(buf, ' ', sizeof buf);
|
|
bp = buf;
|
|
ap = buf + 50;
|
|
while (--len >= 0) {
|
|
unsigned char ch = *cp++;
|
|
*bp++ = hex[(ch >> 4) & 0xf];
|
|
*bp++ = hex[ch & 0xf];
|
|
*bp++ = ' ';
|
|
*ap++ = printable[ch];
|
|
if (ap - buf >= 66) {
|
|
*ap = 0;
|
|
SSL_TRACE((" %s", buf));
|
|
memset(buf, ' ', sizeof buf);
|
|
bp = buf;
|
|
ap = buf + 50;
|
|
}
|
|
}
|
|
if (bp > buf) {
|
|
*ap = 0;
|
|
SSL_TRACE((" %s", buf));
|
|
}
|
|
}
|
|
|
|
#define LEN(cp) (((cp)[0] << 8) | ((cp)[1]))
|
|
|
|
static void PrintType(sslSocket *ss, char *msg)
|
|
{
|
|
if (ss) {
|
|
SSL_TRACE(("%d: SSL[%d]: dump-msg: %s", SSL_GETPID(), ss->fd,
|
|
msg));
|
|
} else {
|
|
SSL_TRACE(("%d: SSL: dump-msg: %s", SSL_GETPID(), msg));
|
|
}
|
|
}
|
|
|
|
static void PrintInt(sslSocket *ss, char *msg, unsigned v)
|
|
{
|
|
if (ss) {
|
|
SSL_TRACE(("%d: SSL[%d]: %s=%u", SSL_GETPID(), ss->fd,
|
|
msg, v));
|
|
} else {
|
|
SSL_TRACE(("%d: SSL: %s=%u", SSL_GETPID(), msg, v));
|
|
}
|
|
}
|
|
|
|
/* PrintBuf is just like ssl_PrintBuf above, except that:
|
|
* a) It prefixes each line of the buffer with "XX: SSL[xxx] "
|
|
* b) It dumps only hex, not ASCII.
|
|
*/
|
|
static void PrintBuf(sslSocket *ss, char *msg, unsigned char *cp, int len)
|
|
{
|
|
char buf[80];
|
|
char *bp;
|
|
|
|
if (ss) {
|
|
SSL_TRACE(("%d: SSL[%d]: %s [Len: %d]",
|
|
SSL_GETPID(), ss->fd, msg, len));
|
|
} else {
|
|
SSL_TRACE(("%d: SSL: %s [Len: %d]",
|
|
SSL_GETPID(), msg, len));
|
|
}
|
|
bp = buf;
|
|
while (--len >= 0) {
|
|
unsigned char ch = *cp++;
|
|
*bp++ = hex[(ch >> 4) & 0xf];
|
|
*bp++ = hex[ch & 0xf];
|
|
*bp++ = ' ';
|
|
if (bp + 4 > buf + 50) {
|
|
*bp = 0;
|
|
if (ss) {
|
|
SSL_TRACE(("%d: SSL[%d]: %s",
|
|
SSL_GETPID(), ss->fd, buf));
|
|
} else {
|
|
SSL_TRACE(("%d: SSL: %s", SSL_GETPID(), buf));
|
|
}
|
|
bp = buf;
|
|
}
|
|
}
|
|
if (bp > buf) {
|
|
*bp = 0;
|
|
if (ss) {
|
|
SSL_TRACE(("%d: SSL[%d]: %s",
|
|
SSL_GETPID(), ss->fd, buf));
|
|
} else {
|
|
SSL_TRACE(("%d: SSL: %s", SSL_GETPID(), buf));
|
|
}
|
|
}
|
|
}
|
|
|
|
void ssl_DumpMsg(sslSocket *ss, unsigned char *bp, unsigned len)
|
|
{
|
|
switch (bp[0]) {
|
|
case SSL_MT_ERROR:
|
|
PrintType(ss, "Error");
|
|
PrintInt(ss, "error", LEN(bp+1));
|
|
break;
|
|
|
|
case SSL_MT_CLIENT_HELLO:
|
|
{
|
|
unsigned lcs = LEN(bp+3);
|
|
unsigned ls = LEN(bp+5);
|
|
unsigned lc = LEN(bp+7);
|
|
|
|
PrintType(ss, "Client-Hello");
|
|
|
|
PrintInt(ss, "version (Major)", bp[1]);
|
|
PrintInt(ss, "version (minor)", bp[2]);
|
|
|
|
PrintBuf(ss, "cipher-specs", bp+9, lcs);
|
|
PrintBuf(ss, "session-id", bp+9+lcs, ls);
|
|
PrintBuf(ss, "challenge", bp+9+lcs+ls, lc);
|
|
}
|
|
break;
|
|
case SSL_MT_CLIENT_MASTER_KEY:
|
|
{
|
|
unsigned lck = LEN(bp+4);
|
|
unsigned lek = LEN(bp+6);
|
|
unsigned lka = LEN(bp+8);
|
|
|
|
PrintType(ss, "Client-Master-Key");
|
|
|
|
PrintInt(ss, "cipher-choice", bp[1]);
|
|
PrintInt(ss, "key-length", LEN(bp+2));
|
|
|
|
PrintBuf(ss, "clear-key", bp+10, lck);
|
|
PrintBuf(ss, "encrypted-key", bp+10+lck, lek);
|
|
PrintBuf(ss, "key-arg", bp+10+lck+lek, lka);
|
|
}
|
|
break;
|
|
case SSL_MT_CLIENT_FINISHED:
|
|
PrintType(ss, "Client-Finished");
|
|
PrintBuf(ss, "connection-id", bp+1, len-1);
|
|
break;
|
|
case SSL_MT_SERVER_HELLO:
|
|
{
|
|
unsigned lc = LEN(bp+5);
|
|
unsigned lcs = LEN(bp+7);
|
|
unsigned lci = LEN(bp+9);
|
|
|
|
PrintType(ss, "Server-Hello");
|
|
|
|
PrintInt(ss, "session-id-hit", bp[1]);
|
|
PrintInt(ss, "certificate-type", bp[2]);
|
|
PrintInt(ss, "version (Major)", bp[3]);
|
|
PrintInt(ss, "version (minor)", bp[3]);
|
|
PrintBuf(ss, "certificate", bp+11, lc);
|
|
PrintBuf(ss, "cipher-specs", bp+11+lc, lcs);
|
|
PrintBuf(ss, "connection-id", bp+11+lc+lcs, lci);
|
|
}
|
|
break;
|
|
case SSL_MT_SERVER_VERIFY:
|
|
PrintType(ss, "Server-Verify");
|
|
PrintBuf(ss, "challenge", bp+1, len-1);
|
|
break;
|
|
case SSL_MT_SERVER_FINISHED:
|
|
PrintType(ss, "Server-Finished");
|
|
PrintBuf(ss, "session-id", bp+1, len-1);
|
|
break;
|
|
case SSL_MT_REQUEST_CERTIFICATE:
|
|
PrintType(ss, "Request-Certificate");
|
|
PrintInt(ss, "authentication-type", bp[1]);
|
|
PrintBuf(ss, "certificate-challenge", bp+2, len-2);
|
|
break;
|
|
case SSL_MT_CLIENT_CERTIFICATE:
|
|
{
|
|
unsigned lc = LEN(bp+2);
|
|
unsigned lr = LEN(bp+4);
|
|
PrintType(ss, "Client-Certificate");
|
|
PrintInt(ss, "certificate-type", bp[1]);
|
|
PrintBuf(ss, "certificate", bp+6, lc);
|
|
PrintBuf(ss, "response", bp+6+lc, lr);
|
|
}
|
|
break;
|
|
default:
|
|
ssl_PrintBuf(ss, "sending *unknown* message type", bp, len);
|
|
return;
|
|
}
|
|
}
|
|
|
|
void
|
|
ssl_Trace(const char *format, ... )
|
|
{
|
|
char buf[2000];
|
|
va_list args;
|
|
|
|
if (ssl_trace_iob) {
|
|
va_start(args, format);
|
|
PR_vsnprintf(buf, sizeof(buf), format, args);
|
|
va_end(args);
|
|
|
|
fputs(buf, ssl_trace_iob);
|
|
fputs("\n", ssl_trace_iob);
|
|
}
|
|
}
|
|
#endif
|