From: Matt Caswell <matt@openssl.org>
Date: Wed, 8 Feb 2017 17:08:48 +0000 (+0000)
Subject: Add SSL_trace() support for KeyUpdate messages
X-Git-Tag: OpenSSL_1_1_1-pre1~2367
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=7d8c2dfa64f1f717581a67d078d98e4c331e6d14;p=openssl

Add SSL_trace() support for KeyUpdate messages

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2609)
---

diff --git a/ssl/t1_trce.c b/ssl/t1_trce.c
index 5561e8f8a3..6f340c9ab1 100644
--- a/ssl/t1_trce.c
+++ b/ssl/t1_trce.c
@@ -94,7 +94,8 @@ static ssl_trace_tbl ssl_handshake_tbl[] = {
     {SSL3_MT_CERTIFICATE_STATUS, "CertificateStatus"},
     {SSL3_MT_CLIENT_KEY_EXCHANGE, "ClientKeyExchange"},
     {SSL3_MT_FINISHED, "Finished"},
-    {SSL3_MT_CERTIFICATE_STATUS, "CertificateStatus"}
+    {SSL3_MT_CERTIFICATE_STATUS, "CertificateStatus"},
+    {SSL3_MT_KEY_UPDATE, "KeyUpdate"}
 };
 
 /* Cipher suites */
@@ -562,6 +563,11 @@ static ssl_trace_tbl ssl_crypto_tbl[] = {
     {TLS1_RT_CRYPTO_FIXED_IV | TLS1_RT_CRYPTO_READ, "Read IV (fixed part)"}
 };
 
+static ssl_trace_tbl ssl_key_update_tbl[] = {
+    {SSL_KEY_UPDATE_NOT_REQUESTED, "update_not_requested"},
+    {SSL_KEY_UPDATE_REQUESTED, "update_requested"}
+};
+
 static void ssl_print_hex(BIO *bio, int indent, const char *name,
                           const unsigned char *msg, size_t msglen)
 {
@@ -1351,6 +1357,16 @@ static int ssl_print_handshake(BIO *bio, SSL *ssl, int server,
             return 0;
         break;
 
+    case SSL3_MT_KEY_UPDATE:
+        if (msglen != 1) {
+            ssl_print_hex(bio, indent + 2, "unexpected value", msg, msglen);
+            return 0;
+        }
+        if (!ssl_trace_list(bio, indent + 2, msg, msglen, 1,
+                            ssl_key_update_tbl))
+            return 0;
+        break;
+
     default:
         BIO_indent(bio, indent + 2, 80);
         BIO_puts(bio, "Unsupported, hex dump follows:\n");