OLD | NEW |
(Empty) | |
| 1 diff --git a/net/third_party/nss/ssl/ssl3con.c b/net/third_party/nss/ssl/ssl3con
.c |
| 2 index 6780a84..4cf011b 100644 |
| 3 --- a/net/third_party/nss/ssl/ssl3con.c |
| 4 +++ b/net/third_party/nss/ssl/ssl3con.c |
| 5 @@ -4793,6 +4793,17 @@ done: |
| 6 return unwrappedWrappingKey; |
| 7 } |
| 8 |
| 9 +/* hexEncode hex encodes |length| bytes from |in| and writes it as |length*2| |
| 10 + * bytes to |out|. */ |
| 11 +static void hexEncode(char *out, const unsigned char *in, size_t length) { |
| 12 + static const char hextable[] = "0123456789abcdef"; |
| 13 + size_t i; |
| 14 + |
| 15 + for (i = 0; i < length; i++) { |
| 16 + *(out++) = hextable[in[i] >> 4]; |
| 17 + *(out++) = hextable[in[i] & 15]; |
| 18 + } |
| 19 +} |
| 20 |
| 21 /* Called from ssl3_SendClientKeyExchange(). */ |
| 22 /* Presently, this always uses PKCS11. There is no bypass for this. */ |
| 23 @@ -4832,16 +4843,17 @@ sendRSAClientKeyExchange(sslSocket * ss, SECKEYPublicKey
* svrPubKey) |
| 24 goto loser; |
| 25 } |
| 26 |
| 27 -#if defined(TRACE) |
| 28 - if (ssl_trace >= 100 || ssl_keylog_iob) { |
| 29 + if (ssl_keylog_iob) { |
| 30 SECStatus extractRV = PK11_ExtractKeyValue(pms); |
| 31 if (extractRV == SECSuccess) { |
| 32 SECItem * keyData = PK11_GetKeyData(pms); |
| 33 if (keyData && keyData->data && keyData->len) { |
| 34 +#ifdef TRACE |
| 35 if (ssl_trace >= 100) { |
| 36 ssl_PrintBuf(ss, "Pre-Master Secret", |
| 37 keyData->data, keyData->len); |
| 38 } |
| 39 +#endif |
| 40 if (ssl_keylog_iob && enc_pms.len >= 8 && keyData->len == 48) { |
| 41 /* https://developer.mozilla.org/en/NSS_Key_Log_Format */ |
| 42 |
| 43 @@ -4849,21 +4861,11 @@ sendRSAClientKeyExchange(sslSocket * ss, SECKEYPublicKey
* svrPubKey) |
| 44 * keylog, so we have to do everything in a single call to |
| 45 * fwrite. */ |
| 46 char buf[4 + 8*2 + 1 + 48*2 + 1]; |
| 47 - static const char hextable[16] = "0123456789abcdef"; |
| 48 - unsigned int i; |
| 49 |
| 50 strcpy(buf, "RSA "); |
| 51 - |
| 52 - for (i = 0; i < 8; i++) { |
| 53 - buf[4 + i*2] = hextable[enc_pms.data[i] >> 4]; |
| 54 - buf[4 + i*2 + 1] = hextable[enc_pms.data[i] & 15]; |
| 55 - } |
| 56 + hexEncode(buf + 4, enc_pms.data, 8); |
| 57 buf[20] = ' '; |
| 58 - |
| 59 - for (i = 0; i < 48; i++) { |
| 60 - buf[21 + i*2] = hextable[keyData->data[i] >> 4]; |
| 61 - buf[21 + i*2 + 1] = hextable[keyData->data[i] & 15]; |
| 62 - } |
| 63 + hexEncode(buf + 21, keyData->data, 48); |
| 64 buf[sizeof(buf) - 1] = '\n'; |
| 65 |
| 66 fwrite(buf, sizeof(buf), 1, ssl_keylog_iob); |
| 67 @@ -4872,7 +4874,6 @@ sendRSAClientKeyExchange(sslSocket * ss, SECKEYPublicKey *
svrPubKey) |
| 68 } |
| 69 } |
| 70 } |
| 71 -#endif |
| 72 |
| 73 rv = ssl3_InitPendingCipherSpec(ss, pms); |
| 74 PK11_FreeSymKey(pms); pms = NULL; |
| 75 @@ -9046,6 +9047,69 @@ ssl3_RestartHandshakeAfterChannelIDReq(sslSocket *ss, |
| 76 return SECSuccess; |
| 77 } |
| 78 |
| 79 +/* called from ssl3_SendFinished |
| 80 + * |
| 81 + * Caller must already hold the SpecReadLock. (wish we could assert that!). |
| 82 + * This function is simply a debugging aid and therefore does not return a |
| 83 + * SECStatus. */ |
| 84 +static void |
| 85 +ssl3_RecordKeyLog(sslSocket *ss) |
| 86 +{ |
| 87 + sslSessionID *sid; |
| 88 + SECStatus rv; |
| 89 + SECItem *keyData; |
| 90 + char buf[14 /* "CLIENT_RANDOM " */ + |
| 91 + SSL3_RANDOM_LENGTH*2 /* client_random */ + |
| 92 + 1 /* " " */ + |
| 93 + 48*2 /* master secret */ + |
| 94 + 1 /* new line */]; |
| 95 + unsigned int j; |
| 96 + |
| 97 + PORT_Assert( ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss)); |
| 98 + |
| 99 + sid = ss->sec.ci.sid; |
| 100 + |
| 101 + if (!ssl_keylog_iob) |
| 102 + return; |
| 103 + |
| 104 + rv = PK11_ExtractKeyValue(ss->ssl3.cwSpec->master_secret); |
| 105 + if (rv != SECSuccess) |
| 106 + return; |
| 107 + |
| 108 + ssl_GetSpecReadLock(ss); |
| 109 + |
| 110 + /* keyData does not need to be freed. */ |
| 111 + keyData = PK11_GetKeyData(ss->ssl3.cwSpec->master_secret); |
| 112 + if (!keyData || !keyData->data || keyData->len != 48) { |
| 113 + ssl_ReleaseSpecReadLock(ss); |
| 114 + return; |
| 115 + } |
| 116 + |
| 117 + /* https://developer.mozilla.org/en/NSS_Key_Log_Format */ |
| 118 + |
| 119 + /* There could be multiple, concurrent writers to the |
| 120 + * keylog, so we have to do everything in a single call to |
| 121 + * fwrite. */ |
| 122 + |
| 123 + memcpy(buf, "CLIENT_RANDOM ", 14); |
| 124 + j = 14; |
| 125 + hexEncode(buf + j, ss->ssl3.hs.client_random.rand, SSL3_RANDOM_LENGTH); |
| 126 + j += SSL3_RANDOM_LENGTH*2; |
| 127 + buf[j++] = ' '; |
| 128 + hexEncode(buf + j, keyData->data, 48); |
| 129 + j += 48*2; |
| 130 + buf[j++] = '\n'; |
| 131 + |
| 132 + PORT_Assert(j == sizeof(buf)); |
| 133 + |
| 134 + ssl_ReleaseSpecReadLock(ss); |
| 135 + |
| 136 + if (fwrite(buf, sizeof(buf), 1, ssl_keylog_iob) != 1) |
| 137 + return; |
| 138 + fflush(ssl_keylog_iob); |
| 139 + return; |
| 140 +} |
| 141 + |
| 142 /* called from ssl3_HandleServerHelloDone |
| 143 * ssl3_HandleClientHello |
| 144 * ssl3_HandleFinished |
| 145 @@ -9107,6 +9171,9 @@ ssl3_SendFinished(sslSocket *ss, PRInt32 flags) |
| 146 if (rv != SECSuccess) { |
| 147 goto fail; /* error code set by ssl3_FlushHandshake */ |
| 148 } |
| 149 + |
| 150 + ssl3_RecordKeyLog(ss); |
| 151 + |
| 152 return SECSuccess; |
| 153 |
| 154 fail: |
| 155 diff --git a/net/third_party/nss/ssl/sslsock.c b/net/third_party/nss/ssl/sslsock
.c |
| 156 index c61ab44..3bd11d2 100644 |
| 157 --- a/net/third_party/nss/ssl/sslsock.c |
| 158 +++ b/net/third_party/nss/ssl/sslsock.c |
| 159 @@ -2903,6 +2903,13 @@ ssl_SetDefaultsFromEnvironment(void) |
| 160 ssl_trace = atoi(ev); |
| 161 SSL_TRACE(("SSL: tracing set to %d", ssl_trace)); |
| 162 } |
| 163 +#endif /* TRACE */ |
| 164 + ev = getenv("SSLDEBUG"); |
| 165 + if (ev && ev[0]) { |
| 166 + ssl_debug = atoi(ev); |
| 167 + SSL_TRACE(("SSL: debugging set to %d", ssl_debug)); |
| 168 + } |
| 169 +#endif /* DEBUG */ |
| 170 ev = getenv("SSLKEYLOGFILE"); |
| 171 if (ev && ev[0]) { |
| 172 ssl_keylog_iob = fopen(ev, "a"); |
| 173 @@ -2912,13 +2919,6 @@ ssl_SetDefaultsFromEnvironment(void) |
| 174 } |
| 175 SSL_TRACE(("SSL: logging pre-master secrets to %s", ev)); |
| 176 } |
| 177 -#endif /* TRACE */ |
| 178 - ev = getenv("SSLDEBUG"); |
| 179 - if (ev && ev[0]) { |
| 180 - ssl_debug = atoi(ev); |
| 181 - SSL_TRACE(("SSL: debugging set to %d", ssl_debug)); |
| 182 - } |
| 183 -#endif /* DEBUG */ |
| 184 ev = getenv("SSLBYPASS"); |
| 185 if (ev && ev[0]) { |
| 186 ssl_defaults.bypassPKCS11 = (ev[0] == '1'); |
OLD | NEW |