OLD | NEW |
(Empty) | |
| 1 diff --git a/net/third_party/nss/ssl/ssl3con.c b/net/third_party/nss/ssl/ssl3con
.c |
| 2 index 6780a84..eefb552 100644 |
| 3 --- a/net/third_party/nss/ssl/ssl3con.c |
| 4 +++ b/net/third_party/nss/ssl/ssl3con.c |
| 5 @@ -4793,6 +4793,18 @@ done: |
| 6 return unwrappedWrappingKey; |
| 7 } |
| 8 |
| 9 +/* hexEncode hex encodes |length| bytes from |in| and writes it as |length*2| |
| 10 + * bytes to |out|. */ |
| 11 +static hexEncode(char *out, const unsigned char *in, size_t length) { |
| 12 + static const char hextable[] = "0123456789abcdef"; |
| 13 + size_t i; |
| 14 + |
| 15 + for (i = 0; i < length; i++) { |
| 16 + *(out++) = hextable[in[i] >> 4]; |
| 17 + *(out++) = hextable[in[i] & 15]; |
| 18 + } |
| 19 +} |
| 20 + |
| 21 |
| 22 /* Called from ssl3_SendClientKeyExchange(). */ |
| 23 /* Presently, this always uses PKCS11. There is no bypass for this. */ |
| 24 @@ -4832,16 +4844,17 @@ sendRSAClientKeyExchange(sslSocket * ss, SECKEYPublicKey
* svrPubKey) |
| 25 goto loser; |
| 26 } |
| 27 |
| 28 -#if defined(TRACE) |
| 29 - if (ssl_trace >= 100 || ssl_keylog_iob) { |
| 30 + if (ssl_keylog_iob) { |
| 31 SECStatus extractRV = PK11_ExtractKeyValue(pms); |
| 32 if (extractRV == SECSuccess) { |
| 33 SECItem * keyData = PK11_GetKeyData(pms); |
| 34 if (keyData && keyData->data && keyData->len) { |
| 35 +#ifdef TRACE |
| 36 if (ssl_trace >= 100) { |
| 37 ssl_PrintBuf(ss, "Pre-Master Secret", |
| 38 keyData->data, keyData->len); |
| 39 } |
| 40 +#endif |
| 41 if (ssl_keylog_iob && enc_pms.len >= 8 && keyData->len == 48) { |
| 42 /* https://developer.mozilla.org/en/NSS_Key_Log_Format */ |
| 43 |
| 44 @@ -4849,21 +4862,11 @@ sendRSAClientKeyExchange(sslSocket * ss, SECKEYPublicKey
* svrPubKey) |
| 45 * keylog, so we have to do everything in a single call to |
| 46 * fwrite. */ |
| 47 char buf[4 + 8*2 + 1 + 48*2 + 1]; |
| 48 - static const char hextable[16] = "0123456789abcdef"; |
| 49 - unsigned int i; |
| 50 |
| 51 strcpy(buf, "RSA "); |
| 52 - |
| 53 - for (i = 0; i < 8; i++) { |
| 54 - buf[4 + i*2] = hextable[enc_pms.data[i] >> 4]; |
| 55 - buf[4 + i*2 + 1] = hextable[enc_pms.data[i] & 15]; |
| 56 - } |
| 57 + hexEncode(buf + 4, enc_pms.data, 8); |
| 58 buf[20] = ' '; |
| 59 - |
| 60 - for (i = 0; i < 48; i++) { |
| 61 - buf[21 + i*2] = hextable[keyData->data[i] >> 4]; |
| 62 - buf[21 + i*2 + 1] = hextable[keyData->data[i] & 15]; |
| 63 - } |
| 64 + hexEncode(buf + 21, keyData->data, 48); |
| 65 buf[sizeof(buf) - 1] = '\n'; |
| 66 |
| 67 fwrite(buf, sizeof(buf), 1, ssl_keylog_iob); |
| 68 @@ -4872,7 +4875,6 @@ sendRSAClientKeyExchange(sslSocket * ss, SECKEYPublicKey *
svrPubKey) |
| 69 } |
| 70 } |
| 71 } |
| 72 -#endif |
| 73 |
| 74 rv = ssl3_InitPendingCipherSpec(ss, pms); |
| 75 PK11_FreeSymKey(pms); pms = NULL; |
| 76 @@ -9046,6 +9048,69 @@ ssl3_RestartHandshakeAfterChannelIDReq(sslSocket *ss, |
| 77 return SECSuccess; |
| 78 } |
| 79 |
| 80 +/* called from ssl3_SendFinished |
| 81 + * |
| 82 + * Caller must already hold the SpecReadLock. (wish we could assert that!). |
| 83 + * This function is simply a debugging aid and therefore does not return a |
| 84 + * SECStatus. */ |
| 85 +static void |
| 86 +ssl3_RecordKeyLog(sslSocket *ss) |
| 87 +{ |
| 88 + sslSessionID *sid; |
| 89 + SECStatus rv; |
| 90 + SECItem *keyData; |
| 91 + char buf[14 /* "CLIENT_RANDOM " */ + |
| 92 + SSL3_RANDOM_LENGTH*2 /* client_random */ + |
| 93 + 1 /* " " */ + |
| 94 + 48*2 /* master secret */ + |
| 95 + 1 /* new line */]; |
| 96 + unsigned int j; |
| 97 + |
| 98 + PORT_Assert( ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss)); |
| 99 + |
| 100 + sid = ss->sec.ci.sid; |
| 101 + |
| 102 + if (!ssl_keylog_iob) |
| 103 + return; |
| 104 + |
| 105 + rv = PK11_ExtractKeyValue(ss->ssl3.cwSpec->master_secret); |
| 106 + if (rv != SECSuccess) |
| 107 + return; |
| 108 + |
| 109 + ssl_GetSpecReadLock(ss); |
| 110 + |
| 111 + /* keyData does not need to be freed. */ |
| 112 + keyData = PK11_GetKeyData(ss->ssl3.cwSpec->master_secret); |
| 113 + if (!keyData || !keyData->data || keyData->len != 48) { |
| 114 + ssl_ReleaseSpecReadLock(ss); |
| 115 + return; |
| 116 + } |
| 117 + |
| 118 + /* https://developer.mozilla.org/en/NSS_Key_Log_Format */ |
| 119 + |
| 120 + /* There could be multiple, concurrent writers to the |
| 121 + * keylog, so we have to do everything in a single call to |
| 122 + * fwrite. */ |
| 123 + |
| 124 + memcpy(buf, "CLIENT_RANDOM ", 14); |
| 125 + j = 14; |
| 126 + hexEncode(buf + j, ss->ssl3.hs.client_random.rand, SSL3_RANDOM_LENGTH); |
| 127 + j += SSL3_RANDOM_LENGTH*2; |
| 128 + buf[j++] = ' '; |
| 129 + hexEncode(buf + j, keyData->data, 48); |
| 130 + j += 48*2; |
| 131 + buf[j++] = '\n'; |
| 132 + |
| 133 + PORT_Assert(j == sizeof(buf)); |
| 134 + |
| 135 + ssl_ReleaseSpecReadLock(ss); |
| 136 + |
| 137 + if (fwrite(buf, sizeof(buf), 1, ssl_keylog_iob) != 1) |
| 138 + return; |
| 139 + fflush(ssl_keylog_iob); |
| 140 + return; |
| 141 +} |
| 142 + |
| 143 /* called from ssl3_HandleServerHelloDone |
| 144 * ssl3_HandleClientHello |
| 145 * ssl3_HandleFinished |
| 146 @@ -9107,6 +9172,9 @@ ssl3_SendFinished(sslSocket *ss, PRInt32 flags) |
| 147 if (rv != SECSuccess) { |
| 148 goto fail; /* error code set by ssl3_FlushHandshake */ |
| 149 } |
| 150 + |
| 151 + ssl3_RecordKeyLog(ss); |
| 152 + |
| 153 return SECSuccess; |
| 154 |
| 155 fail: |
| 156 diff --git a/net/third_party/nss/ssl/sslsock.c b/net/third_party/nss/ssl/sslsock
.c |
| 157 index c61ab44..3bd11d2 100644 |
| 158 --- a/net/third_party/nss/ssl/sslsock.c |
| 159 +++ b/net/third_party/nss/ssl/sslsock.c |
| 160 @@ -2903,6 +2903,13 @@ ssl_SetDefaultsFromEnvironment(void) |
| 161 ssl_trace = atoi(ev); |
| 162 SSL_TRACE(("SSL: tracing set to %d", ssl_trace)); |
| 163 } |
| 164 +#endif /* TRACE */ |
| 165 + ev = getenv("SSLDEBUG"); |
| 166 + if (ev && ev[0]) { |
| 167 + ssl_debug = atoi(ev); |
| 168 + SSL_TRACE(("SSL: debugging set to %d", ssl_debug)); |
| 169 + } |
| 170 +#endif /* DEBUG */ |
| 171 ev = getenv("SSLKEYLOGFILE"); |
| 172 if (ev && ev[0]) { |
| 173 ssl_keylog_iob = fopen(ev, "a"); |
| 174 @@ -2912,13 +2919,6 @@ ssl_SetDefaultsFromEnvironment(void) |
| 175 } |
| 176 SSL_TRACE(("SSL: logging pre-master secrets to %s", ev)); |
| 177 } |
| 178 -#endif /* TRACE */ |
| 179 - ev = getenv("SSLDEBUG"); |
| 180 - if (ev && ev[0]) { |
| 181 - ssl_debug = atoi(ev); |
| 182 - SSL_TRACE(("SSL: debugging set to %d", ssl_debug)); |
| 183 - } |
| 184 -#endif /* DEBUG */ |
| 185 ev = getenv("SSLBYPASS"); |
| 186 if (ev && ev[0]) { |
| 187 ssl_defaults.bypassPKCS11 = (ev[0] == '1'); |
OLD | NEW |