From 7de2ff0310f4c7e7493844533e10785a6207a2a8 Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Tue, 8 Nov 2022 21:43:46 +0800 Subject: [PATCH] Refactor extension list print Signed-off-by: Jerry Yu --- library/ssl_client.c | 3 ++- library/ssl_debug_helpers.h | 16 +++------------- library/ssl_tls.c | 2 +- library/ssl_tls13_client.c | 12 ++++++++---- library/ssl_tls13_generic.c | 6 ++++-- library/ssl_tls13_server.c | 17 +++++++++++------ 6 files changed, 29 insertions(+), 27 deletions(-) diff --git a/library/ssl_client.c b/library/ssl_client.c index ebf0fa701..b226cafff 100644 --- a/library/ssl_client.c +++ b/library/ssl_client.c @@ -675,7 +675,8 @@ static int ssl_write_client_hello_body( mbedtls_ssl_context *ssl, } #if defined(MBEDTLS_SSL_PROTO_TLS1_3) - MBEDTLS_SSL_PRINT_SENT_EXTS( 3, MBEDTLS_SSL_HS_CLIENT_HELLO ); + MBEDTLS_SSL_PRINT_EXTS( + 3, MBEDTLS_SSL_HS_CLIENT_HELLO, ssl->handshake->sent_extensions ); #endif *out_len = p - buf; diff --git a/library/ssl_debug_helpers.h b/library/ssl_debug_helpers.h index ad84619a0..ccdda2a0d 100644 --- a/library/ssl_debug_helpers.h +++ b/library/ssl_debug_helpers.h @@ -55,17 +55,9 @@ void mbedtls_ssl_print_extension( const mbedtls_ssl_context *ssl, int hs_msg_type, unsigned int extension_type, const char *extra_msg0, const char *extra_msg1 ); -#define MBEDTLS_SSL_PRINT_SENT_EXTS( level, hs_msg_type ) \ +#define MBEDTLS_SSL_PRINT_EXTS( level, hs_msg_type, extension_mask ) \ mbedtls_ssl_print_extensions( ssl, level, __FILE__, __LINE__, \ - hs_msg_type, \ - ssl->handshake->sent_extensions, \ - "sent" ) - -#define MBEDTLS_SSL_PRINT_RECEIVED_EXTS( level, hs_msg_type ) \ - mbedtls_ssl_print_extensions( ssl, level, __FILE__, __LINE__, \ - hs_msg_type, \ - ssl->handshake->received_extensions, \ - "received" ) + hs_msg_type, extension_mask, NULL ) #define MBEDTLS_SSL_PRINT_EXT( level, hs_msg_type, extension_type, extra ) \ mbedtls_ssl_print_extension( ssl, level, __FILE__, __LINE__, \ @@ -73,9 +65,7 @@ void mbedtls_ssl_print_extension( const mbedtls_ssl_context *ssl, extra, NULL ) #else -#define MBEDTLS_SSL_PRINT_SENT_EXTS( level, hs_msg_type ) - -#define MBEDTLS_SSL_PRINT_RECEIVED_EXTS( level, hs_msg_type ) +#define MBEDTLS_SSL_PRINT_EXTS( level, hs_msg_type, extension_mask ) #define MBEDTLS_SSL_PRINT_EXT( level, hs_msg_type, extension_type, extra ) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index efe24634f..ea8464f0c 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -754,7 +754,7 @@ void mbedtls_ssl_print_extensions( const mbedtls_ssl_context *ssl, { mbedtls_ssl_print_extension( ssl, level, file, line, hs_msg_type, extension_type_table[i], - extensions_mask & ( 1 << i ) ? "was" : "was not", extra ); + extensions_mask & ( 1 << i ) ? "exists" : "does not exists", extra ); } } diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index f4502d290..364e886bc 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -1742,7 +1742,8 @@ static int ssl_tls13_parse_server_hello( mbedtls_ssl_context *ssl, p += extension_data_len; } - MBEDTLS_SSL_PRINT_RECEIVED_EXTS( 3, hs_msg_type ); + MBEDTLS_SSL_PRINT_EXTS( + 3, hs_msg_type, ssl->handshake->received_extensions ); cleanup: @@ -2034,7 +2035,8 @@ static int ssl_tls13_parse_encrypted_extensions( mbedtls_ssl_context *ssl, p += extension_data_len; } - MBEDTLS_SSL_PRINT_RECEIVED_EXTS( 3, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS ); + MBEDTLS_SSL_PRINT_EXTS( 3, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS, + ssl->handshake->received_extensions ); /* Check that we consumed all the message. */ if( p != end ) @@ -2222,7 +2224,8 @@ static int ssl_tls13_parse_certificate_request( mbedtls_ssl_context *ssl, p += extension_data_len; } - MBEDTLS_SSL_PRINT_RECEIVED_EXTS( 3, MBEDTLS_SSL_HS_CERTIFICATE_REQUEST ); + MBEDTLS_SSL_PRINT_EXTS( 3, MBEDTLS_SSL_HS_CERTIFICATE_REQUEST, + ssl->handshake->received_extensions ); /* Check that we consumed all the message. */ if( p != end ) @@ -2513,7 +2516,8 @@ static int ssl_tls13_parse_new_session_ticket_exts( mbedtls_ssl_context *ssl, p += extension_data_len; } - MBEDTLS_SSL_PRINT_RECEIVED_EXTS( 3, MBEDTLS_SSL_HS_NEW_SESSION_TICKET ); + MBEDTLS_SSL_PRINT_EXTS( 3, MBEDTLS_SSL_HS_NEW_SESSION_TICKET, + ssl->handshake->received_extensions ); return( 0 ); } diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index 39b86b984..a39949c1c 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -546,7 +546,8 @@ int mbedtls_ssl_tls13_parse_certificate( mbedtls_ssl_context *ssl, p += extension_data_len; } - MBEDTLS_SSL_PRINT_RECEIVED_EXTS( 3, MBEDTLS_SSL_HS_CERTIFICATE ); + MBEDTLS_SSL_PRINT_EXTS( 3, MBEDTLS_SSL_HS_CERTIFICATE, + ssl->handshake->received_extensions ); } exit: @@ -885,7 +886,8 @@ static int ssl_tls13_write_certificate_body( mbedtls_ssl_context *ssl, *out_len = p - buf; - MBEDTLS_SSL_PRINT_SENT_EXTS( 3, MBEDTLS_SSL_HS_CERTIFICATE ); + MBEDTLS_SSL_PRINT_EXTS( + 3, MBEDTLS_SSL_HS_CERTIFICATE, ssl->handshake->sent_extensions ); return( 0 ); } diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 28f242295..597fbb7e6 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1623,7 +1623,8 @@ static int ssl_tls13_parse_client_hello( mbedtls_ssl_context *ssl, p += extension_data_len; } - MBEDTLS_SSL_PRINT_RECEIVED_EXTS( 3, MBEDTLS_SSL_HS_CLIENT_HELLO ); + MBEDTLS_SSL_PRINT_EXTS( 3, MBEDTLS_SSL_HS_CLIENT_HELLO, + ssl->handshake->received_extensions ); mbedtls_ssl_add_hs_hdr_to_checksum( ssl, MBEDTLS_SSL_HS_CLIENT_HELLO, @@ -2145,9 +2146,10 @@ static int ssl_tls13_write_server_hello_body( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_BUF( 3, "server hello", buf, *out_len ); - MBEDTLS_SSL_PRINT_SENT_EXTS( + MBEDTLS_SSL_PRINT_EXTS( 3, is_hrr ? MBEDTLS_SSL_TLS1_3_HS_HELLO_RETRY_REQUEST : - MBEDTLS_SSL_HS_SERVER_HELLO ); + MBEDTLS_SSL_HS_SERVER_HELLO, + ssl->handshake->sent_extensions ); return( ret ); } @@ -2333,7 +2335,8 @@ static int ssl_tls13_write_encrypted_extensions_body( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_BUF( 4, "encrypted extensions", buf, *out_len ); - MBEDTLS_SSL_PRINT_SENT_EXTS( 3, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS ); + MBEDTLS_SSL_PRINT_EXTS( + 3, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS, ssl->handshake->sent_extensions ); return( 0 ); } @@ -2464,7 +2467,8 @@ static int ssl_tls13_write_certificate_request_body( mbedtls_ssl_context *ssl, *out_len = p - buf; - MBEDTLS_SSL_PRINT_SENT_EXTS( 3, MBEDTLS_SSL_HS_CERTIFICATE_REQUEST ); + MBEDTLS_SSL_PRINT_EXTS( + 3, MBEDTLS_SSL_HS_CERTIFICATE_REQUEST, ssl->handshake->sent_extensions ); return( 0 ); } @@ -2861,7 +2865,8 @@ static int ssl_tls13_write_new_session_ticket_body( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_BUF( 4, "ticket", buf, *out_len ); MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write new session ticket" ) ); - MBEDTLS_SSL_PRINT_SENT_EXTS( 3, MBEDTLS_SSL_HS_NEW_SESSION_TICKET ); + MBEDTLS_SSL_PRINT_EXTS( + 3, MBEDTLS_SSL_HS_NEW_SESSION_TICKET, ssl->handshake->sent_extensions ); return( 0 ); }