diff --git a/src/tls.c b/src/tls.c index 61e6a67a4..c2bf98711 100644 --- a/src/tls.c +++ b/src/tls.c @@ -10289,6 +10289,9 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, switch (type) { case TLSX_SERVER_NAME: WOLFSSL_MSG("SNI extension received"); + #ifdef WOLFSSL_DEBUG_TLS + WOLFSSL_BUFFER(input + offset, size); + #endif #ifdef WOLFSSL_TLS13 if (IsAtLeastTLSv1_3(ssl->version) && @@ -10307,6 +10310,9 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, case TLSX_TRUSTED_CA_KEYS: WOLFSSL_MSG("Trusted CA extension received"); + #ifdef WOLFSSL_DEBUG_TLS + WOLFSSL_BUFFER(input + offset, size); + #endif #ifdef WOLFSSL_TLS13 if (IsAtLeastTLSv1_3(ssl->version) && @@ -10320,6 +10326,9 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, case TLSX_MAX_FRAGMENT_LENGTH: WOLFSSL_MSG("Max Fragment Length extension received"); + #ifdef WOLFSSL_DEBUG_TLS + WOLFSSL_BUFFER(input + offset, size); + #endif #ifdef WOLFSSL_TLS13 if (IsAtLeastTLSv1_3(ssl->version) && @@ -10337,6 +10346,9 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, case TLSX_TRUNCATED_HMAC: WOLFSSL_MSG("Truncated HMAC extension received"); + #ifdef WOLFSSL_DEBUG_TLS + WOLFSSL_BUFFER(input + offset, size); + #endif #ifdef WOLFSSL_TLS13 if (IsAtLeastTLSv1_3(ssl->version)) @@ -10347,6 +10359,9 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, case TLSX_SUPPORTED_GROUPS: WOLFSSL_MSG("Supported Groups extension received"); + #ifdef WOLFSSL_DEBUG_TLS + WOLFSSL_BUFFER(input + offset, size); + #endif #ifdef WOLFSSL_TLS13 if (IsAtLeastTLSv1_3(ssl->version) && @@ -10365,6 +10380,9 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, case TLSX_EC_POINT_FORMATS: WOLFSSL_MSG("Point Formats extension received"); + #ifdef WOLFSSL_DEBUG_TLS + WOLFSSL_BUFFER(input + offset, size); + #endif #ifdef WOLFSSL_TLS13 if (IsAtLeastTLSv1_3(ssl->ctx->method->version)) @@ -10375,6 +10393,9 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, case TLSX_STATUS_REQUEST: WOLFSSL_MSG("Certificate Status Request extension received"); + #ifdef WOLFSSL_DEBUG_TLS + WOLFSSL_BUFFER(input + offset, size); + #endif #ifdef WOLFSSL_TLS13 if (IsAtLeastTLSv1_3(ssl->version)) @@ -10385,6 +10406,9 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, case TLSX_STATUS_REQUEST_V2: WOLFSSL_MSG("Certificate Status Request v2 extension received"); + #ifdef WOLFSSL_DEBUG_TLS + WOLFSSL_BUFFER(input + offset, size); + #endif #ifdef WOLFSSL_TLS13 if (IsAtLeastTLSv1_3(ssl->version) && @@ -10400,6 +10424,9 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, #ifdef HAVE_EXTENDED_MASTER case HELLO_EXT_EXTMS: WOLFSSL_MSG("Extended Master Secret extension received"); + #ifdef WOLFSSL_DEBUG_TLS + WOLFSSL_BUFFER(input + offset, size); + #endif #ifdef WOLFSSL_TLS13 if (IsAtLeastTLSv1_3(ssl->version)) @@ -10415,6 +10442,9 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, case TLSX_RENEGOTIATION_INFO: WOLFSSL_MSG("Secure Renegotiation extension received"); + #ifdef WOLFSSL_DEBUG_TLS + WOLFSSL_BUFFER(input + offset, size); + #endif #ifdef WOLFSSL_TLS13 if (IsAtLeastTLSv1_3(ssl->version)) @@ -10425,6 +10455,9 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, case TLSX_SESSION_TICKET: WOLFSSL_MSG("Session Ticket extension received"); + #ifdef WOLFSSL_DEBUG_TLS + WOLFSSL_BUFFER(input + offset, size); + #endif #ifdef WOLFSSL_TLS13 if (IsAtLeastTLSv1_3(ssl->version) && @@ -10437,6 +10470,9 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, case TLSX_QUANTUM_SAFE_HYBRID: WOLFSSL_MSG("Quantum-Safe-Hybrid extension received"); + #ifdef WOLFSSL_DEBUG_TLS + WOLFSSL_BUFFER(input + offset, size); + #endif #ifdef WOLFSSL_TLS13 if (IsAtLeastTLSv1_3(ssl->version)) @@ -10448,6 +10484,10 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, case TLSX_APPLICATION_LAYER_PROTOCOL: WOLFSSL_MSG("ALPN extension received"); + #ifdef WOLFSSL_DEBUG_TLS + WOLFSSL_BUFFER(input + offset, size); + #endif + #ifdef WOLFSSL_TLS13 if (IsAtLeastTLSv1_3(ssl->version) && msgType != client_hello && @@ -10465,6 +10505,9 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, #if !defined(WOLFSSL_NO_SIGALG) case TLSX_SIGNATURE_ALGORITHMS: WOLFSSL_MSG("Signature Algorithms extension received"); + #ifdef WOLFSSL_DEBUG_TLS + WOLFSSL_BUFFER(input + offset, size); + #endif if (!IsAtLeastTLSv1_2(ssl)) break; @@ -10481,11 +10524,17 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, #ifdef WOLFSSL_TLS13 case TLSX_SUPPORTED_VERSIONS: WOLFSSL_MSG("Skipping Supported Versions - already processed"); + #ifdef WOLFSSL_DEBUG_TLS + WOLFSSL_BUFFER(input + offset, size); + #endif break; case TLSX_COOKIE: WOLFSSL_MSG("Cookie extension received"); + #ifdef WOLFSSL_DEBUG_TLS + WOLFSSL_BUFFER(input + offset, size); + #endif if (!IsAtLeastTLSv1_3(ssl->version)) break; @@ -10501,6 +10550,9 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) case TLSX_PRE_SHARED_KEY: WOLFSSL_MSG("Pre-Shared Key extension received"); + #ifdef WOLFSSL_DEBUG_TLS + WOLFSSL_BUFFER(input + offset, size); + #endif if (!IsAtLeastTLSv1_3(ssl->version)) break; @@ -10514,6 +10566,9 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, case TLSX_PSK_KEY_EXCHANGE_MODES: WOLFSSL_MSG("PSK Key Exchange Modes extension received"); + #ifdef WOLFSSL_DEBUG_TLS + WOLFSSL_BUFFER(input + offset, size); + #endif if (!IsAtLeastTLSv1_3(ssl->version)) break; @@ -10528,6 +10583,9 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, #ifdef WOLFSSL_EARLY_DATA case TLSX_EARLY_DATA: WOLFSSL_MSG("Early Data extension received"); + #ifdef WOLFSSL_DEBUG_TLS + WOLFSSL_BUFFER(input + offset, size); + #endif if (!IsAtLeastTLSv1_3(ssl->version)) break; @@ -10548,6 +10606,9 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, #ifdef WOLFSSL_POST_HANDSHAKE_AUTH case TLSX_POST_HANDSHAKE_AUTH: WOLFSSL_MSG("Post Handshake Authentication extension received"); + #ifdef WOLFSSL_DEBUG_TLS + WOLFSSL_BUFFER(input + offset, size); + #endif if (!IsAtLeastTLSv1_3(ssl->version)) break; @@ -10562,6 +10623,9 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, #if !defined(WOLFSSL_TLS13_DRAFT_18) && !defined(WOLFSSL_TLS13_DRAFT_22) case TLSX_SIGNATURE_ALGORITHMS_CERT: WOLFSSL_MSG("Signature Algorithms extension received"); + #ifdef WOLFSSL_DEBUG_TLS + WOLFSSL_BUFFER(input + offset, size); + #endif if (!IsAtLeastTLSv1_3(ssl->version)) break; @@ -10581,6 +10645,9 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, case TLSX_KEY_SHARE: WOLFSSL_MSG("Key Share extension received"); + #ifdef WOLFSSL_DEBUG_TLS + WOLFSSL_BUFFER(input + offset, size); + #endif if (!IsAtLeastTLSv1_3(ssl->version)) break;