SSL/TLS record tracing code (backport from HEAD).

[oweals/openssl.git] / ssl / ssl_lib.c

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 6c108aa17e636b2422b8ec9a49b7d79ae6c2cd9f..6e1b27c5fae8a2904b7db63a40745883f37e4449 100644 (file)
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1131,6 +1131,17 @@ long SSL_ctrl(SSL *s,int cmd,long larg,void *parg)
                return(s->cert->cert_flags|=larg);
        case SSL_CTRL_CLEAR_CERT_FLAGS:
                return(s->cert->cert_flags &=~larg);
+
+       case SSL_CTRL_GET_RAW_CIPHERLIST:
+               if (parg)
+                       {
+                       if (s->cert->ciphers_raw == NULL)
+                               return 0;
+                       *(unsigned char **)parg = s->cert->ciphers_raw;
+                       return (int)s->cert->ciphers_rawlen;
+                       }
+               else
+                       return ssl_put_cipher_by_char(s,NULL,NULL);
        default:
                return(s->method->ssl_ctrl(s,cmd,larg,parg));
                }
@@ -1470,6 +1481,16 @@ STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num,
                sk_SSL_CIPHER_zero(sk);
                }
 
+       if (s->cert->ciphers_raw)
+               OPENSSL_free(s->cert->ciphers_raw);
+       s->cert->ciphers_raw = BUF_memdup(p, num);
+       if (s->cert->ciphers_raw == NULL)
+               {
+               SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,ERR_R_MALLOC_FAILURE);
+               goto err;
+               }
+       s->cert->ciphers_rawlen = (size_t)num;
+
        for (i=0; i<num; i+=n)
                {
                /* Check for SCSV */