From ea34a58385058748c51037bfb2c3208ee639f5f1 Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Mon, 4 Feb 2013 14:53:47 +0000
Subject: [PATCH] Fix for trace code: SSL3 doesn't include a length value for
 encrypted premaster secret value.

---
 ssl/t1_trce.c | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/ssl/t1_trce.c b/ssl/t1_trce.c
index b8651641a3..c603134821 100644
--- a/ssl/t1_trce.c
+++ b/ssl/t1_trce.c
@@ -843,10 +843,19 @@ static int ssl_print_client_keyex(BIO *bio, int indent, SSL *ssl,
 		{
 
 	case SSL_kRSA:
-		if (!ssl_print_hexbuf(bio, indent + 2,
+		if (TLS1_get_version(ssl) == SSL3_VERSION)
+			{
+			ssl_print_hex(bio, indent + 2,
+						"EncyptedPreMasterSecret",
+						msg, msglen);
+			}
+		else
+			{
+			if (!ssl_print_hexbuf(bio, indent + 2,
 						"EncyptedPreMasterSecret", 2,
 						&msg, &msglen))
 				return 0;
+			}
 		break;
 
 		/* Implicit parameters only allowed for static DH */
-- 
2.25.1