[thirdparty/openssl.git] / ssl / ssl_txt.c

/* ssl/ssl_txt.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
 * by Eric Young (eay@cryptsoft.com).
 * The implementation was written so as to conform with Netscapes SSL.
 *
 * This library is free for commercial and non-commercial use as long as
 * the following conditions are aheared to.  The following conditions
 * apply to all code found in this distribution, be it the RC4, RSA,
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
 * included with this distribution is covered by the same copyright terms
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
 *
 * Copyright remains Eric Young's, and as such any Copyright notices in
 * the code are not to be removed.
 * If this package is used in a product, Eric Young should be given attribution
 * as the author of the parts of the library used.
 * This can be in the form of a textual message at program startup or
 * in documentation (online or textual) provided with the package.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *    "This product includes cryptographic software written by
 *     Eric Young (eay@cryptsoft.com)"
 *    The word 'cryptographic' can be left out if the rouines from the library
 *    being used are not cryptographic related :-).
 * 4. If you include any Windows specific code (or a derivative thereof) from
 *    the apps directory (application code) you must include an acknowledgement:
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
 *
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 *
 * The licence and distribution terms for any publically available version or
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */
/* ====================================================================
 * Copyright 2005 Nokia. All rights reserved.
 *
 * The portions of the attached software ("Contribution") is developed by
 * Nokia Corporation and is licensed pursuant to the OpenSSL open source
 * license.
 *
 * The Contribution, originally written by Mika Kousa and Pasi Eronen of
 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
 * support (see RFC 4279) to OpenSSL.
 *
 * No patent licenses or other rights except those expressly stated in
 * the OpenSSL open source license shall be deemed granted or received
 * expressly, by implication, estoppel, or otherwise.
 *
 * No assurances are provided by Nokia that the Contribution does not
 * infringe the patent or other intellectual property rights of any third
 * party or that the license provides you with all the necessary rights
 * to make use of the Contribution.
 *
 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
 * OTHERWISE.
 */

#include <stdio.h>
#include <openssl/buffer.h>
#include "ssl_locl.h"

#ifndef OPENSSL_NO_STDIO
int SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *x)
{
    BIO *b;
    int ret;

    if ((b = BIO_new(BIO_s_file_internal())) == NULL) {
        SSLerr(SSL_F_SSL_SESSION_PRINT_FP, ERR_R_BUF_LIB);
        return (0);
    }
    BIO_set_fp(b, fp, BIO_NOCLOSE);
    ret = SSL_SESSION_print(b, x);
    BIO_free(b);
    return (ret);
}
#endif

int SSL_SESSION_print(BIO *bp, const SSL_SESSION *x)
{
    unsigned int i;
    const char *s;

    if (x == NULL)
        goto err;
    if (BIO_puts(bp, "SSL-Session:\n") <= 0)
        goto err;
    if (x->ssl_version == SSL3_VERSION)
        s = "SSLv3";
    else if (x->ssl_version == TLS1_2_VERSION)
        s = "TLSv1.2";
    else if (x->ssl_version == TLS1_1_VERSION)
        s = "TLSv1.1";
    else if (x->ssl_version == TLS1_VERSION)
        s = "TLSv1";
    else if (x->ssl_version == DTLS1_VERSION)
        s = "DTLSv1";
    else if (x->ssl_version == DTLS1_2_VERSION)
        s = "DTLSv1.2";
    else if (x->ssl_version == DTLS1_BAD_VER)
        s = "DTLSv1-bad";
    else
        s = "unknown";
    if (BIO_printf(bp, "    Protocol  : %s\n", s) <= 0)
        goto err;

    if (x->cipher == NULL) {
        if (((x->cipher_id) & 0xff000000) == 0x02000000) {
            if (BIO_printf
                (bp, "    Cipher    : %06lX\n", x->cipher_id & 0xffffff) <= 0)
                goto err;
        } else {
            if (BIO_printf
                (bp, "    Cipher    : %04lX\n", x->cipher_id & 0xffff) <= 0)
                goto err;
        }
    } else {
        if (BIO_printf
            (bp, "    Cipher    : %s\n",
             ((x->cipher == NULL) ? "unknown" : x->cipher->name)) <= 0)
            goto err;
    }
    if (BIO_puts(bp, "    Session-ID: ") <= 0)
        goto err;
    for (i = 0; i < x->session_id_length; i++) {
        if (BIO_printf(bp, "%02X", x->session_id[i]) <= 0)
            goto err;
    }
    if (BIO_puts(bp, "\n    Session-ID-ctx: ") <= 0)
        goto err;
    for (i = 0; i < x->sid_ctx_length; i++) {
        if (BIO_printf(bp, "%02X", x->sid_ctx[i]) <= 0)
            goto err;
    }
    if (BIO_puts(bp, "\n    Master-Key: ") <= 0)
        goto err;
    for (i = 0; i < (unsigned int)x->master_key_length; i++) {
        if (BIO_printf(bp, "%02X", x->master_key[i]) <= 0)
            goto err;
    }
#ifndef OPENSSL_NO_KRB5
    if (BIO_puts(bp, "\n    Krb5 Principal: ") <= 0)
        goto err;
    if (x->krb5_client_princ_len == 0) {
        if (BIO_puts(bp, "None") <= 0)
            goto err;
    } else
        for (i = 0; i < x->krb5_client_princ_len; i++) {
            if (BIO_printf(bp, "%02X", x->krb5_client_princ[i]) <= 0)
                goto err;
        }
#endif                          /* OPENSSL_NO_KRB5 */
#ifndef OPENSSL_NO_PSK
    if (BIO_puts(bp, "\n    PSK identity: ") <= 0)
        goto err;
    if (BIO_printf(bp, "%s", x->psk_identity ? x->psk_identity : "None") <= 0)
        goto err;
    if (BIO_puts(bp, "\n    PSK identity hint: ") <= 0)
        goto err;
    if (BIO_printf
        (bp, "%s", x->psk_identity_hint ? x->psk_identity_hint : "None") <= 0)
        goto err;
#endif
#ifndef OPENSSL_NO_SRP
    if (BIO_puts(bp, "\n    SRP username: ") <= 0)
        goto err;
    if (BIO_printf(bp, "%s", x->srp_username ? x->srp_username : "None") <= 0)
        goto err;
#endif
#ifndef OPENSSL_NO_TLSEXT
    if (x->tlsext_tick_lifetime_hint) {
        if (BIO_printf(bp,
                       "\n    TLS session ticket lifetime hint: %ld (seconds)",
                       x->tlsext_tick_lifetime_hint) <= 0)
            goto err;
    }
    if (x->tlsext_tick) {
        if (BIO_puts(bp, "\n    TLS session ticket:\n") <= 0)
            goto err;
        if (BIO_dump_indent(bp, (char *)x->tlsext_tick, x->tlsext_ticklen, 4)
            <= 0)
            goto err;
    }
#endif

#ifndef OPENSSL_NO_COMP
    if (x->compress_meth != 0) {
        SSL_COMP *comp = NULL;

        if (!ssl_cipher_get_evp(x, NULL, NULL, NULL, NULL, &comp, 0))
            goto err;
        if (comp == NULL) {
            if (BIO_printf(bp, "\n    Compression: %d", x->compress_meth) <=
                0)
                goto err;
        } else {
            if (BIO_printf
                (bp, "\n    Compression: %d (%s)", comp->id,
                 comp->method->name) <= 0)
                goto err;
        }
    }
#endif
    if (x->time != 0L) {
        if (BIO_printf(bp, "\n    Start Time: %ld", x->time) <= 0)
            goto err;
    }
    if (x->timeout != 0L) {
        if (BIO_printf(bp, "\n    Timeout   : %ld (sec)", x->timeout) <= 0)
            goto err;
    }
    if (BIO_puts(bp, "\n") <= 0)
        goto err;

    if (BIO_puts(bp, "    Verify return code: ") <= 0)
        goto err;
    if (BIO_printf(bp, "%ld (%s)\n", x->verify_result,
                   X509_verify_cert_error_string(x->verify_result)) <= 0)
        goto err;

    if (BIO_printf(bp, "    Extended master secret: %s\n",
                   x->flags & SSL_SESS_FLAG_EXTMS ? "yes" : "no") <= 0)
        goto err;

    return (1);
 err:
    return (0);
}

/*
 * print session id and master key in NSS keylog format (RSA
 * Session-ID:<session id> Master-Key:<master key>)
 */
int SSL_SESSION_print_keylog(BIO *bp, const SSL_SESSION *x)
{
    unsigned int i;

    if (x == NULL)
        goto err;
    if (x->session_id_length == 0 || x->master_key_length == 0)
        goto err;

    /*
     * the RSA prefix is required by the format's definition although there's
     * nothing RSA-specifc in the output, therefore, we don't have to check if
     * the cipher suite is based on RSA
     */
    if (BIO_puts(bp, "RSA ") <= 0)
        goto err;

    if (BIO_puts(bp, "Session-ID:") <= 0)
        goto err;
    for (i = 0; i < x->session_id_length; i++) {
        if (BIO_printf(bp, "%02X", x->session_id[i]) <= 0)
            goto err;
    }
    if (BIO_puts(bp, " Master-Key:") <= 0)
        goto err;
    for (i = 0; i < (unsigned int)x->master_key_length; i++) {
        if (BIO_printf(bp, "%02X", x->master_key[i]) <= 0)
            goto err;
    }
    if (BIO_puts(bp, "\n") <= 0)
        goto err;

    return (1);
 err:
    return (0);
}
Commit	Line	Data
d02b48c6	1	/* ssl/ssl_txt.c */
58964a49	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
d02b48c6 RE	3	* All rights reserved.
	4	*
	5	* This package is an SSL implementation written
	6	* by Eric Young (eay@cryptsoft.com).
	7	* The implementation was written so as to conform with Netscapes SSL.
0f113f3e	8	*
d02b48c6 RE	9	* This library is free for commercial and non-commercial use as long as
	10	* the following conditions are aheared to. The following conditions
	11	* apply to all code found in this distribution, be it the RC4, RSA,
	12	* lhash, DES, etc., code; not just the SSL code. The SSL documentation
	13	* included with this distribution is covered by the same copyright terms
	14	* except that the holder is Tim Hudson (tjh@cryptsoft.com).
0f113f3e	15	*
d02b48c6 RE	16	* Copyright remains Eric Young's, and as such any Copyright notices in
	17	* the code are not to be removed.
	18	* If this package is used in a product, Eric Young should be given attribution
	19	* as the author of the parts of the library used.
	20	* This can be in the form of a textual message at program startup or
	21	* in documentation (online or textual) provided with the package.
0f113f3e	22	*
d02b48c6 RE	23	* Redistribution and use in source and binary forms, with or without
	24	* modification, are permitted provided that the following conditions
	25	* are met:
	26	* 1. Redistributions of source code must retain the copyright
	27	* notice, this list of conditions and the following disclaimer.
	28	* 2. Redistributions in binary form must reproduce the above copyright
	29	* notice, this list of conditions and the following disclaimer in the
	30	* documentation and/or other materials provided with the distribution.
	31	* 3. All advertising materials mentioning features or use of this software
	32	* must display the following acknowledgement:
	33	* "This product includes cryptographic software written by
	34	* Eric Young (eay@cryptsoft.com)"
	35	* The word 'cryptographic' can be left out if the rouines from the library
	36	* being used are not cryptographic related :-).
0f113f3e	37	* 4. If you include any Windows specific code (or a derivative thereof) from
d02b48c6 RE	38	* the apps directory (application code) you must include an acknowledgement:
d02b48c6 RE	39	* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
0f113f3e	40	*
d02b48c6 RE	41	* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
	42	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	43	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
	44	* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
	45	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
	46	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
	47	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	48	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
	49	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
	50	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
	51	* SUCH DAMAGE.
0f113f3e	52	*
d02b48c6 RE	53	* The licence and distribution terms for any publically available version or
	54	* derivative of this code cannot be changed. i.e. this code cannot simply be
	55	* copied and put under another distribution licence
	56	* [including the GNU Public Licence.]
	57	*/
ddac1974 NL	58	/* ====================================================================
	59	* Copyright 2005 Nokia. All rights reserved.
	60	*
	61	* The portions of the attached software ("Contribution") is developed by
	62	* Nokia Corporation and is licensed pursuant to the OpenSSL open source
	63	* license.
	64	*
	65	* The Contribution, originally written by Mika Kousa and Pasi Eronen of
	66	* Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
	67	* support (see RFC 4279) to OpenSSL.
	68	*
	69	* No patent licenses or other rights except those expressly stated in
	70	* the OpenSSL open source license shall be deemed granted or received
	71	* expressly, by implication, estoppel, or otherwise.
	72	*
	73	* No assurances are provided by Nokia that the Contribution does not
	74	* infringe the patent or other intellectual property rights of any third
	75	* party or that the license provides you with all the necessary rights
	76	* to make use of the Contribution.
	77	*
	78	* THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
	79	* ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
	80	* SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
	81	* OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
	82	* OTHERWISE.
	83	*/
d02b48c6 RE	84
d02b48c6 RE	85	#include <stdio.h>
ec577822	86	#include <openssl/buffer.h>
d02b48c6 RE	87	#include "ssl_locl.h"
d02b48c6 RE	88
4b618848	89	#ifndef OPENSSL_NO_STDIO
0821bcd4	90	int SSL_SESSION_print_fp(FILE fp, const SSL_SESSION x)
0f113f3e MC	91	{
	92	BIO *b;
	93	int ret;
d02b48c6	94
0f113f3e MC	95	if ((b = BIO_new(BIO_s_file_internal())) == NULL) {
	96	SSLerr(SSL_F_SSL_SESSION_PRINT_FP, ERR_R_BUF_LIB);
	97	return (0);
	98	}
	99	BIO_set_fp(b, fp, BIO_NOCLOSE);
	100	ret = SSL_SESSION_print(b, x);
	101	BIO_free(b);
	102	return (ret);
	103	}
d02b48c6 RE	104	#endif
d02b48c6 RE	105
0821bcd4	106	int SSL_SESSION_print(BIO bp, const SSL_SESSION x)
0f113f3e MC	107	{
	108	unsigned int i;
	109	const char *s;
d02b48c6	110
0f113f3e MC	111	if (x == NULL)
	112	goto err;
	113	if (BIO_puts(bp, "SSL-Session:\n") <= 0)
	114	goto err;
	115	if (x->ssl_version == SSL3_VERSION)
	116	s = "SSLv3";
	117	else if (x->ssl_version == TLS1_2_VERSION)
	118	s = "TLSv1.2";
	119	else if (x->ssl_version == TLS1_1_VERSION)
	120	s = "TLSv1.1";
	121	else if (x->ssl_version == TLS1_VERSION)
	122	s = "TLSv1";
	123	else if (x->ssl_version == DTLS1_VERSION)
	124	s = "DTLSv1";
	125	else if (x->ssl_version == DTLS1_2_VERSION)
	126	s = "DTLSv1.2";
	127	else if (x->ssl_version == DTLS1_BAD_VER)
	128	s = "DTLSv1-bad";
	129	else
	130	s = "unknown";
	131	if (BIO_printf(bp, " Protocol : %s\n", s) <= 0)
	132	goto err;
58964a49	133
0f113f3e MC	134	if (x->cipher == NULL) {
	135	if (((x->cipher_id) & 0xff000000) == 0x02000000) {
	136	if (BIO_printf
	137	(bp, " Cipher : %06lX\n", x->cipher_id & 0xffffff) <= 0)
	138	goto err;
	139	} else {
	140	if (BIO_printf
	141	(bp, " Cipher : %04lX\n", x->cipher_id & 0xffff) <= 0)
	142	goto err;
	143	}
	144	} else {
	145	if (BIO_printf
	146	(bp, " Cipher : %s\n",
	147	((x->cipher == NULL) ? "unknown" : x->cipher->name)) <= 0)
	148	goto err;
	149	}
	150	if (BIO_puts(bp, " Session-ID: ") <= 0)
	151	goto err;
	152	for (i = 0; i < x->session_id_length; i++) {
	153	if (BIO_printf(bp, "%02X", x->session_id[i]) <= 0)
	154	goto err;
	155	}
	156	if (BIO_puts(bp, "\n Session-ID-ctx: ") <= 0)
	157	goto err;
	158	for (i = 0; i < x->sid_ctx_length; i++) {
	159	if (BIO_printf(bp, "%02X", x->sid_ctx[i]) <= 0)
	160	goto err;
	161	}
	162	if (BIO_puts(bp, "\n Master-Key: ") <= 0)
	163	goto err;
	164	for (i = 0; i < (unsigned int)x->master_key_length; i++) {
	165	if (BIO_printf(bp, "%02X", x->master_key[i]) <= 0)
	166	goto err;
	167	}
882e8912	168	#ifndef OPENSSL_NO_KRB5
0f113f3e MC	169	if (BIO_puts(bp, "\n Krb5 Principal: ") <= 0)
	170	goto err;
	171	if (x->krb5_client_princ_len == 0) {
	172	if (BIO_puts(bp, "None") <= 0)
	173	goto err;
	174	} else
	175	for (i = 0; i < x->krb5_client_princ_len; i++) {
	176	if (BIO_printf(bp, "%02X", x->krb5_client_princ[i]) <= 0)
	177	goto err;
	178	}
	179	#endif /* OPENSSL_NO_KRB5 */
ddac1974	180	#ifndef OPENSSL_NO_PSK
0f113f3e MC	181	if (BIO_puts(bp, "\n PSK identity: ") <= 0)
	182	goto err;
	183	if (BIO_printf(bp, "%s", x->psk_identity ? x->psk_identity : "None") <= 0)
	184	goto err;
	185	if (BIO_puts(bp, "\n PSK identity hint: ") <= 0)
	186	goto err;
	187	if (BIO_printf
	188	(bp, "%s", x->psk_identity_hint ? x->psk_identity_hint : "None") <= 0)
	189	goto err;
ddac1974	190	#endif
edc032b5	191	#ifndef OPENSSL_NO_SRP
0f113f3e MC	192	if (BIO_puts(bp, "\n SRP username: ") <= 0)
	193	goto err;
	194	if (BIO_printf(bp, "%s", x->srp_username ? x->srp_username : "None") <= 0)
	195	goto err;
edc032b5	196	#endif
6434abbf	197	#ifndef OPENSSL_NO_TLSEXT
0f113f3e MC	198	if (x->tlsext_tick_lifetime_hint) {
	199	if (BIO_printf(bp,
	200	"\n TLS session ticket lifetime hint: %ld (seconds)",
	201	x->tlsext_tick_lifetime_hint) <= 0)
	202	goto err;
	203	}
	204	if (x->tlsext_tick) {
	205	if (BIO_puts(bp, "\n TLS session ticket:\n") <= 0)
	206	goto err;
	207	if (BIO_dump_indent(bp, (char *)x->tlsext_tick, x->tlsext_ticklen, 4)
	208	<= 0)
	209	goto err;
	210	}
6434abbf DSH	211	#endif
6434abbf DSH	212
09b6c2ef	213	#ifndef OPENSSL_NO_COMP
0f113f3e MC	214	if (x->compress_meth != 0) {
0f113f3e MC	215	SSL_COMP *comp = NULL;
413c4f45	216
61986d32	217	if (!ssl_cipher_get_evp(x, NULL, NULL, NULL, NULL, &comp, 0))
69f68237	218	goto err;
0f113f3e MC	219	if (comp == NULL) {
	220	if (BIO_printf(bp, "\n Compression: %d", x->compress_meth) <=
	221	0)
	222	goto err;
	223	} else {
	224	if (BIO_printf
	225	(bp, "\n Compression: %d (%s)", comp->id,
	226	comp->method->name) <= 0)
	227	goto err;
	228	}
	229	}
09b6c2ef	230	#endif
0f113f3e MC	231	if (x->time != 0L) {
	232	if (BIO_printf(bp, "\n Start Time: %ld", x->time) <= 0)
	233	goto err;
	234	}
	235	if (x->timeout != 0L) {
	236	if (BIO_printf(bp, "\n Timeout : %ld (sec)", x->timeout) <= 0)
	237	goto err;
	238	}
	239	if (BIO_puts(bp, "\n") <= 0)
	240	goto err;
	241
	242	if (BIO_puts(bp, " Verify return code: ") <= 0)
	243	goto err;
	244	if (BIO_printf(bp, "%ld (%s)\n", x->verify_result,
	245	X509_verify_cert_error_string(x->verify_result)) <= 0)
	246	goto err;
25f923dd	247
ddc06b35 DSH	248	if (BIO_printf(bp, " Extended master secret: %s\n",
	249	x->flags & SSL_SESS_FLAG_EXTMS ? "yes" : "no") <= 0)
	250	goto err;
	251
0f113f3e MC	252	return (1);
	253	err:
	254	return (0);
	255	}
d02b48c6	256
0f113f3e MC	257	/*
	258	* print session id and master key in NSS keylog format (RSA
	259	* Session-ID:<session id> Master-Key:<master key>)
	260	*/
189ae368	261	int SSL_SESSION_print_keylog(BIO bp, const SSL_SESSION x)
0f113f3e MC	262	{
0f113f3e MC	263	unsigned int i;
189ae368	264
0f113f3e MC	265	if (x == NULL)
	266	goto err;
	267	if (x->session_id_length == 0 \|\| x->master_key_length == 0)
	268	goto err;
189ae368	269
0f113f3e MC	270	/*
	271	* the RSA prefix is required by the format's definition although there's
	272	* nothing RSA-specifc in the output, therefore, we don't have to check if
	273	* the cipher suite is based on RSA
	274	*/
	275	if (BIO_puts(bp, "RSA ") <= 0)
	276	goto err;
189ae368	277
0f113f3e MC	278	if (BIO_puts(bp, "Session-ID:") <= 0)
	279	goto err;
	280	for (i = 0; i < x->session_id_length; i++) {
	281	if (BIO_printf(bp, "%02X", x->session_id[i]) <= 0)
	282	goto err;
	283	}
	284	if (BIO_puts(bp, " Master-Key:") <= 0)
	285	goto err;
	286	for (i = 0; i < (unsigned int)x->master_key_length; i++) {
	287	if (BIO_printf(bp, "%02X", x->master_key[i]) <= 0)
	288	goto err;
	289	}
	290	if (BIO_puts(bp, "\n") <= 0)
	291	goto err;
189ae368	292
0f113f3e MC	293	return (1);
	294	err:
	295	return (0);
	296	}