print out decrypyted SSL data at debug>3

diff --git a/src/main/cb.c b/src/main/cb.c
index ec8e77aa006ec06a98a9aa8db4c73c7fd087d901..d491c0c160f64e9c293030a6da771327cca4c505 100644 (file)
--- a/src/main/cb.c
+++ b/src/main/cb.c
@@ -153,6 +153,25 @@ void cbtls_msg(int write_p, int msg_version, int content_type,
         */
        if (!state) return;
 
+       if (rad_debug_lvl > 3) {
+               size_t i, j, data_len = len;
+               char buffer[3*16 + 1];
+               uint8_t const *in = inbuf;
+
+               DEBUG("(TLS) Received %zu bytes of TLS data", len);
+               if (data_len > 256) data_len = 256;
+
+               for (i = 0; i < data_len; i += 16) {
+                       for (j = 0; j < 16; j++) {
+                               if ((i + j) >= data_len) break;
+
+                               sprintf(buffer + 3 * j, "%02x ", in[i + j]);
+                       }
+
+                       DEBUG("(TLS)        %s", buffer);
+               }
+       }
+
        /*
         *      0 - received (from peer)
         *      1 - sending (to peer)
@@ -163,7 +182,6 @@ void cbtls_msg(int write_p, int msg_version, int content_type,
        state->info.version = msg_version;
        state->info.initialized = true;
 
-
        if (content_type == SSL3_RT_ALERT) {
                state->info.alert_level = buf[0];
                state->info.alert_description = buf[1];
@@ -197,6 +215,7 @@ void cbtls_msg(int write_p, int msg_version, int content_type,
                }
 #endif
        }
+
        tls_session_information(state);
 }