From: Alan T. DeKok <aland@freeradius.org>
Date: Sun, 20 Jun 2021 13:33:30 +0000 (-0400)
Subject: print out decrypyted SSL data at debug>3
X-Git-Tag: release_3_0_24~192
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=36e4b4584f0867be7242328a762be664d7ac32d4;p=thirdparty%2Ffreeradius-server.git

print out decrypyted SSL data at debug>3
---

diff --git a/src/main/cb.c b/src/main/cb.c
index ec8e77aa006..d491c0c160f 100644
--- a/src/main/cb.c
+++ b/src/main/cb.c
@@ -153,6 +153,25 @@ void cbtls_msg(int write_p, int msg_version, int content_type,
 	 */
 	if (!state) return;
 
+	if (rad_debug_lvl > 3) {
+		size_t i, j, data_len = len;
+		char buffer[3*16 + 1];
+		uint8_t const *in = inbuf;
+
+		DEBUG("(TLS) Received %zu bytes of TLS data", len);
+		if (data_len > 256) data_len = 256;
+
+		for (i = 0; i < data_len; i += 16) {
+			for (j = 0; j < 16; j++) {
+				if ((i + j) >= data_len) break;
+
+				sprintf(buffer + 3 * j, "%02x ", in[i + j]);
+			}
+
+			DEBUG("(TLS)        %s", buffer);
+		}
+	}
+
 	/*
 	 *	0 - received (from peer)
 	 *	1 - sending (to peer)
@@ -163,7 +182,6 @@ void cbtls_msg(int write_p, int msg_version, int content_type,
 	state->info.version = msg_version;
 	state->info.initialized = true;
 
-
 	if (content_type == SSL3_RT_ALERT) {
 		state->info.alert_level = buf[0];
 		state->info.alert_description = buf[1];
@@ -197,6 +215,7 @@ void cbtls_msg(int write_p, int msg_version, int content_type,
 		}
 #endif
 	}
+
 	tls_session_information(state);
 }