From: Cherish98 <66007047+Cherish98@users.noreply.github.com>
Date: Sun, 15 Jan 2023 18:15:23 +0000 (+0000)
Subject: openssl: don't log raw record headers
X-Git-Tag: curl-7_88_0~119
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=bde24fac7cfd4cb67593cb9b524b6a06ada09f3a;p=thirdparty%2Fcurl.git

openssl: don't log raw record headers

- Skip content type SSL3_RT_HEADER in verbose TLS output.

This commit prevents bogus and misleading verbose TLS header messages as
discussed in #10299.

Assisted-by: Peter Wu

Closes https://github.com/curl/curl/pull/10299
---

diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 9ebb5e991f..9dbd4a4e12 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -2698,6 +2698,9 @@ static void ossl_trace(int direction, int ssl_ver, int content_type,
    * For TLS 1.3, skip notification of the decrypted inner Content-Type.
    */
   if(ssl_ver
+#ifdef SSL3_RT_HEADER
+     && content_type != SSL3_RT_HEADER
+#endif
 #ifdef SSL3_RT_INNER_CONTENT_TYPE
      && content_type != SSL3_RT_INNER_CONTENT_TYPE
 #endif