From bde24fac7cfd4cb67593cb9b524b6a06ada09f3a Mon Sep 17 00:00:00 2001
From: Cherish98 <66007047+Cherish98@users.noreply.github.com>
Date: Sun, 15 Jan 2023 18:15:23 +0000
Subject: [PATCH] openssl: don't log raw record headers

- Skip content type SSL3_RT_HEADER in verbose TLS output.

This commit prevents bogus and misleading verbose TLS header messages as
discussed in #10299.

Assisted-by: Peter Wu

Closes https://github.com/curl/curl/pull/10299
---
 lib/vtls/openssl.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 9ebb5e991f..9dbd4a4e12 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -2698,6 +2698,9 @@ static void ossl_trace(int direction, int ssl_ver, int content_type,
    * For TLS 1.3, skip notification of the decrypted inner Content-Type.
    */
   if(ssl_ver
+#ifdef SSL3_RT_HEADER
+     && content_type != SSL3_RT_HEADER
+#endif
 #ifdef SSL3_RT_INNER_CONTENT_TYPE
      && content_type != SSL3_RT_INNER_CONTENT_TYPE
 #endif
-- 
2.47.3