diff --git a/CMakeLists.txt b/CMakeLists.txt index 39417e2f..b18fb3ae 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -831,7 +831,7 @@ endif() # set(CPACK_PACKAGE_NAME "GmSSL") set(CPACK_PACKAGE_VENDOR "GmSSL develop team") -set(CPACK_PACKAGE_VERSION "3.2.0-dev.1116") +set(CPACK_PACKAGE_VERSION "3.2.0-dev.1117") set(CPACK_PACKAGE_DESCRIPTION_FILE ${PROJECT_SOURCE_DIR}/README.md) set(CPACK_NSIS_MODIFY_PATH ON) include(CPack) diff --git a/include/gmssl/version.h b/include/gmssl/version.h index af26d2c6..f2fcfbc8 100644 --- a/include/gmssl/version.h +++ b/include/gmssl/version.h @@ -18,7 +18,7 @@ extern "C" { #define GMSSL_VERSION_NUM 30200 -#define GMSSL_VERSION_STR "GmSSL 3.2.0-dev.1116" +#define GMSSL_VERSION_STR "GmSSL 3.2.0-dev.1117" int gmssl_version_num(void); const char *gmssl_version_str(void); diff --git a/src/tls.c b/src/tls.c index 60d899e7..b0ce75b6 100644 --- a/src/tls.c +++ b/src/tls.c @@ -2341,7 +2341,6 @@ int tls_decrypt_recv(TLS_CONNECT *conn) seq_num = conn->client_seq_num; } - if(conn->verbose) tls_trace("recv Encrypted Record\n"); if (conn->send_state) { return TLS_ERROR_SEND_AGAIN; } @@ -2453,14 +2452,14 @@ static int tls12_tlcp_recv(TLS_CONNECT *conn, uint8_t *out, size_t outlen, size_ int alert; tls_record_get_alert(conn->databuf, &level, &alert); if (alert == TLS_alert_close_notify) { - if(conn->verbose) tls_trace("recv Alert.close_notify\n"); + if(conn->verbose) tls_trace("recv {Alert.close_notify}\n"); conn->close_notify_received = 1; conn->data = NULL; conn->datalen = 0; tls_clean_record(conn); return 0; } - if(conn->verbose) tls_trace("alert received\n"); + if(conn->verbose) tls_trace("recv {Alert}\n"); conn->data = NULL; conn->datalen = 0; tls_clean_record(conn); @@ -2526,7 +2525,7 @@ static int tls12_send_close_notify(TLS_CONNECT *conn) seq_num = conn->server_seq_num; } - if(conn->verbose) tls_trace("send Alert.close_notify\n"); + if(conn->verbose) tls_trace("send {Alert.close_notify}\n"); tls_record_set_alert(conn->plain_record, &conn->plain_recordlen, TLS_alert_level_warning, TLS_alert_close_notify); @@ -2579,7 +2578,7 @@ static int tls13_send_close_notify(TLS_CONNECT *conn) seq_num = conn->server_seq_num; } - if(conn->verbose) tls_trace("send Alert.close_notify\n"); + if(conn->verbose) tls_trace("send {Alert.close_notify}\n"); tls_record_set_alert(conn->plain_record, &conn->plain_recordlen, TLS_alert_level_warning, TLS_alert_close_notify); @@ -2667,7 +2666,6 @@ int tls_shutdown(TLS_CONNECT *conn) } if (conn->shutdown_state == TLS_state_shutdown_recv_close_notify) { - if(conn->verbose) tls_trace("recv Alert.close_notify\n"); for (;;) { ret = tls_recv(conn, buf, sizeof(buf), &len); if (ret == 1 && len > 0) { diff --git a/src/tls12.c b/src/tls12.c index 77e57c11..88d1299e 100644 --- a/src/tls12.c +++ b/src/tls12.c @@ -1925,7 +1925,7 @@ int tls_recv_server_finished(TLS_CONNECT *conn) return ret; } if(conn->verbose) - tls_trace("recv server Finished\n"); + tls_trace("recv server {Finished}\n"); if (tls_record_protocol(conn->record) != conn->protocol) { error_print(); @@ -2989,7 +2989,7 @@ int tls_send_server_finished(TLS_CONNECT *conn) tls_record_set_protocol(conn->plain_record, conn->protocol); if (conn->recordlen == 0) { - if(conn->verbose) tls_trace("send server Finished\n"); + if(conn->verbose) tls_trace("send server {Finished}\n"); if (tls_compute_verify_data(conn->digest, conn->master_secret, "server finished", &conn->dgst_ctx, local_verify_data) != 1) { diff --git a/src/tls13.c b/src/tls13.c index b5515a60..45a0acb0 100644 --- a/src/tls13.c +++ b/src/tls13.c @@ -1387,7 +1387,7 @@ int tls13_do_recv(TLS_CONNECT *conn) conn->recordlen = tls_record_length(conn->record); - if(conn->verbose) tls_trace("recv {ApplicationData}\n"); + if(conn->verbose) tls_trace("recv {Record}\n"); tls13_record_print(stderr, 0, 0, conn->record, conn->recordlen); @@ -1511,7 +1511,7 @@ int tls13_do_recv(TLS_CONNECT *conn) return -1; } if (alert_description == TLS_alert_close_notify) { - if(conn->verbose) tls_trace("recv Alert.close_notify\n"); + if(conn->verbose) tls_trace("recv {Alert.close_notify}\n"); conn->close_notify_received = 1; conn->data = NULL; conn->datalen = 0; diff --git a/src/tls_trace.c b/src/tls_trace.c index 1a2fa434..3189ea32 100644 --- a/src/tls_trace.c +++ b/src/tls_trace.c @@ -1168,7 +1168,7 @@ int tls_connect_print(FILE *fp, int fmt, int ind, const char *label, const TLS_C format_print(fp, fmt, ind, "%s\n", TLS_CONNECTION_ESTABLISHED_STRING); format_print(fp, fmt, ind, "Protocol: %s\n", tls_protocol_name(conn->protocol)); - format_print(fp, fmt, ind, "Cipher suite: %s\n", tls_cipher_suite_name(conn->cipher_suite)); + format_print(fp, fmt, ind, "CipherSuite: %s\n", tls_cipher_suite_name(conn->cipher_suite)); if (conn->alpn_selected) { format_print(fp, fmt, ind, "ALPN protocol: %s\n", conn->alpn_selected); } @@ -1177,13 +1177,14 @@ int tls_connect_print(FILE *fp, int fmt, int ind, const char *label, const TLS_C && x509_certs_get_cert_by_index(conn->peer_cert_chain, conn->peer_cert_chain_len, 0, &cert, &certlen) == 1) { if (x509_cert_get_subject(cert, certlen, &name, &namelen) == 1) { - x509_name_print(fp, fmt, ind, "Peer certificate subject", name, namelen); + x509_name_print(fp, fmt, ind, "Certificate.subject", name, namelen); } if (x509_cert_get_issuer(cert, certlen, &name, &namelen) == 1) { - x509_name_print(fp, fmt, ind, "Peer certificate issuer", name, namelen); + x509_name_print(fp, fmt, ind, "Certificate.issuer", name, namelen); } } + fprintf(fp, "\n"); return 1; } @@ -1291,7 +1292,7 @@ int tls_encrypted_record_print(FILE *fp, const uint8_t *record, size_t recordle } protocol = tls_record_protocol(record); - format_print(fp, fmt, ind, "EncryptedRecord\n"); ind += 4; + format_print(fp, fmt, ind, "recv {Record}\n"); ind += 4; format_print(fp, fmt, ind, "ContentType: %s (%d)\n", tls_record_type_name(record[0]), record[0]); format_print(fp, fmt, ind, "Version: %s (%04x)\n", tls_protocol_name(protocol), protocol); format_print(fp, fmt, ind, "Length: %d\n", tls_record_data_length(record)); @@ -1341,6 +1342,7 @@ int tls_handshake_digest_print(FILE *fp, int fmt, int ind, const char *label, co format_print(fp, fmt, ind, "transcript_hash "); format_bytes(fp, 0, 0, label, dgst, dgstlen); + fprintf(fp, "\n"); return 1; } diff --git a/tools/tls13_client.c b/tools/tls13_client.c index dd8e1f0b..82669f9f 100644 --- a/tools/tls13_client.c +++ b/tools/tls13_client.c @@ -817,7 +817,6 @@ bad: } tls_connect_print(stderr, 0, 0, NULL, &conn); - fprintf(stderr, "\n"); if (get) { snprintf(buf, sizeof(buf), "GET %s HTTP/1.1\r\nHost: %s\r\n\r\n", get, host);