From 05635c0eb1d185d9b0db0f35afa30fc951c74ded Mon Sep 17 00:00:00 2001
From: wangduanduan <eddie.murphy5@icloud.com>
Date: Mon, 28 Jul 2025 19:48:22 +0800
Subject: [PATCH] dlst: add handshake debug log

---
 daemon/dtls.c  | 75 ++++++++++++++++++++++++++++++++++++++++++++++++--
 include/dtls.h | 22 ++++++++++++++-
 2 files changed, 93 insertions(+), 4 deletions(-)

diff --git a/daemon/dtls.c b/daemon/dtls.c
index d07e5e289..887912849 100644
--- a/daemon/dtls.c
+++ b/daemon/dtls.c
@@ -582,6 +582,9 @@ static int try_connect(struct dtls_connection *d) {
 		case SSL_ERROR_WANT_WRITE:
 			if (d->connected) {
 				ilogs(crypto, LOG_INFO, "DTLS data received after handshake, code: %i", code);
+			} else {
+				ilogs(crypto, LOG_INFO, "DTLS handshake not completed yet, current state: %s", 
+					SSL_state_string_long(d->ssl));
 			}
 			break;
 		case SSL_ERROR_ZERO_RETURN:
@@ -637,8 +640,18 @@ static long dtls_bio_callback(BIO *bio, int oper, const char *argp, size_t len,
 	const endpoint_t *fsin = &ps->endpoint;
 	if (fsin->port == 9 || fsin->address.family == NULL)
 		return ret;
+	
+	if(len > 13 && (unsigned char)argp[0] == DTLS_CT_HANDSHAKE) {
+		ilogs(srtp, LOG_DEBUG, "Sending DTLS handshak %02x %s packet to %s",
+            argp[13],
+			dlts_handshake_type_str((unsigned char)argp[13]),
+			endpoint_print_buf(fsin));
+	} else {
+		ilogs(srtp, LOG_DEBUG, "Sending DTLS %s packet to %s",
+			dtls_content_type_str((unsigned char)argp[0]),
+			endpoint_print_buf(fsin));
+	}
 
-	ilogs(srtp, LOG_DEBUG, "Sending DTLS packet to %s", endpoint_print_buf(fsin));
 	socket_sendto(&sfd->socket, argp, len, fsin);
 	atomic64_inc_na(&ps->stats_out->packets);
 	atomic64_add_na(&ps->stats_out->bytes, len);
@@ -877,8 +890,18 @@ int dtls(stream_fd *sfd, const str *s, const endpoint_t *fsin) {
 		return -1;
 
 	if (s) {
-		ilogs(srtp, LOG_DEBUG, "Processing incoming DTLS packet from %s",
-				endpoint_print_buf(fsin));
+		if(s->len > 13 && (unsigned char)s->s[0] == DTLS_CT_HANDSHAKE) {
+			ilogs(srtp, LOG_DEBUG, "Processing incoming DTLS Handshake %02x %s packet from %s",
+                    (unsigned char)s->s[13],
+					dlts_handshake_type_str((unsigned char)s->s[13]),
+					endpoint_print_buf(fsin));
+		} else {
+			ilogs(srtp, LOG_DEBUG, "Processing incoming DTLS %s packet from %s",
+					dtls_content_type_str((unsigned char)s->s[0]),
+					endpoint_print_buf(fsin));
+		}
+
+
 		BIO_write(d->r_bio, s->s, s->len);
 		/* we understand this as preference of DTLS over SDES */
 		MEDIA_CLEAR(ps->media, SDES);
@@ -980,3 +1003,49 @@ void dtls_connection_cleanup(struct dtls_connection *c) {
 	}
 	ZERO(*c);
 }
+
+
+const char *dtls_content_type_str(unsigned char type) {
+	switch (type) {
+		case DTLS_CT_CHANGE_CIPHER_SPEC:
+			return "ChangeCipherSpec";
+		case DTLS_CT_ALERT:
+			return "Alert";
+		case DTLS_CT_HANDSHAKE:
+			return "Handshake";
+		case DTLS_CT_APPLICATION_DATA:
+			return "ApplicationData";
+		default:
+			return "Unknown";
+	}
+}
+const char *dlts_handshake_type_str(unsigned char type) {
+	switch (type) {
+		case DTLS_HT_HELLO_REQUEST:
+			return "HelloRequest";
+		case DTLS_HT_CLIENT_HELLO:
+			return "ClientHello";
+		case DTLS_HT_SERVER_HELLO:
+			return "ServerHello";
+		case DTLS_HT_HELLO_VERIFY_REQUEST:
+			return "HelloVerifyRequest";
+		case DTLS_HT_NEW_SESSION_TICKET:
+			return "NewSessionTicket";
+		case DTLS_HT_CERTIFICATE:
+			return "Certificate";
+		case DTLS_HT_SERVER_KEY_EXCHANGE:
+			return "ServerKeyExchange";
+		case DTLS_HT_CERTIFICATE_REQUEST:
+			return "CertificateRequest";
+		case DTLS_HT_SERVER_HELLO_DONE:
+			return "ServerHelloDone";
+		case DTLS_HT_CERTIFICATE_VERIFY:
+			return "CertificateVerify";
+		case DTLS_HT_CLIENT_KEY_EXCHANGE:
+			return "ClientKeyExchange";
+		case DTLS_HT_FINISHED:
+			return "Finished";
+		default:
+			return "Unknown";
+	}
+}
diff --git a/include/dtls.h b/include/dtls.h
index ebb1c657a..a3fe7e4e4 100644
--- a/include/dtls.h
+++ b/include/dtls.h
@@ -15,6 +15,25 @@
 #define DTLS_MAX_DIGEST_LEN 64
 #define DTLS_MTU_OVERHEAD 48 // 40 bytes IPv6 + 8 bytes UDP
 
+#define DTLS_CT_CHANGE_CIPHER_SPEC 20
+#define DTLS_CT_ALERT 21
+#define DTLS_CT_HANDSHAKE 22
+#define DTLS_CT_APPLICATION_DATA 23
+
+// https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-7
+#define DTLS_HT_HELLO_REQUEST 0
+#define DTLS_HT_CLIENT_HELLO 1
+#define DTLS_HT_SERVER_HELLO 2
+#define DTLS_HT_HELLO_VERIFY_REQUEST 3
+#define DTLS_HT_NEW_SESSION_TICKET 4
+#define DTLS_HT_CERTIFICATE 11
+#define DTLS_HT_SERVER_KEY_EXCHANGE 12
+#define DTLS_HT_CERTIFICATE_REQUEST 13
+#define DTLS_HT_SERVER_HELLO_DONE 14
+#define DTLS_HT_CERTIFICATE_VERIFY 15
+#define DTLS_HT_CLIENT_KEY_EXCHANGE 16
+#define DTLS_HT_FINISHED 20
+
 struct packet_stream;
 struct sockaddr_in6;
 
@@ -65,7 +84,8 @@ int dtls(stream_fd *, const str *s, const endpoint_t *sin);
 void dtls_connection_cleanup(struct dtls_connection *);
 void dtls_shutdown(struct packet_stream *ps);
 
-
+const char *dtls_content_type_str(unsigned char type);
+const char *dlts_handshake_type_str(unsigned char type);
 
 
 INLINE void __dtls_hash(const struct dtls_hash_func *hash_func, X509 *cert, unsigned char *out,