RuhNetConsulting
/
rtpengine
mirror of https://github.com/sipwise/rtpengine
1
1
Fork 0
Code Issues 0 Projects 0 Releases 822 Wiki Activity
Browse Source

MT#55283 dtls: add handshake type log 

closes #1980

Change-Id: I4336ab567eaad77f6db9f9e32969808880d16494
pull/1983/head
wangduanduan 5 months ago
committed by Richard Fuchs
parent
16ab6ffa1f
commit
ec6d07d7c5
1 changed files with 94 additions and 7 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +94
    -7
      daemon/dtls.c

+ 94
- 7
daemon/dtls.c View File

@ -40,6 +40,25 @@
#define CERT_EXPIRY_TIME (60*60*24*30) /* 30 days */ #define CERT_EXPIRY_TIME (60*60*24*30) /* 30 days */
#define DTLS_CT_CHANGE_CIPHER_SPEC 20
#define DTLS_CT_ALERT 21
#define DTLS_CT_HANDSHAKE 22
#define DTLS_CT_APPLICATION_DATA 23
// https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-7
#define DTLS_HT_HELLO_REQUEST 0
#define DTLS_HT_CLIENT_HELLO 1
#define DTLS_HT_SERVER_HELLO 2
#define DTLS_HT_HELLO_VERIFY_REQUEST 3
#define DTLS_HT_NEW_SESSION_TICKET 4
#define DTLS_HT_CERTIFICATE 11
#define DTLS_HT_SERVER_KEY_EXCHANGE 12
#define DTLS_HT_CERTIFICATE_REQUEST 13
#define DTLS_HT_SERVER_HELLO_DONE 14
#define DTLS_HT_CERTIFICATE_VERIFY 15
#define DTLS_HT_CLIENT_KEY_EXCHANGE 16
#define DTLS_HT_FINISHED 20
struct dtls_connection *dtls_ptr(stream_fd *sfd) { struct dtls_connection *dtls_ptr(stream_fd *sfd) {
if (!sfd) if (!sfd)
return NULL; return NULL;
@ -50,13 +69,9 @@ struct dtls_connection *dtls_ptr(stream_fd *sfd) {
} }
static char ciphers_str[1024]; static char ciphers_str[1024];
static unsigned int sha_1_func(unsigned char *, X509 *); static unsigned int sha_1_func(unsigned char *, X509 *);
static unsigned int sha_224_func(unsigned char *, X509 *); static unsigned int sha_224_func(unsigned char *, X509 *);
static unsigned int sha_256_func(unsigned char *, X509 *); static unsigned int sha_256_func(unsigned char *, X509 *);
@ -64,6 +79,8 @@ static unsigned int sha_384_func(unsigned char *, X509 *);
static unsigned int sha_512_func(unsigned char *, X509 *); static unsigned int sha_512_func(unsigned char *, X509 *);
static const char *dtls_content_type_str(unsigned char type);
static const char *dlts_handshake_type_str(unsigned char type);
static const struct dtls_hash_func hash_funcs[] = { static const struct dtls_hash_func hash_funcs[] = {
@ -582,6 +599,9 @@ static int try_connect(struct dtls_connection *d) {
case SSL_ERROR_WANT_WRITE: case SSL_ERROR_WANT_WRITE:
if (d->connected) { if (d->connected) {
ilogs(crypto, LOG_INFO, "DTLS data received after handshake, code: %i", code); ilogs(crypto, LOG_INFO, "DTLS data received after handshake, code: %i", code);
} else {
ilogs(crypto, LOG_DEBUG, "DTLS handshake not completed yet, current state: %s",
SSL_state_string_long(d->ssl));
} }
break; break;
case SSL_ERROR_ZERO_RETURN: case SSL_ERROR_ZERO_RETURN:
@ -637,8 +657,18 @@ static long dtls_bio_callback(BIO *bio, int oper, const char *argp, size_t len,
const endpoint_t *fsin = &ps->endpoint; const endpoint_t *fsin = &ps->endpoint;
if (fsin->port == 9 || fsin->address.family == NULL) if (fsin->port == 9 || fsin->address.family == NULL)
return ret; return ret;
if(len > 13 && (unsigned char)argp[0] == DTLS_CT_HANDSHAKE) {
ilogs(srtp, LOG_INFO, "Sending DTLS handshake %02x %s packet to %s",
argp[13],
dlts_handshake_type_str((unsigned char)argp[13]),
endpoint_print_buf(fsin));
} else {
ilogs(srtp, LOG_DEBUG, "Sending DTLS %s packet to %s",
dtls_content_type_str((unsigned char)argp[0]),
endpoint_print_buf(fsin));
}
ilogs(srtp, LOG_DEBUG, "Sending DTLS packet to %s", endpoint_print_buf(fsin));
socket_sendto(&sfd->socket, argp, len, fsin); socket_sendto(&sfd->socket, argp, len, fsin);
atomic64_inc_na(&ps->stats_out->packets); atomic64_inc_na(&ps->stats_out->packets);
atomic64_add_na(&ps->stats_out->bytes, len); atomic64_add_na(&ps->stats_out->bytes, len);
@ -877,8 +907,18 @@ int dtls(stream_fd *sfd, const str *s, const endpoint_t *fsin) {
return -1; return -1;
if (s) { if (s) {
ilogs(srtp, LOG_DEBUG, "Processing incoming DTLS packet from %s",
endpoint_print_buf(fsin));
if(s->len > 13 && (unsigned char)s->s[0] == DTLS_CT_HANDSHAKE) {
ilogs(srtp, LOG_INFO, "Processing incoming DTLS Handshake %02x %s packet from %s",
(unsigned char)s->s[13],
dlts_handshake_type_str((unsigned char)s->s[13]),
endpoint_print_buf(fsin));
} else {
ilogs(srtp, LOG_DEBUG, "Processing incoming DTLS %s packet from %s",
dtls_content_type_str((unsigned char)s->s[0]),
endpoint_print_buf(fsin));
}
BIO_write(d->r_bio, s->s, s->len); BIO_write(d->r_bio, s->s, s->len);
/* we understand this as preference of DTLS over SDES */ /* we understand this as preference of DTLS over SDES */
MEDIA_CLEAR(ps->media, SDES); MEDIA_CLEAR(ps->media, SDES);
@ -980,3 +1020,50 @@ void dtls_connection_cleanup(struct dtls_connection *c) {
} }
ZERO(*c); ZERO(*c);
} }
static const char *dtls_content_type_str(unsigned char type) {
switch (type) {
case DTLS_CT_CHANGE_CIPHER_SPEC:
return "ChangeCipherSpec";
case DTLS_CT_ALERT:
return "Alert";
case DTLS_CT_HANDSHAKE:
return "Handshake";
case DTLS_CT_APPLICATION_DATA:
return "ApplicationData";
default:
return "Unknown";
}
}
static const char *dlts_handshake_type_str(unsigned char type) {
switch (type) {
case DTLS_HT_HELLO_REQUEST:
return "HelloRequest";
case DTLS_HT_CLIENT_HELLO:
return "ClientHello";
case DTLS_HT_SERVER_HELLO:
return "ServerHello";
case DTLS_HT_HELLO_VERIFY_REQUEST:
return "HelloVerifyRequest";
case DTLS_HT_NEW_SESSION_TICKET:
return "NewSessionTicket";
case DTLS_HT_CERTIFICATE:
return "Certificate";
case DTLS_HT_SERVER_KEY_EXCHANGE:
return "ServerKeyExchange";
case DTLS_HT_CERTIFICATE_REQUEST:
return "CertificateRequest";
case DTLS_HT_SERVER_HELLO_DONE:
return "ServerHelloDone";
case DTLS_HT_CERTIFICATE_VERIFY:
return "CertificateVerify";
case DTLS_HT_CLIENT_KEY_EXCHANGE:
return "ClientKeyExchange";
case DTLS_HT_FINISHED:
return "Finished";
default:
return "Unknown";
}
}

Write Preview
Loading…
Cancel
Save