send out the raw SSL/TLS headers to the msg_callback and display them in SSL_trace

ssl/s23_clnt.c

@@ -587,8 +587,11 @@ static int ssl23_client_hello(SSL *s)
 		if (ssl2_compat)
 			s->msg_callback(1, SSL2_VERSION, 0, s->init_buf->data+2, ret-2, s, s->msg_callback_arg);
 		else
+			{
+			s->msg_callback(1, version, SSL3_RT_HEADER, s->init_buf->data, 5, s, s->msg_callback_arg);
 			s->msg_callback(1, version, SSL3_RT_HANDSHAKE, s->init_buf->data+5, ret-5, s, s->msg_callback_arg);
 			}
+		}
 
 	return ret;
 	}
@@ -743,7 +746,10 @@ static int ssl23_get_server_hello(SSL *s)
 				}
 			
 			if (s->msg_callback)
+				{
+				s->msg_callback(0, s->version, SSL3_RT_HEADER, p, 5, s, s->msg_callback_arg);
 				s->msg_callback(0, s->version, SSL3_RT_ALERT, p+5, 2, s, s->msg_callback_arg);
+				}
 
 			s->rwstate=SSL_NOTHING;
 			SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_AD_REASON_OFFSET+p[6]);

ssl/s3_pkt.c

@@ -321,6 +321,8 @@ again:
 		s->rstate=SSL_ST_READ_BODY;
 
 		p=s->packet;
+		if (s->msg_callback)
+			s->msg_callback(0, 0, SSL3_RT_HEADER, p, 5, s, s->msg_callback_arg);
 
 		/* Pull apart the header into the SSL3_RECORD */
 		rr->type= *(p++);
@@ -822,6 +824,9 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
 	/* record length after mac and block padding */
 	s2n(wr->length,plen);
 
+	if (s->msg_callback)
+		s->msg_callback(1, 0, SSL3_RT_HEADER, plen - 5, 5, s, s->msg_callback_arg);
+
 	/* we should now have
 	 * wr->data pointing to the encrypted data, which is
 	 * wr->length long */

ssl/ssl3.h

@@ -338,6 +338,9 @@ extern "C" {
 #define TLS1_RT_CRYPTO_IV		(TLS1_RT_CRYPTO | 0x7)
 #define TLS1_RT_CRYPTO_FIXED_IV		(TLS1_RT_CRYPTO | 0x8)
 
+/* Pseudo content type for SSL/TLS header info */
+#define SSL3_RT_HEADER			0x100
+
 #define SSL3_AL_WARNING			1
 #define SSL3_AL_FATAL			2
 

ssl/t1_trce.c

@@ -1224,18 +1224,19 @@ void SSL_trace(int write_p, int version, int content_type,
 				msg, msglen);
 		return;
 		}
-
-	BIO_printf(bio, "%s Record: Version = %s (0x%x)",
-				write_p ? "Sent" : "Received",
-				ssl_trace_str(version, ssl_version_tbl),
-				version);
-	BIO_printf(bio, " Length=%d\n", (int)msglen);
-	BIO_printf(bio, "  Content Type = %s (%d)\n",
-				ssl_trace_str(content_type, ssl_content_tbl),
-				content_type);
-
 	switch (content_type)
 		{
+	case SSL3_RT_HEADER:
+		{
+		int hvers = msg[1] << 8 | msg[2];
+		BIO_puts(bio, write_p ? "Sent" : "Received");
+		BIO_printf(bio, " Record\nHeader:\n  Version = %s (0x%x)\n",
+				ssl_trace_str(hvers, ssl_version_tbl), hvers);
+		BIO_printf(bio, "  Content Type = %s (%d)\n  Length = %d",
+				ssl_trace_str(msg[0], ssl_content_tbl), msg[0],
+				msg[3] << 8 | msg[4]);
+		}
+		break;
 	case SSL3_RT_HANDSHAKE:
 		if (!ssl_print_handshake(bio, ssl, msg, msglen, 4))
 			BIO_printf(bio, "Message length parse error!\n");