diff --git a/lib/modules/SSL.pmod/cipher.pike b/lib/modules/SSL.pmod/cipher.pike
index a8b9b52e4f2f232a1cedf1e305c1de215dd9750b..edb36ebf0e3b3f61cdb2e4a5192b4e8a9caea96e 100644
--- a/lib/modules/SSL.pmod/cipher.pike
+++ b/lib/modules/SSL.pmod/cipher.pike
@@ -1,4 +1,4 @@
-/* $Id: cipher.pike,v 1.7 1998/01/20 16:11:53 nisse Exp $
+/* $Id: cipher.pike,v 1.8 1998/02/11 05:19:04 nisse Exp $
*
*/
@@ -35,9 +35,17 @@ class mac_sha
string hash_raw(string data)
{
+#ifdef SSL3_DEBUG
+ werror(sprintf("SSL.cipher: hash_raw('%s')\n", data));
+#endif
+
object h = algorithm();
- h->update(data);
- return h->digest();
+ string res = h->update(data)->digest();
+#ifdef SSL3_DEBUG
+ werror(sprintf("SSL.cipher: hash_raw->'%s'\n",res));
+#endif
+
+ return res;
}
string hash(object packet, object seq_num)
diff --git a/lib/modules/SSL.pmod/handshake.pike b/lib/modules/SSL.pmod/handshake.pike
index b62d351218b5d600f81af0705bb4f84afd5cb93c..9d41bdc631975a84b9ca84112609c12309ea6a69 100644
--- a/lib/modules/SSL.pmod/handshake.pike
+++ b/lib/modules/SSL.pmod/handshake.pike
@@ -1,4 +1,4 @@
-/* $Id: handshake.pike,v 1.5 1997/05/31 22:03:56 grubba Exp $
+/* $Id: handshake.pike,v 1.6 1998/02/11 05:19:05 nisse Exp $
*
*/
@@ -172,6 +172,10 @@ object finished_packet(string sender)
string server_derive_master_secret(string data)
{
string res = "";
+#ifdef SSL3_DEBUG
+ werror(sprintf("server_derive_master_secret: ke_method %d\n",
+ session->ke_method));
+#endif
switch(session->ke_method)
{
default:
@@ -181,9 +185,13 @@ string server_derive_master_secret(string data)
case KE_rsa:
{
/* Decrypt the pre_master_secret */
+#ifdef SSL3_DEBUG
+ werror(sprintf("encrypted premaster_secret: '%s'\n", data));
+#endif
+ // trace(1);
string s = context->rsa->decrypt(data);
#ifdef SSL3_DEBUG
-// werror(sprintf("premaster_secret: '%s'\n", s));
+ werror(sprintf("premaster_secret: '%O'\n", s));
#endif
if (!s || (strlen(s) != 48) || (s[0] != 3))
return 0;
@@ -399,7 +407,7 @@ int handle_handshake(int type, string data, string raw)
return -1;
case HANDSHAKE_client_key_exchange:
#ifdef SSL3_DEBUG
-// werror("client_key_exchange\n");
+ werror("client_key_exchange\n");
#endif
if (certificate_state == CERT_requested)
{ /* Certificate should be sent before key exchange message */
@@ -410,17 +418,21 @@ int handle_handshake(int type, string data, string raw)
}
if (!(session->master_secret = server_derive_master_secret(data)))
{
+#ifdef SSL3_DEBUG
+ werror("server_derive_master_secret failed!\n");
+#endif
send_packet(Alert(ALERT_fatal, ALERT_unexpected_message,
"SSL.session->handle_handshake: unexpected message\n",
backtrace()));
return -1;
}
+ // trace(1);
array res = session->new_server_states(other_random, my_random);
pending_read_state = res[0];
pending_write_state = res[1];
#ifdef SSL3_DEBUG
-// werror(sprintf("certificate_state: %d\n", certificate_state));
+ werror(sprintf("certificate_state: %d\n", certificate_state));
#endif
if (certificate_state != CERT_received)
{
diff --git a/lib/modules/SSL.pmod/session.pike b/lib/modules/SSL.pmod/session.pike
index 5badc33831d7ee75f0f1f80bfcfe1835b1a18cb7..954327cac1793e99c2c1f0ccff06e69c520a8027 100644
--- a/lib/modules/SSL.pmod/session.pike
+++ b/lib/modules/SSL.pmod/session.pike
@@ -1,4 +1,4 @@
-/* $Id: session.pike,v 1.7 1997/05/31 22:04:00 grubba Exp $
+/* $Id: session.pike,v 1.8 1998/02/11 05:19:06 nisse Exp $
*
*/
@@ -52,7 +52,7 @@ string generate_key_block(string client_random, string server_random)
i++;
string cookie = replace(allocate(i), 0, sprintf("%c", 64+i)) * "";
#ifdef SSL3_DEBUG
-// werror(sprintf("cookie '%s'\n", cookie));
+ werror(sprintf("cookie '%s'\n", cookie));
#endif
key += md5->hash_raw(master_secret +
sha->hash_raw(cookie + master_secret +