1 files changed, 14 insertions, 25 deletions

diff --git a/libs/libcurl/src/vtls/keylog.c b/libs/libcurl/src/vtls/keylog.c
index e403114934..3e6bdff54e 100644
--- a/libs/libcurl/src/vtls/keylog.c
+++ b/libs/libcurl/src/vtls/keylog.c
@@ -21,32 +21,22 @@
  * SPDX-License-Identifier: curl

  *

  ***************************************************************************/

-#include "curl_setup.h"

+#include "../curl_setup.h"

 

 #if defined(USE_OPENSSL) || \

   defined(USE_GNUTLS) || \

   defined(USE_WOLFSSL) || \

   (defined(USE_NGTCP2) && defined(USE_NGHTTP3)) || \

-  defined(USE_QUICHE)

+  defined(USE_QUICHE) || \

+  defined(USE_RUSTLS)

 

 #include "keylog.h"

 #include <curl/curl.h>

+#include "../escape.h"

 

 /* The last #include files should be: */

-#include "curl_memory.h"

-#include "memdebug.h"

-

-#define KEYLOG_LABEL_MAXLEN (sizeof("CLIENT_HANDSHAKE_TRAFFIC_SECRET") - 1)

-

-#define CLIENT_RANDOM_SIZE  32

-

-/*

- * The master secret in TLS 1.2 and before is always 48 bytes. In TLS 1.3, the

- * secret size depends on the cipher suite's hash function which is 32 bytes

- * for SHA-256 and 48 bytes for SHA-384.

- */

-#define SECRET_MAXLEN       48

-

+#include "../curl_memory.h"

+#include "../memdebug.h"

 

 /* The fp for the open SSLKEYLOGFILE, or NULL if not open */

 static FILE *keylog_file_fp;

@@ -104,7 +94,7 @@ Curl_tls_keylog_write_line(const char *line)
 

   linelen = strlen(line);

   if(linelen == 0 || linelen > sizeof(buf) - 2) {

-    /* Empty line or too big to fit in a LF and NUL. */

+    /* Empty line or too big to fit in an LF and NUL. */

     return FALSE;

   }

 

@@ -125,10 +115,9 @@ Curl_tls_keylog_write(const char *label,
                       const unsigned char client_random[CLIENT_RANDOM_SIZE],

                       const unsigned char *secret, size_t secretlen)

 {

-  const char *hex = "0123456789ABCDEF";

   size_t pos, i;

-  char line[KEYLOG_LABEL_MAXLEN + 1 + 2 * CLIENT_RANDOM_SIZE + 1 +

-            2 * SECRET_MAXLEN + 1 + 1];

+  unsigned char line[KEYLOG_LABEL_MAXLEN + 1 + 2 * CLIENT_RANDOM_SIZE + 1 +

+                     2 * SECRET_MAXLEN + 1 + 1];

 

   if(!keylog_file_fp) {

     return FALSE;

@@ -145,22 +134,22 @@ Curl_tls_keylog_write(const char *label,
 

   /* Client Random */

   for(i = 0; i < CLIENT_RANDOM_SIZE; i++) {

-    line[pos++] = hex[client_random[i] >> 4];

-    line[pos++] = hex[client_random[i] & 0xF];

+    Curl_hexbyte(&line[pos], client_random[i], FALSE);

+    pos += 2;

   }

   line[pos++] = ' ';

 

   /* Secret */

   for(i = 0; i < secretlen; i++) {

-    line[pos++] = hex[secret[i] >> 4];

-    line[pos++] = hex[secret[i] & 0xF];

+    Curl_hexbyte(&line[pos], secret[i], FALSE);

+    pos += 2;

   }

   line[pos++] = '\n';

   line[pos] = '\0';

 

   /* Using fputs here instead of fprintf since libcurl's fprintf replacement

      may not be thread-safe. */

-  fputs(line, keylog_file_fp);

+  fputs((char *)line, keylog_file_fp);

   return TRUE;

 }