<html>
<head>
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
</head>
<body text="#000000" bgcolor="#FFFFFF">
On 08/14/2017 11:30 PM, Vakul Garg wrote:<br>
<blockquote type="cite"
cite="mid:HE1PR04MB3082F78504371E571F4517108B8D0@HE1PR04MB3082.eurprd04.prod.outlook.com">
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
<meta name="Generator" content="Microsoft Word 15 (filtered
medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri",sans-serif;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="WordSection1">
<p class="MsoNormal">Hi<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">I am using openssl s_server and s_client
with ‘-msg’ option to track tls1.2 records being exchanged.<o:p></o:p></p>
<p class="MsoNormal">I notice that while transmitted
change_cipher_spec record gets printed.<o:p></o:p></p>
<p class="MsoNormal">But the reception of change_cipher_spec
record is not reported.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">For the received change_cipher_spec record,
the callback (registered using SSL_set_msg_callback_arg) gets
invoked only for record header, but not for the record
content.<o:p></o:p></p>
<p class="MsoNormal">So there is no callback for received
SSL3_RT_CHANGE_CIPHER_SPEC. For the transmitted
change_cipher_spec record, things are fine.<o:p></o:p></p>
</div>
</blockquote>
<br>
There is no variable content in a ChangeCipherSpec message -- a
single byte of value 1. Are you trying to argue that the callback
still ought to be invoked out of some philosophical sense of
consistency? <br>
<br>
In any case, if I remember correctly, ChangeCipherSpec is processed
at a very low layer and isn't propagated up to the layer that
invokes the message callback, and if one looks at the tradeoff
between extra complexity to propagate it up versus not having a
message callback event for it, there are some reasonable reasons to
prefer the status quo.<br>
<br>
<blockquote type="cite"
cite="mid:HE1PR04MB3082F78504371E571F4517108B8D0@HE1PR04MB3082.eurprd04.prod.outlook.com">
<div class="WordSection1">
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Further, message callback invocation is
correct for DTLS1.2 case as well.<o:p></o:p></p>
<br>
</div>
</blockquote>
<br>
(Just with respect to ChangeCipherSpec?)<br>
<br>
-Ben<br>
</body>
</html>