Add -msg and -servername support to openssl s_client (#3098)

### Description of changes: 
Add -msg flag with full implementation using SSL_set_msg_callback to
print TLS protocol messages in OpenSSL-compatible format.

Add -servername flag that maps to DoClient's existing -server-name
for SNI support.

### Call-outs:
I did not end up printing the hex dumps of each message like OpenSSL
does. Should be easy enough to add if we wanted to, but the
compatibility gap being addressed by this does not require it.

The `-msg` argument only applies to `s_client` but it had to be
implemented inside `client.cc` because it impacts the `SSL_CTX`. This
may raise the eyebrows of some purists.

### Testing:
How is this change tested (unit tests, fuzz tests, etc.)? Are there any
testing steps to be verified by the reviewer?

```
# Example -msg output
➜  tool-openssl git:(msg-fix) ✗ ./openssl s_client -connect amazon.com:443 -msg -servername amazon.com | grep -E '>>>|<<<'
>>> TLS 1.2, RecordHeader [length 0005]
>>> TLS 1.2, Handshake [length 05c8], ClientHello
<<< TLS 1.2, RecordHeader [length 0005]
<<< TLS 1.2, Handshake [length 007a], ServerHello
>>> TLS 1.2, RecordHeader [length 0005]
>>> TLS 1.3, ChangeCipherSpec [length 0001]
<<< TLS 1.2, RecordHeader [length 0005]
<<< TLS 1.2, RecordHeader [length 0005]
<<< TLS 1.3, Handshake [length 000a], EncryptedExtensions
<<< TLS 1.2, RecordHeader [length 0005]
<<< TLS 1.3, Handshake [length 144c], Certificate
<<< TLS 1.2, RecordHeader [length 0005]
<<< TLS 1.3, Handshake [length 0108], CertificateVerify
<<< TLS 1.2, RecordHeader [length 0005]
<<< TLS 1.3, Handshake [length 0024], Finished
>>> TLS 1.3, Handshake [length 0024], Finished
>>> TLS 1.2, RecordHeader [length 0005]
<<< TLS 1.2, RecordHeader [length 0005]
<<< TLS 1.3, Handshake [length 0039], NewSessionTicket
<<< TLS 1.2, RecordHeader [length 0005]
<<< TLS 1.3, Handshake [length 0039], NewSessionTicket
<<< TLS 1.2, RecordHeader [length 0005]
<<< TLS 1.3, Alert [length 0002]
```

By submitting this pull request, I confirm that my contribution is made
under the terms of the Apache 2.0 license and the ISC license.

Author: geedo0

tool-openssl/s_client.cc

@@ -34,6 +34,10 @@ static const argument_t kArguments[] = {
                 "Use TLS version 1.2 only." },
         { "-tls1_3", kBooleanArgument,
                 "Use TLS version 1.3 only." },
+        { "-msg", kBooleanArgument,
+                "Show protocol messages" },
+        { "-servername", kOptionalArgument,
+                "Server name for SNI extension." },
         { "", kOptionalArgument, "" },
 };
 
@@ -67,5 +71,11 @@ bool SClientTool(const args_list_t &args) {
     args_map[arg_pair.first] = arg_pair.second;
   }
 
+  // Map OpenSSL-style -servername to DoClient's -server-name
+  if (args_map.count("-servername")) {
+    args_map["-server-name"] = args_map["-servername"];
+    args_map.erase("-servername");
+  }
+
   return DoClient(args_map, true);
 }

tool/client.cc

@@ -310,6 +310,94 @@ static void PrintOpenSSLConnectionInfo(SSL *ssl, bool show_certs) {
   print_verify_details(ssl);
 }
 
+static const char *MsgVersionStr(int version) {
+  switch (version) {
+    case TLS1_3_VERSION:
+      return "TLS 1.3";
+    case TLS1_2_VERSION:
+      return "TLS 1.2";
+    case TLS1_1_VERSION:
+      return "TLS 1.1";
+    case TLS1_VERSION:
+      return "TLS 1.0";
+    case SSL3_VERSION:
+      return "SSL 3.0";
+    default:
+      return "Unknown";
+  }
+}
+
+static const char *MsgContentTypeStr(int content_type) {
+  switch (content_type) {
+    case SSL3_RT_HEADER:
+      return "RecordHeader";
+    case SSL3_RT_HANDSHAKE:
+      return "Handshake";
+    case SSL3_RT_CHANGE_CIPHER_SPEC:
+      return "ChangeCipherSpec";
+    case SSL3_RT_ALERT:
+      return "Alert";
+    case SSL3_RT_APPLICATION_DATA:
+      return "ApplicationData";
+    default:
+      return "Unknown";
+  }
+}
+
+static const char *MsgHandshakeTypeStr(uint8_t type) {
+  switch (type) {
+    case SSL3_MT_CLIENT_HELLO:
+      return "ClientHello";
+    case SSL3_MT_SERVER_HELLO:
+      return "ServerHello";
+    case SSL3_MT_CERTIFICATE:
+      return "Certificate";
+    case SSL3_MT_CERTIFICATE_REQUEST:
+      return "CertificateRequest";
+    case SSL3_MT_CERTIFICATE_VERIFY:
+      return "CertificateVerify";
+    case SSL3_MT_FINISHED:
+      return "Finished";
+    case SSL3_MT_ENCRYPTED_EXTENSIONS:
+      return "EncryptedExtensions";
+    case SSL3_MT_NEW_SESSION_TICKET:
+      return "NewSessionTicket";
+    default:
+      return nullptr;
+  }
+}
+
+static const char *MsgAdditionalContextStr(int content_type, const void *buf,
+                                           size_t len) {
+  if (len == 0) {
+    return nullptr;
+  }
+  switch (content_type) {
+    case SSL3_RT_HANDSHAKE:
+      return MsgHandshakeTypeStr(reinterpret_cast<const uint8_t *>(buf)[0]);
+    default:
+      return nullptr;
+  }
+}
+
+static void MsgCallback(int is_write, int version, int content_type,
+                        const void *buf, size_t len, SSL *ssl, void *arg) {
+  const char *extra = MsgAdditionalContextStr(content_type, buf, len);
+  if (extra) {
+    fprintf(stderr, "%s %s, %s [length %04x], %s\n",
+            is_write ? ">>>" : "<<<",
+            MsgVersionStr(version ? version : TLS1_2_VERSION),
+            MsgContentTypeStr(content_type),
+            (unsigned)len, extra);
+  } else {
+    fprintf(stderr, "%s %s, %s [length %04x]\n",
+            is_write ? ">>>" : "<<<",
+            MsgVersionStr(version ? version : TLS1_2_VERSION),
+            MsgContentTypeStr(content_type),
+            (unsigned)len);
+  }
+}
+
 static bool DoConnection(SSL_CTX *ctx,
                          std::map<std::string, std::string> args_map,
                          bool (*cb)(SSL *ssl, int sock), bool is_openssl_s_client) {
@@ -349,6 +437,10 @@ static bool DoConnection(SSL_CTX *ctx,
   bssl::UniquePtr<BIO> bio(BIO_new_socket(sock, BIO_CLOSE));
   bssl::UniquePtr<SSL> ssl(SSL_new(ctx));
 
+  if (is_openssl_s_client && args_map.count("-msg") != 0) {
+    SSL_set_msg_callback(ssl.get(), MsgCallback);
+  }
+
   if (args_map.count("-server-name") != 0) {
     if (!SSL_set_tlsext_host_name(ssl.get(),
                                   args_map["-server-name"].c_str())) {