Overview
Comment: | Bug [8de7f5aa07]: Add support for dumping SSL keys |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | feature-dump-keys |
Files: | files | file ages | folders |
SHA3-256: |
2c773b9a38b5e26e0d912220c047824c |
User & Date: | schelte on 2022-05-30 16:14:07 |
Other Links: | branch diff | manifest | tags |
Context
2023-03-04
| ||
14:51 | Added doc update Closed-Leaf check-in: e0f002ecb1 user: bohagan tags: feature-dump-keys | |
2022-05-30
| ||
16:14 | Bug [8de7f5aa07]: Add support for dumping SSL keys check-in: 2c773b9a38 user: schelte tags: feature-dump-keys | |
16:12 | Create new branch named "feature-dump-keys" check-in: f6b9f887ef user: rkeene tags: feature-dump-keys | |
Changes
Modified tls.c
from [b7a88587d1]
to [6b3fa216e0].
︙ | ︙ | |||
72 73 74 75 76 77 78 79 80 81 82 83 84 85 | #define TLS_PROTO_SSL3 0x02 #define TLS_PROTO_TLS1 0x04 #define TLS_PROTO_TLS1_1 0x08 #define TLS_PROTO_TLS1_2 0x10 #define TLS_PROTO_TLS1_3 0x20 #define ENABLED(flag, mask) (((flag) & (mask)) == (mask)) /* * Static data structures */ #ifndef OPENSSL_NO_DH #include "dh_params.h" #endif | > > | 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 | #define TLS_PROTO_SSL3 0x02 #define TLS_PROTO_TLS1 0x04 #define TLS_PROTO_TLS1_1 0x08 #define TLS_PROTO_TLS1_2 0x10 #define TLS_PROTO_TLS1_3 0x20 #define ENABLED(flag, mask) (((flag) & (mask)) == (mask)) #define SSLKEYLOGFILE "SSLKEYLOGFILE" /* * Static data structures */ #ifndef OPENSSL_NO_DH #include "dh_params.h" #endif |
︙ | ︙ | |||
400 401 402 403 404 405 406 407 408 409 410 411 412 413 | Tcl_BackgroundError(statePtr->interp); } Tcl_DecrRefCount(cmdPtr); Tcl_Release((ClientData) statePtr); Tcl_Release((ClientData) statePtr->interp); } /* *------------------------------------------------------------------- * * PasswordCallback -- * * Called when a password is needed to unpack RSA and PEM keys. | > > > > > > > > > > | 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 | Tcl_BackgroundError(statePtr->interp); } Tcl_DecrRefCount(cmdPtr); Tcl_Release((ClientData) statePtr); Tcl_Release((ClientData) statePtr->interp); } void KeyLogCallback(const SSL *ssl, const char *line) { char *str = getenv(SSLKEYLOGFILE); FILE *fd; if (str) { fd = fopen(str, "a"); fprintf(fd, "%s\n",line); fclose(fd); } } /* *------------------------------------------------------------------- * * PasswordCallback -- * * Called when a password is needed to unpack RSA and PEM keys. |
︙ | ︙ | |||
1199 1200 1201 1202 1203 1204 1205 1206 1207 1208 1209 1210 1211 1212 | } ctx = SSL_CTX_new (method); if (!ctx) { return(NULL); } #if !defined(NO_TLS1_3) if (proto == TLS_PROTO_TLS1_3) { SSL_CTX_set_min_proto_version (ctx, TLS1_3_VERSION); SSL_CTX_set_max_proto_version (ctx, TLS1_3_VERSION); } #endif | > > > > | 1211 1212 1213 1214 1215 1216 1217 1218 1219 1220 1221 1222 1223 1224 1225 1226 1227 1228 | } ctx = SSL_CTX_new (method); if (!ctx) { return(NULL); } if (getenv(SSLKEYLOGFILE)) { SSL_CTX_set_keylog_callback(ctx, KeyLogCallback); } #if !defined(NO_TLS1_3) if (proto == TLS_PROTO_TLS1_3) { SSL_CTX_set_min_proto_version (ctx, TLS1_3_VERSION); SSL_CTX_set_max_proto_version (ctx, TLS1_3_VERSION); } #endif |
︙ | ︙ |