diff options
author | AD001\z0048zxj <vaibhav.tekale@siemens.com> | 2024-02-09 14:56:10 +0530 |
---|---|---|
committer | Andy Green <andy@warmcat.com> | 2024-02-16 15:45:45 +0000 |
commit | 4f3ce6458b1198f6e775f91c19f5c8c8d252e194 (patch) | |
tree | 6963668cd275eb23d5a4b4e07e3024df8b1f6375 | |
parent | 378ad62adf2c89284c0bd472552de17138fc21c0 (diff) | |
download | libwebsockets-4f3ce6458b1198f6e775f91c19f5c8c8d252e194.tar.gz |
openssl: support SSLKEYLOGFILE server secret logging
-rw-r--r-- | lib/core/private-lib-core.h | 7 | ||||
-rw-r--r-- | lib/tls/openssl/openssl-client.c | 2 | ||||
-rw-r--r-- | lib/tls/openssl/openssl-server.c | 5 |
3 files changed, 13 insertions, 1 deletions
diff --git a/lib/core/private-lib-core.h b/lib/core/private-lib-core.h index f894f2de..a138e443 100644 --- a/lib/core/private-lib-core.h +++ b/lib/core/private-lib-core.h @@ -1185,6 +1185,13 @@ lws_transport_mux_next_free(lws_transport_mux_t *tm, lws_mux_ch_idx_t *result); void sul_ping_cb(lws_sorted_usec_list_t *sul); +/* Added Declaration of this function to make common for openssl-server */ +#if defined(LWS_HAVE_SSL_CTX_set_keylog_callback) && \ + defined(LWS_WITH_TLS) +void +lws_klog_dump(const SSL *ssl, const char *line); +#endif + #if !defined(PRIu64) #define PRIu64 "llu" #endif diff --git a/lib/tls/openssl/openssl-client.c b/lib/tls/openssl/openssl-client.c index da72ecba..003a870e 100644 --- a/lib/tls/openssl/openssl-client.c +++ b/lib/tls/openssl/openssl-client.c @@ -711,7 +711,7 @@ lws_tls_client_vhost_extra_cert_mem(struct lws_vhost *vh, #if defined(LWS_HAVE_SSL_CTX_set_keylog_callback) && \ defined(LWS_WITH_TLS) && defined(LWS_WITH_CLIENT) -static void +void lws_klog_dump(const SSL *ssl, const char *line) { struct lws *wsi = SSL_get_ex_data(ssl, diff --git a/lib/tls/openssl/openssl-server.c b/lib/tls/openssl/openssl-server.c index 1fc81929..083e0d8d 100644 --- a/lib/tls/openssl/openssl-server.c +++ b/lib/tls/openssl/openssl-server.c @@ -529,6 +529,11 @@ lws_tls_server_vhost_backend_init(const struct lws_context_creation_info *info, error, s); return 1; } + /* Added for sniffing packets on hub side */ +#if defined(LWS_HAVE_SSL_CTX_set_keylog_callback) && \ + defined(LWS_WITH_TLS) + SSL_CTX_set_keylog_callback(vhost->tls.ssl_ctx, lws_klog_dump); +#endif SSL_CTX_set_ex_data(vhost->tls.ssl_ctx, openssl_SSL_CTX_private_data_index, |