diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2016-05-27 22:19:40 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2016-05-27 22:37:24 +0200 |
commit | fb2a6baef79f4aadfd95e657fe5a18da20a1410e (patch) | |
tree | 9b69514fecee322fd4a147f68585bd9342e83f14 /lib | |
parent | 5cc8193ada2db3bc9cc28aad488517c7dacf4852 (diff) | |
download | gnutls-fb2a6baef79f4aadfd95e657fe5a18da20a1410e.tar.gz |
Append keys on keylogfile
Also consider the SSLKEYLOGFILE variable, since the format is
identical and we are always appending keys.
Diffstat (limited to 'lib')
-rw-r--r-- | lib/gnutls_global.c | 5 | ||||
-rw-r--r-- | lib/gnutls_global.h | 2 | ||||
-rw-r--r-- | lib/gnutls_kx.c | 30 |
3 files changed, 13 insertions, 24 deletions
diff --git a/lib/gnutls_global.c b/lib/gnutls_global.c index eafd29f460..5eb1e14df6 100644 --- a/lib/gnutls_global.c +++ b/lib/gnutls_global.c @@ -70,6 +70,7 @@ extern const ASN1_ARRAY_TYPE gnutls_asn1_tab[]; extern const ASN1_ARRAY_TYPE pkix_asn1_tab[]; void *_gnutls_file_mutex; void *_gnutls_pkcs11_mutex; +const char *_gnutls_keylogfile = NULL; ASN1_TYPE _gnutls_pkix1_asn = ASN1_TYPE_EMPTY; ASN1_TYPE _gnutls_gnutls_asn = ASN1_TYPE_EMPTY; @@ -240,6 +241,10 @@ int gnutls_global_init(void) _gnutls_switch_lib_state(LIB_STATE_INIT); + _gnutls_keylogfile = getenv("GNUTLS_KEYLOGFILE"); + if (_gnutls_keylogfile == NULL) + _gnutls_keylogfile = getenv("SSLKEYLOGFILE"); + e = getenv("GNUTLS_DEBUG_LEVEL"); if (e != NULL) { level = atoi(e); diff --git a/lib/gnutls_global.h b/lib/gnutls_global.h index e1a8f2e25c..e7b3613c93 100644 --- a/lib/gnutls_global.h +++ b/lib/gnutls_global.h @@ -38,6 +38,8 @@ extern ASN1_TYPE _gnutls_gnutls_asn; #define _gnutls_get_gnutls_asn() ((ASN1_TYPE) _gnutls_gnutls_asn) #define _gnutls_get_pkix() ((ASN1_TYPE) _gnutls_pkix1_asn) +extern const char *_gnutls_keylogfile; + extern gnutls_log_func _gnutls_log_func; extern gnutls_audit_log_func _gnutls_audit_log_func; extern int _gnutls_log_level; diff --git a/lib/gnutls_kx.c b/lib/gnutls_kx.c index fd963421cf..6fe4ef6d32 100644 --- a/lib/gnutls_kx.c +++ b/lib/gnutls_kx.c @@ -97,42 +97,24 @@ int _gnutls_generate_master(gnutls_session_t session, int keep_premaster) static void write_nss_key_log(gnutls_session_t session, const gnutls_datum_t *premaster) { - const char *filename; char buf[512]; + char buf2[512]; FILE *fp; - if (session->security_parameters.entity == GNUTLS_SERVER) + if (_gnutls_keylogfile == NULL) return; - filename = getenv("GNUTLS_KEYLOGFILE"); - - if (filename == NULL) - return; - - fp = fopen(filename, "w"); + fp = fopen(_gnutls_keylogfile, "a"); if (fp == NULL) return; - if (session->security_parameters.kx_algorithm == GNUTLS_KX_RSA) { - fprintf(fp, "RSA %s ", - _gnutls_bin2hex(premaster->data, - premaster->size, - buf, sizeof(buf), - NULL)); - fprintf(fp, "%s\n", - _gnutls_bin2hex(session->security_parameters. - master_secret, GNUTLS_MASTER_SIZE, - buf, sizeof(buf), NULL)); - } - - fprintf(fp, "CLIENT_RANDOM %s ", + fprintf(fp, "CLIENT_RANDOM %s %s\n", _gnutls_bin2hex(session->security_parameters. client_random, 32, buf, - sizeof(buf), NULL)); - fprintf(fp, "%s\n", + sizeof(buf), NULL), _gnutls_bin2hex(session->security_parameters. master_secret, GNUTLS_MASTER_SIZE, - buf, sizeof(buf), NULL)); + buf2, sizeof(buf2), NULL)); fclose(fp); } |