net/socket/ssl_client_socket_openssl.cc - Issue 537633003: Implement SSLKEYLOGFILE for OpenSSL.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/socket/ssl_client_socket_openssl.cc

Issue 537633003: Implement SSLKEYLOGFILE for OpenSSL. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Created 6 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/socket/ssl_client_socket_openssl.cc

diff --git a/net/socket/ssl_client_socket_openssl.cc b/net/socket/ssl_client_socket_openssl.cc

index f7b9d28d2442338ef490f643ac0dd99edf95efc7..780d3926b48b1b5c22d39febf7b0b8557b11ef1d 100644

--- a/net/socket/ssl_client_socket_openssl.cc

+++ b/net/socket/ssl_client_socket_openssl.cc

@@ -8,13 +8,16 @@

#include "net/socket/ssl_client_socket_openssl.h"

#include <errno.h>

+#include <openssl/bio.h>

#include <openssl/err.h>

#include <openssl/ssl.h>

#include "base/bind.h"

#include "base/callback_helpers.h"

+#include "base/environment.h"

#include "base/memory/singleton.h"

#include "base/metrics/histogram.h"

+#include "base/strings/string_piece.h"

#include "base/synchronization/lock.h"

#include "crypto/ec_private_key.h"

#include "crypto/openssl_util.h"

@@ -126,6 +129,11 @@ ScopedX509Stack OSCertHandlesToOpenSSL(

return stack.Pass();

}

+int LogErrorCallback(const char* str, size_t len, void* context) {

+ LOG(ERROR) << base::StringPiece(str, len);

+ return 1;

} // namespace

class SSLClientSocketOpenSSL::SSLContext {

@@ -164,6 +172,20 @@ class SSLClientSocketOpenSSL::SSLContext {

SSL_CTX_set_next_proto_select_cb(ssl_ctx_.get(), SelectNextProtoCallback,

NULL);

ssl_ctx_->tlsext_channel_id_enabled_new = 1;

+ scoped_ptr<base::Environment> env(base::Environment::Create());

+ std::string ssl_keylog_file;

+ if (env->GetVar("SSLKEYLOGFILE", &ssl_keylog_file) &&

+ !ssl_keylog_file.empty()) {

+ crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE);

+ BIO* bio = BIO_new_file(ssl_keylog_file.c_str(), "a");

+ if (!bio) {

+ LOG(ERROR) << "Failed to open " << ssl_keylog_file;

Ryan Sleevi 2014/09/11 23:20:43 Comparison: In NSS world, this is a noop.

davidben 2014/09/11 23:30:19 Well, NSS has an SSL_TRACE call, but yeah that's a

+ ERR_print_errors_cb(&LogErrorCallback, NULL);

+ } else {

+ SSL_CTX_set_keylog_bio(ssl_ctx_.get(), bio);

+ }

}

static std::string GetSessionCacheKey(const SSL* ssl) {

« no previous file with comments | « no previous file | no next file » | no next file with comments »