feat(http2): write pre-master secrets to file

2021-09-18 13:36:45 +02:00 · 2021-09-18 13:36:45 +02:00 · 28d5f844d5
parent c959c3c0ab
commit 28d5f844d5
1 changed files with 24 additions and 1 deletions
--- a/http2.d
+++ b/http2.d
@ -2532,6 +2532,7 @@ version(use_openssl) {
 			SSL_METHOD* function() SSLv3_client_method;
 			SSL_METHOD* function() TLS_client_method;

+			void function(SSL_CTX*, void function(SSL*, char* line)) SSL_CTX_set_keylog_callback;
 		}
 	}

@ -2629,6 +2630,14 @@ version(use_openssl) {
 		else throw new Exception("ERR_print_errors_fp not loaded");
 	}

+	extern(C)
+	void SSL_CTX_keylog_cb_func(SSL_CTX* ctx, void function(SSL*, char*) func)
+	{
+		if(ossllib.SSL_CTX_set_keylog_callback)
+			ossllib.SSL_CTX_set_keylog_callback(ctx, func);
+		else throw new Exception("SSL_CTX_keylog_cb_func not loaded");
+	}
+

 	private __gshared void* ossllib_handle;
 	version(Windows)
@ -2736,6 +2745,20 @@ version(use_openssl) {

 	//pragma(lib, "crypto");
 	//pragma(lib, "ssl");
+	extern(C)
+	void write_to_file(SSL* ssl, char* line)
+	{
+		import std.stdio;
+		import std.string;
+		import std.process : environment;
+		string logfile = environment.get("SSLKEYLOGFILE");
+		if (logfile !is null)
+		{
+			auto f = std.stdio.File("/tmp/keyfile", "a+");
+			f.writeln(fromStringz(line));
+			f.close();
+		}
+	}

 	class OpenSslSocket : Socket {
 		private SSL* ssl;
@ -2743,7 +2766,7 @@ version(use_openssl) {
 		private void initSsl(bool verifyPeer, string hostname) {
 			ctx = SSL_CTX_new(SSLv23_client_method());
 			assert(ctx !is null);
-
+			debug SSL_CTX_keylog_cb_func(ctx, &write_to_file);
 			ssl = SSL_new(ctx);

 			if(hostname.length)