openssl:support for user_ctx data structure to toggle SSL key logging dynamically

2025-03-09 00:00:04 +01:00 · 2024-11-06 15:24:15 +05:30 · 2024-11-06 15:24:15 +05:30 · 79e55bd6b5
commit 79e55bd6b5
parent 626f8816cf
3 changed files with 43 additions and 4 deletions
--- a/lib/core-net/close.c
+++ b/lib/core-net/close.c
@ -25,6 +25,14 @@
 #include "private-lib-core.h"
 #include "private-lib-async-dns.h"

+// structure for user info
+typedef struct VhostUsrInfo {
+	void *usr_ctx;
+} VhostUsrInfo;
+
+// to store key log file path
+char *klfl_env = NULL;
+
 #if defined(LWS_WITH_CLIENT)
 static int
 lws_close_trans_q_leader(struct lws_dll2 *d, void *user)
@ -1044,6 +1052,31 @@ lws_close_free_wsi(struct lws *wsi, enum lws_close_status reason, const char *ca
 	struct lws_context *cx = wsi->a.context;
 	struct lws_context_per_thread *pt = &wsi->a.context->pt[(int)wsi->tsi];

+	struct lws_vhost *pVhost;
+	VhostUsrInfo *pUsrInfo;
+
+	pVhost = lws_get_vhost(wsi);
+	if(pVhost){
+		pUsrInfo = (VhostUsrInfo *)lws_vhost_user(pVhost);
+		bool fStartStopSniffig = *((bool *)pUsrInfo->usr_ctx);
+
+		/* User input boolean flag to start or stop logging SSL keys */
+		if(fStartStopSniffig)
+		{
+			if (klfl_env == NULL || *klfl_env == '\0'){
+				klfl_env = getenv("SSLKEYLOGFILE");
+			}
+			/* Fill key log file in lws_context */
+			if (klfl_env)
+				lws_strncpy(wsi->a.context->keylog_file, klfl_env,
+						sizeof(wsi->a.context->keylog_file));
+		}
+		else{
+			klfl_env = NULL;
+			wsi->a.context->keylog_file[0] = '\0';
+		}
+	}
+
 	lws_context_lock(cx, __func__);

 	lws_pt_lock(pt, __func__);
--- a/lib/core/private-lib-core.h
+++ b/lib/core/private-lib-core.h
@ -27,7 +27,8 @@

 #include "lws_config.h"
 #include "lws_config_private.h"
-
+#include <stdbool.h>
+#include <stdio.h>

 #if defined(LWS_WITH_CGI) && defined(LWS_HAVE_VFORK) && \
    !defined(NO_GNU_SOURCE_THIS_TIME) && !defined(_GNU_SOURCE)
--- a/lib/plat/windows/windows-init.c
+++ b/lib/plat/windows/windows-init.c
@ -107,11 +107,16 @@ lws_plat_init(struct lws_context *context,
 #if defined(LWS_HAVE_SSL_CTX_set_keylog_callback) && \
 		defined(LWS_WITH_TLS) && defined(LWS_WITH_CLIENT)
 	{
+		/* The LWS_SSLKEYLOGFILE or SSLKEYLOGFILE are the environment variables which is used
+		 * to specify a file where SSL/TLS keys are logged. */
 		char *klf_env = getenv("SSLKEYLOGFILE");
+		char *lws_env = getenv("LWS_SSLKEYLOGFILE");

-		if (klf_env)
-			lws_strncpy(context->keylog_file, klf_env,
-				sizeof(context->keylog_file));
+		/* SSLKEYLOGFILE will be deprecated in future so first preference to LWS_SSLKEYLOGFILE */
+		if (lws_env)
+			lws_strncpy(context->keylog_file, lws_env, sizeof(context->keylog_file));
+		else if(klf_env)
+			lws_strncpy(context->keylog_file, klf_env, sizeof(context->keylog_file));
 	}
 #endif