From 79e55bd6b590a1897b290df636d82241bdc92833 Mon Sep 17 00:00:00 2001
From: "AD001\\z0048zxj" <vaibhav.tekale@siemens.com>
Date: Wed, 6 Nov 2024 15:24:15 +0530
Subject: [PATCH 1/3] openssl:support for user_ctx data structure to toggle SSL
 key logging dynamically

---
 lib/core-net/close.c            | 33 +++++++++++++++++++++++++++++++++
 lib/core/private-lib-core.h     |  3 ++-
 lib/plat/windows/windows-init.c | 11 ++++++++---
 3 files changed, 43 insertions(+), 4 deletions(-)

diff --git a/lib/core-net/close.c b/lib/core-net/close.c
index 851ed2fba..76f58a393 100644
--- a/lib/core-net/close.c
+++ b/lib/core-net/close.c
@@ -25,6 +25,14 @@
 #include "private-lib-core.h"
 #include "private-lib-async-dns.h"
 
+// structure for user info
+typedef struct VhostUsrInfo {
+	void *usr_ctx;
+} VhostUsrInfo;
+
+// to store key log file path
+char *klfl_env = NULL;
+
 #if defined(LWS_WITH_CLIENT)
 static int
 lws_close_trans_q_leader(struct lws_dll2 *d, void *user)
@@ -1044,6 +1052,31 @@ lws_close_free_wsi(struct lws *wsi, enum lws_close_status reason, const char *ca
 	struct lws_context *cx = wsi->a.context;
 	struct lws_context_per_thread *pt = &wsi->a.context->pt[(int)wsi->tsi];
 
+	struct lws_vhost *pVhost;
+	VhostUsrInfo *pUsrInfo;
+
+	pVhost = lws_get_vhost(wsi);
+	if(pVhost){
+		pUsrInfo = (VhostUsrInfo *)lws_vhost_user(pVhost);
+		bool fStartStopSniffig = *((bool *)pUsrInfo->usr_ctx);
+
+		/* User input boolean flag to start or stop logging SSL keys */
+		if(fStartStopSniffig)
+		{
+			if (klfl_env == NULL || *klfl_env == '\0'){
+				klfl_env = getenv("SSLKEYLOGFILE");
+			}
+			/* Fill key log file in lws_context */
+			if (klfl_env)
+				lws_strncpy(wsi->a.context->keylog_file, klfl_env,
+						sizeof(wsi->a.context->keylog_file));
+		}
+		else{
+			klfl_env = NULL;
+			wsi->a.context->keylog_file[0] = '\0';
+		}
+	}
+
 	lws_context_lock(cx, __func__);
 
 	lws_pt_lock(pt, __func__);
diff --git a/lib/core/private-lib-core.h b/lib/core/private-lib-core.h
index a138e4430..050d62f48 100644
--- a/lib/core/private-lib-core.h
+++ b/lib/core/private-lib-core.h
@@ -27,7 +27,8 @@
 
 #include "lws_config.h"
 #include "lws_config_private.h"
-
+#include <stdbool.h>
+#include <stdio.h>
 
 #if defined(LWS_WITH_CGI) && defined(LWS_HAVE_VFORK) && \
     !defined(NO_GNU_SOURCE_THIS_TIME) && !defined(_GNU_SOURCE)
diff --git a/lib/plat/windows/windows-init.c b/lib/plat/windows/windows-init.c
index f5883ad2f..6a4dfd27f 100644
--- a/lib/plat/windows/windows-init.c
+++ b/lib/plat/windows/windows-init.c
@@ -107,11 +107,16 @@ lws_plat_init(struct lws_context *context,
 #if defined(LWS_HAVE_SSL_CTX_set_keylog_callback) && \
 		defined(LWS_WITH_TLS) && defined(LWS_WITH_CLIENT)
 	{
+		/* The LWS_SSLKEYLOGFILE or SSLKEYLOGFILE are the environment variables which is used
+		 * to specify a file where SSL/TLS keys are logged. */
 		char *klf_env = getenv("SSLKEYLOGFILE");
+		char *lws_env = getenv("LWS_SSLKEYLOGFILE");
 
-		if (klf_env)
-			lws_strncpy(context->keylog_file, klf_env,
-				sizeof(context->keylog_file));
+		/* SSLKEYLOGFILE will be deprecated in future so first preference to LWS_SSLKEYLOGFILE */
+		if (lws_env)
+			lws_strncpy(context->keylog_file, lws_env, sizeof(context->keylog_file));
+		else if(klf_env)
+			lws_strncpy(context->keylog_file, klf_env, sizeof(context->keylog_file));
 	}
 #endif
 

From 72608b5da38bc86da4250292e18fd3da182732ba Mon Sep 17 00:00:00 2001
From: "AD001\\z0048zxj" <vaibhav.tekale@siemens.com>
Date: Wed, 6 Nov 2024 16:10:45 +0530
Subject: [PATCH 2/3] openssl:support for user_ctx data structure to toggle SSL
 key logging dynamically

---
 lib/core-net/close.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lib/core-net/close.c b/lib/core-net/close.c
index 76f58a393..8ea2a50c9 100644
--- a/lib/core-net/close.c
+++ b/lib/core-net/close.c
@@ -1055,6 +1055,7 @@ lws_close_free_wsi(struct lws *wsi, enum lws_close_status reason, const char *ca
 	struct lws_vhost *pVhost;
 	VhostUsrInfo *pUsrInfo;
 
+	/* To get user data from usr_ctx to logg ssl keys without restart application */
 	pVhost = lws_get_vhost(wsi);
 	if(pVhost){
 		pUsrInfo = (VhostUsrInfo *)lws_vhost_user(pVhost);

From d07332f730e76a4c9d1f4b9c9a390071fd316050 Mon Sep 17 00:00:00 2001
From: "AD001\\z0048zxj" <vaibhav.tekale@siemens.com>
Date: Tue, 12 Nov 2024 10:28:45 +0530
Subject: [PATCH 3/3] sslkeylogfile:kept seperate function for sniffing

---
 lib/core-net/close.c | 66 +++++++++++++++++++++++++-------------------
 1 file changed, 38 insertions(+), 28 deletions(-)

diff --git a/lib/core-net/close.c b/lib/core-net/close.c
index 8ea2a50c9..994046be3 100644
--- a/lib/core-net/close.c
+++ b/lib/core-net/close.c
@@ -25,10 +25,10 @@
 #include "private-lib-core.h"
 #include "private-lib-async-dns.h"
 
-// structure for user info
-typedef struct VhostUsrInfo {
-	void *usr_ctx;
-} VhostUsrInfo;
+// structure for user input flag
+typedef struct lws_usrdata {
+	void *fSniffingFlag;
+}lws_usrdata;
 
 // to store key log file path
 char *klfl_env = NULL;
@@ -1045,6 +1045,38 @@ __lws_close_free_wsi_final(struct lws *wsi)
 	__lws_free_wsi(wsi);
 }
 
+void lws_set_keylog_file(struct lws *wsi)
+{
+	struct lws_vhost *pVhost = NULL;
+	lws_usrdata *pUsrInfo = NULL;
+
+	pVhost = lws_get_vhost(wsi);
+	if(pVhost){
+		pUsrInfo = (lws_usrdata *)lws_vhost_user(pVhost);
+		/* extract the flag from user input to determine whether to start or stop sniffing. */
+		bool fSetSniffingFlag = *((bool *)pUsrInfo->fSniffingFlag);
+
+		/* to start logging SSL keys, the user must set this flag to true. If the flag is set 
+		and klfl_env is empty, getenv will be called once to retrieve the log file path*/
+		if(fSetSniffingFlag){
+			/* call getenv only once if klfl_env is empty */
+			if (klfl_env == NULL || *klfl_env == '\0'){
+				klfl_env = getenv("SSLKEYLOGFILE");
+			}
+			/* to begin logging SSL keys, the key log file will be set in lws_context */
+			if (klfl_env)
+				lws_strncpy(wsi->a.context->keylog_file, klfl_env,
+						sizeof(wsi->a.context->keylog_file));
+		}
+		/* to stop sniffing, reset both keylog_file and klfl_en */
+		else{
+			klfl_env = NULL;
+			wsi->a.context->keylog_file[0] = '\0';
+		}
+	}
+
+}
+
 
 void
 lws_close_free_wsi(struct lws *wsi, enum lws_close_status reason, const char *caller)
@@ -1052,31 +1084,9 @@ lws_close_free_wsi(struct lws *wsi, enum lws_close_status reason, const char *ca
 	struct lws_context *cx = wsi->a.context;
 	struct lws_context_per_thread *pt = &wsi->a.context->pt[(int)wsi->tsi];
 
-	struct lws_vhost *pVhost;
-	VhostUsrInfo *pUsrInfo;
 
-	/* To get user data from usr_ctx to logg ssl keys without restart application */
-	pVhost = lws_get_vhost(wsi);
-	if(pVhost){
-		pUsrInfo = (VhostUsrInfo *)lws_vhost_user(pVhost);
-		bool fStartStopSniffig = *((bool *)pUsrInfo->usr_ctx);
-
-		/* User input boolean flag to start or stop logging SSL keys */
-		if(fStartStopSniffig)
-		{
-			if (klfl_env == NULL || *klfl_env == '\0'){
-				klfl_env = getenv("SSLKEYLOGFILE");
-			}
-			/* Fill key log file in lws_context */
-			if (klfl_env)
-				lws_strncpy(wsi->a.context->keylog_file, klfl_env,
-						sizeof(wsi->a.context->keylog_file));
-		}
-		else{
-			klfl_env = NULL;
-			wsi->a.context->keylog_file[0] = '\0';
-		}
-	}
+	/* if the user sets the sniffing flag, populate the key log file */
+	lws_set_keylog_file(wsi);
 
 	lws_context_lock(cx, __func__);