summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
Diffstat (limited to 'lib')
-rw-r--r--lib/gnutls_global.c5
-rw-r--r--lib/gnutls_global.h2
-rw-r--r--lib/gnutls_kx.c30
3 files changed, 13 insertions, 24 deletions
diff --git a/lib/gnutls_global.c b/lib/gnutls_global.c
index eafd29f460..5eb1e14df6 100644
--- a/lib/gnutls_global.c
+++ b/lib/gnutls_global.c
@@ -70,6 +70,7 @@ extern const ASN1_ARRAY_TYPE gnutls_asn1_tab[];
extern const ASN1_ARRAY_TYPE pkix_asn1_tab[];
void *_gnutls_file_mutex;
void *_gnutls_pkcs11_mutex;
+const char *_gnutls_keylogfile = NULL;
ASN1_TYPE _gnutls_pkix1_asn = ASN1_TYPE_EMPTY;
ASN1_TYPE _gnutls_gnutls_asn = ASN1_TYPE_EMPTY;
@@ -240,6 +241,10 @@ int gnutls_global_init(void)
_gnutls_switch_lib_state(LIB_STATE_INIT);
+ _gnutls_keylogfile = getenv("GNUTLS_KEYLOGFILE");
+ if (_gnutls_keylogfile == NULL)
+ _gnutls_keylogfile = getenv("SSLKEYLOGFILE");
+
e = getenv("GNUTLS_DEBUG_LEVEL");
if (e != NULL) {
level = atoi(e);
diff --git a/lib/gnutls_global.h b/lib/gnutls_global.h
index e1a8f2e25c..e7b3613c93 100644
--- a/lib/gnutls_global.h
+++ b/lib/gnutls_global.h
@@ -38,6 +38,8 @@ extern ASN1_TYPE _gnutls_gnutls_asn;
#define _gnutls_get_gnutls_asn() ((ASN1_TYPE) _gnutls_gnutls_asn)
#define _gnutls_get_pkix() ((ASN1_TYPE) _gnutls_pkix1_asn)
+extern const char *_gnutls_keylogfile;
+
extern gnutls_log_func _gnutls_log_func;
extern gnutls_audit_log_func _gnutls_audit_log_func;
extern int _gnutls_log_level;
diff --git a/lib/gnutls_kx.c b/lib/gnutls_kx.c
index fd963421cf..6fe4ef6d32 100644
--- a/lib/gnutls_kx.c
+++ b/lib/gnutls_kx.c
@@ -97,42 +97,24 @@ int _gnutls_generate_master(gnutls_session_t session, int keep_premaster)
static void write_nss_key_log(gnutls_session_t session, const gnutls_datum_t *premaster)
{
- const char *filename;
char buf[512];
+ char buf2[512];
FILE *fp;
- if (session->security_parameters.entity == GNUTLS_SERVER)
+ if (_gnutls_keylogfile == NULL)
return;
- filename = getenv("GNUTLS_KEYLOGFILE");
-
- if (filename == NULL)
- return;
-
- fp = fopen(filename, "w");
+ fp = fopen(_gnutls_keylogfile, "a");
if (fp == NULL)
return;
- if (session->security_parameters.kx_algorithm == GNUTLS_KX_RSA) {
- fprintf(fp, "RSA %s ",
- _gnutls_bin2hex(premaster->data,
- premaster->size,
- buf, sizeof(buf),
- NULL));
- fprintf(fp, "%s\n",
- _gnutls_bin2hex(session->security_parameters.
- master_secret, GNUTLS_MASTER_SIZE,
- buf, sizeof(buf), NULL));
- }
-
- fprintf(fp, "CLIENT_RANDOM %s ",
+ fprintf(fp, "CLIENT_RANDOM %s %s\n",
_gnutls_bin2hex(session->security_parameters.
client_random, 32, buf,
- sizeof(buf), NULL));
- fprintf(fp, "%s\n",
+ sizeof(buf), NULL),
_gnutls_bin2hex(session->security_parameters.
master_secret, GNUTLS_MASTER_SIZE,
- buf, sizeof(buf), NULL));
+ buf2, sizeof(buf2), NULL));
fclose(fp);
}
View Lorry Controller Status