From 99e356876b70df7d4e6cc63e0261f6e4f9bcfcd1 Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Wed, 18 May 2016 16:38:13 +0200 Subject: doc: documented the GNUTLS_KEYLOGFILE environment variable --- NEWS | 5 +++++ doc/cha-gtls-app.texi | 4 ++++ 2 files changed, 9 insertions(+) diff --git a/NEWS b/NEWS index 75293ab678..2fc25b1d18 100644 --- a/NEWS +++ b/NEWS @@ -8,6 +8,11 @@ See the end for copying conditions. ** libgnutls: The SSL 3.0 protocol support can completely be removed using a compile time option. The configure option is --disable-ssl3. +** libgnutls: The GNUTLS_KEYLOGFILE environment variable can be used to + log session keys in client side. These session keys are compatible with + the NSS Key Log Format and can be used to decrypt the session for + debugging using wireshark. + ** API and ABI modifications: No changes since last version. diff --git a/doc/cha-gtls-app.texi b/doc/cha-gtls-app.texi index fd3342b70c..7d25a5b536 100644 --- a/doc/cha-gtls-app.texi +++ b/doc/cha-gtls-app.texi @@ -165,6 +165,10 @@ error. Other available environment variables are shown in @ref{tab:environment}. @item @code{GNUTLS_DEBUG_LEVEL} @tab When set to a numeric value, it sets the default debugging level for GnuTLS applications. +@item @code{GNUTLS_KEYLOGFILE} +@tab When set to a filename, GnuTLS will store to it the client session keys in the NSS Key Log +format. That format can be read by wireshark and will allow decryption of the session for debugging. + @item @code{GNUTLS_CPUID_OVERRIDE} @tab That environment variable can be used to explicitly enable/disable the use of certain CPU capabilities. Note that CPU -- cgit v1.2.1