diff options
| author | Alba Mendez <me@alba.sh> | 2019-05-11 23:07:06 +0200 |
|---|---|---|
| committer | Daniel Bevenius <daniel.bevenius@gmail.com> | 2019-05-15 05:32:33 +0200 |
| commit | 53bef423f31bb383212a6754228c21ca3d3231b6 (patch) | |
| tree | 489bb9e43883e4bdf3dac4bdbb3f2a82e86b2db0 /lib/_tls_wrap.js | |
| parent | 10d7e01ee9618a42cb658a07d692557a03456fe5 (diff) | |
| download | android-node-v8-53bef423f31bb383212a6754228c21ca3d3231b6.tar.gz android-node-v8-53bef423f31bb383212a6754228c21ca3d3231b6.tar.bz2 android-node-v8-53bef423f31bb383212a6754228c21ca3d3231b6.zip | |
tls: expose keylog event on TLSSocket
Exposes SSL_CTX_set_keylog_callback in the form of a `keylog` event
that is emitted on clients and servers. This enables easy debugging
of TLS connections with i.e. Wireshark, which is a long-requested
feature.
PR-URL: https://github.com/nodejs/node/pull/27654
Refs: https://github.com/nodejs/node/issues/2363
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Diffstat (limited to 'lib/_tls_wrap.js')
| -rw-r--r-- | lib/_tls_wrap.js | 32 |
1 files changed, 31 insertions, 1 deletions
diff --git a/lib/_tls_wrap.js b/lib/_tls_wrap.js index a04f0014c7..5b86672b95 100644 --- a/lib/_tls_wrap.js +++ b/lib/_tls_wrap.js @@ -286,6 +286,18 @@ function onnewsession(sessionId, session) { } +function onkeylogclient(line) { + debug('client onkeylog'); + this[owner_symbol].emit('keylog', line); +} + +function onkeylog(line) { + debug('server onkeylog'); + const owner = this[owner_symbol]; + if (owner.server) + owner.server.emit('keylog', line, owner); +} + function onocspresponse(resp) { debug('client onocspresponse'); this[owner_symbol].emit('OCSPResponse', resp); @@ -571,6 +583,7 @@ TLSSocket.prototype._init = function(socket, wrap) { ssl.onclienthello = loadSession; ssl.oncertcb = loadSNI; ssl.onnewsession = onnewsession; + ssl.onkeylog = onkeylog; ssl.lastHandshakeTime = 0; ssl.handshakes = 0; @@ -580,6 +593,8 @@ TLSSocket.prototype._init = function(socket, wrap) { // Also starts the client hello parser as a side effect. ssl.enableSessionCallbacks(); } + if (this.server.listenerCount('keylog') > 0) + ssl.enableKeylogCallback(); if (this.server.listenerCount('OCSPRequest') > 0) ssl.enableCertCb(); } @@ -605,9 +620,24 @@ TLSSocket.prototype._init = function(socket, wrap) { ssl.enableSessionCallbacks(); - // Remover this listener since its no longer needed. + // Remove this listener since it's no longer needed. this.removeListener('newListener', newListener); } + + ssl.onkeylog = onkeylogclient; + + // Only call .onkeylog if there is a keylog listener. + this.on('newListener', keylogNewListener); + + function keylogNewListener(event) { + if (event !== 'keylog') + return; + + ssl.enableKeylogCallback(); + + // Remove this listener since it's no longer needed. + this.removeListener('newListener', keylogNewListener); + } } ssl.onerror = onerror; |