git.ipfire.org Git - thirdparty/haproxy.git/commit

author	William Lallemand <wlallemand@haproxy.com>
	Fri, 19 Apr 2024 12:29:05 +0000 (14:29 +0200)
committer	William Lallemand <wlallemand@haproxy.com>
	Fri, 19 Apr 2024 12:48:44 +0000 (14:48 +0200)
commit	219d95281a3899172f86e27aca6b6d0d064d3527
tree	2aed0880335f9922f3f225ca3deeb139789b4915	tree \| snapshot
parent	1494cd71379b556ef9fa37f487d0083f33b2e2d0	commit \| diff

MINOR: ssl: implement keylog fetches for backend connections

This patch implements the backend side of the keylog fetches.
The code was ready but needed the SSL message callbacks.

This could be used like this:

log-format "CLIENT_EARLY_TRAFFIC_SECRET %[ssl_bc_client_random,hex] %[ssl_bc_client_early_traffic_secret]\n
             CLIENT_HANDSHAKE_TRAFFIC_SECRET %[ssl_bc_client_random,hex] %[ssl_bc_client_handshake_traffic_secret]\n
             SERVER_HANDSHAKE_TRAFFIC_SECRET %[ssl_bc_client_random,hex] %[ssl_bc_server_handshake_traffic_secret]\n
             CLIENT_TRAFFIC_SECRET_0 %[ssl_bc_client_random,hex] %[ssl_bc_client_traffic_secret_0]\n
             SERVER_TRAFFIC_SECRET_0 %[ssl_bc_client_random,hex] %[ssl_bc_server_traffic_secret_0]\n
             EXPORTER_SECRET %[ssl_bc_client_random,hex] %[ssl_bc_exporter_secret]\n
             EARLY_EXPORTER_SECRET %[ssl_bc_client_random,hex] %[ssl_bc_early_exporter_secret]"

doc/configuration.txt		diff \| blob \| blame \| history
src/ssl_sample.c		diff \| blob \| blame \| history
src/ssl_sock.c		diff \| blob \| blame \| history