From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Mon, 6 Jun 2016 16:43:12 +0000 (+0200)
Subject: keylogfile: only consider the SSLKEYLOGFILE variable
X-Git-Tag: gnutls_3_5_1~41
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=e9ed732affc0580ec0941178bf760a90e89c2201;p=thirdparty%2Fgnutls.git

keylogfile: only consider the SSLKEYLOGFILE variable

In addition do not check the environment in the constructor
but instead use static variables to save the key file name.
The GNUTLS_KEYLOGFILE environment variable is no longer used
since there is no reason to have a separate one.
---

diff --git a/lib/global.c b/lib/global.c
index ef05efaba1..535bb19896 100644
--- a/lib/global.c
+++ b/lib/global.c
@@ -71,7 +71,6 @@ extern const ASN1_ARRAY_TYPE gnutls_asn1_tab[];
 extern const ASN1_ARRAY_TYPE pkix_asn1_tab[];
 void *_gnutls_file_mutex;
 void *_gnutls_pkcs11_mutex;
-const char *_gnutls_keylogfile = NULL;
 
 ASN1_TYPE _gnutls_pkix1_asn = ASN1_TYPE_EMPTY;
 ASN1_TYPE _gnutls_gnutls_asn = ASN1_TYPE_EMPTY;
@@ -242,10 +241,6 @@ int gnutls_global_init(void)
 
 	_gnutls_switch_lib_state(LIB_STATE_INIT);
 
-	_gnutls_keylogfile = secure_getenv("GNUTLS_KEYLOGFILE");
-	if (_gnutls_keylogfile == NULL)
-		_gnutls_keylogfile = secure_getenv("SSLKEYLOGFILE");
-
 	e = secure_getenv("GNUTLS_DEBUG_LEVEL");
 	if (e != NULL) {
 		level = atoi(e);
diff --git a/lib/global.h b/lib/global.h
index 8efa3b417b..45d8dcaff8 100644
--- a/lib/global.h
+++ b/lib/global.h
@@ -38,8 +38,6 @@ extern ASN1_TYPE _gnutls_gnutls_asn;
 #define _gnutls_get_gnutls_asn() ((ASN1_TYPE) _gnutls_gnutls_asn)
 #define _gnutls_get_pkix() ((ASN1_TYPE) _gnutls_pkix1_asn)
 
-extern const char *_gnutls_keylogfile;
-
 extern gnutls_log_func _gnutls_log_func;
 extern gnutls_audit_log_func _gnutls_audit_log_func;
 extern int _gnutls_log_level;
diff --git a/lib/kx.c b/lib/kx.c
index 87a93f6906..4e0a50bd74 100644
--- a/lib/kx.c
+++ b/lib/kx.c
@@ -100,11 +100,18 @@ static void write_nss_key_log(gnutls_session_t session, const gnutls_datum_t *pr
 	char buf[512];
 	char buf2[512];
 	FILE *fp;
+	static const char *keylogfile = NULL;
+	static unsigned checked_env = 0;
 
-	if (_gnutls_keylogfile == NULL)
+	if (!checked_env) {
+		checked_env = 1;
+		keylogfile = secure_getenv("SSLKEYLOGFILE");
+	}
+
+	if (keylogfile == NULL)
 		return;
 
-	fp = fopen(_gnutls_keylogfile, "a");
+	fp = fopen(keylogfile, "a");
 	if (fp == NULL)
 		return;
 
diff --git a/tests/keylog-env.c b/tests/keylog-env.c
index 666c61ace4..ec35a6b048 100644
--- a/tests/keylog-env.c
+++ b/tests/keylog-env.c
@@ -129,7 +129,5 @@ void doit(void)
 
 	assert(get_tmpname(filename)!=NULL);
 
-	gnutls_global_deinit();
-	run("GNUTLS_KEYLOGFILE", filename);
 	run("SSLKEYLOGFILE", filename);
 }