hex/wstunnel
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(tls): Support SSLKEYLOGFILE env variable

Browse source
This commit is contained in:
Σrebe - Romain GERARD 2024-03-16 22:16:33 +01:00
parent 3129fe3219
commit c0f690f273
No known key found for this signature in database
GPG key ID: 7A42B4B97E0332F4
1 changed files with 3 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/tls.rs
View file

@ -12,7 +12,7 @@ use tokio_rustls::client::TlsStream;
use tokio_rustls::rustls::client::{ServerCertVerified, ServerCertVerifier}; use tokio_rustls::rustls::client::{ServerCertVerified, ServerCertVerifier};
use crate::tunnel::TransportAddr; use crate::tunnel::TransportAddr;
use tokio_rustls::rustls::{Certificate, ClientConfig, PrivateKey, ServerName}; use tokio_rustls::rustls::{Certificate, ClientConfig, KeyLogFile, PrivateKey, ServerName};
use tokio_rustls::{rustls, TlsAcceptor, TlsConnector}; use tokio_rustls::{rustls, TlsAcceptor, TlsConnector};
use tracing::info; use tracing::info;
@ -85,6 +85,7 @@ pub fn tls_connector(
.with_no_client_auth(); .with_no_client_auth();
config.enable_sni = enable_sni; config.enable_sni = enable_sni;
config.key_log = Arc::new(KeyLogFile::new());
// To bypass certificate verification // To bypass certificate verification
if !tls_verify_certificate { if !tls_verify_certificate {
@ -105,6 +106,7 @@ pub fn tls_acceptor(tls_cfg: &TlsServerConfig, alpn_protocols: Option<Vec<Vec<u8
.with_single_cert(tls_cfg.tls_certificate.lock().clone(), tls_cfg.tls_key.lock().clone()) .with_single_cert(tls_cfg.tls_certificate.lock().clone(), tls_cfg.tls_key.lock().clone())
.with_context(|| "invalid tls certificate or private key")?; .with_context(|| "invalid tls certificate or private key")?;
config.key_log = Arc::new(KeyLogFile::new());
if let Some(alpn_protocols) = alpn_protocols { if let Some(alpn_protocols) = alpn_protocols {
config.alpn_protocols = alpn_protocols; config.alpn_protocols = alpn_protocols;
} }