summaryrefslogtreecommitdiffhomepage
path: root/src/event/ngx_event_openssl.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/event/ngx_event_openssl.c')
-rw-r--r--src/event/ngx_event_openssl.c46
1 files changed, 46 insertions, 0 deletions
diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c
index ca94a68ff..f9a986128 100644
--- a/src/event/ngx_event_openssl.c
+++ b/src/event/ngx_event_openssl.c
@@ -255,6 +255,50 @@ ngx_ssl_init(ngx_log_t *log)
}
+void
+ngx_ssl_keylogger(const ngx_ssl_conn_t *ssl_conn, const char *line)
+{
+ u_char *p;
+ size_t len;
+ ssize_t n;
+ ngx_connection_t *c;
+ ngx_ssl_connection_t *sc;
+
+ if (line == NULL) {
+ return;
+ }
+
+ len = ngx_strlen(line);
+
+ if (len == 0) {
+ return;
+ }
+
+ c = ngx_ssl_get_connection(ssl_conn);
+ sc = c->ssl;
+
+ p = ngx_alloc(len + 1, c->log);
+ if (p == NULL) {
+ return;
+ }
+
+ ngx_memcpy(p, line, len);
+ p[len] = '\n';
+
+ n = ngx_write_fd(sc->keylog->fd, p, len + 1);
+ if (n == -1) {
+ ngx_log_error(NGX_LOG_ALERT, c->log, ngx_errno,
+ ngx_write_fd_n " to \"%s\" failed",
+ sc->keylog->name.data);
+
+ } else if ((size_t) n != len + 1) {
+ ngx_log_error(NGX_LOG_ALERT, c->log, 0,
+ ngx_write_fd_n " to \"%s\" was incomplete: %z of %uz",
+ sc->keylog->name.data, n, len + 1);
+ }
+}
+
+
ngx_int_t
ngx_ssl_create(ngx_ssl_t *ssl, ngx_uint_t protocols, void *data)
{
@@ -1516,6 +1560,8 @@ ngx_ssl_create_connection(ngx_ssl_t *ssl, ngx_connection_t *c, ngx_uint_t flags)
return NGX_ERROR;
}
+ sc->keylog = ssl->keylog;
+
sc->buffer = ((flags & NGX_SSL_BUFFER) != 0);
sc->buffer_size = ssl->buffer_size;
generated by cgit (git 2.34.1) at 2025-12-28 08:42:09 +0000