[openssl-dev] [openssl.org #4201] Feature Request: Support dumping session keys in NSS key log format

2016-05-10 Thread Matt Caswell via RT
Github pull 570 which was associated with this ticket has been closed, so closing this too. Matt -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4201 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe:

Re: [openssl-dev] [openssl.org #4201] Feature Request: Support dumping session keys in NSS key log format

2016-01-19 Thread Jan Žák via RT
I have updated Judson's patch to match with master branch. See GitHub PR https://github.com/openssl/openssl/pull/570 Jan On Mon, Jan 11, 2016 at 12:34 PM, Judson Wilson via RT wrote: > Here is an OpenSSL port of a patch in BoringSSL. It requires a call from > the application

Re: [openssl-dev] [openssl.org #4201] Feature Request: Support dumping session keys in NSS key log format

2016-01-19 Thread Jan Žák via RT
It automatically opens a BIO for the keylogfile. Also if this patch is merged, RT 3352 can be reverted because it covers only a special case in the s_client app. On Tue, Jan 19, 2016 at 8:33 PM, Jan Žák wrote: > I have updated Judson's patch to match with master branch. See

[openssl-dev] [openssl.org #4201] Feature Request: Support dumping session keys in NSS key log format

2016-01-11 Thread Matt Caswell via RT
On Mon Dec 28 23:53:02 2015, matt wrote: > On Mon Dec 28 22:01:04 2015, rs...@akamai.com wrote: > > Yes we would be interested in this but someone would almost > > definitely > > have to be provided as a complete patch because it seems unlikely > > anyone on the team will get around to doing it by

Re: [openssl-dev] [openssl.org #4201] Feature Request: Support dumping session keys in NSS key log format

2016-01-11 Thread Judson Wilson
Here is an OpenSSL port of a patch in BoringSSL. It requires a call from the application to set a file BIO. You could probably do this from within SSL_CTX_new or something like that if you want a solution that doesn't change the application.

Re: [openssl-dev] [openssl.org #4201] Feature Request: Support dumping session keys in NSS key log format

2016-01-11 Thread Judson Wilson via RT
Here is an OpenSSL port of a patch in BoringSSL. It requires a call from the application to set a file BIO. You could probably do this from within SSL_CTX_new or something like that if you want a solution that doesn't change the application.

Re: [openssl-dev] [openssl.org #4201] Feature Request: Support dumping session keys in NSS key log format

2016-01-09 Thread Jan Žák via RT
This implementation is not enough, beacuse it works only for openssl s_client app. However it should work for all apps using openssl as a library (eg. curl, nginx). SSLKEYLOGFILE env var is a good current standard, so I think openssl should use it as well. Regards, Jan Zak On Tue, Dec 29, 2015

Re: [openssl-dev] [openssl.org #4201] Feature Request: Support dumping session keys in NSS key log format

2016-01-09 Thread Salz, Rich via RT
> SSLKEYLOGFILE env var is a good current standard, so I think openssl should > use it as well. Patches to implement all of this would be helpful, otherwise it will probably not make it into the next relese. ___ openssl-dev mailing list To

Re: [openssl-dev] [openssl.org #4201] Feature Request: Support dumping session keys in NSS key log format

2015-12-28 Thread Salz, Rich via RT
Yes we would be interested in this but someone would almost definitely have to be provided as a complete patch because it seems unlikely anyone on the team will get around to doing it by 1.1 release. ___ openssl-dev mailing list To unsubscribe:

Re: [openssl-dev] [openssl.org #4201] Feature Request: Support dumping session keys in NSS key log format

2015-12-28 Thread Salz, Rich
Yes we would be interested in this but someone would almost definitely have to be provided as a complete patch because it seems unlikely anyone on the team will get around to doing it by 1.1 release. ___ openssl-dev mailing list To unsubscribe:

[openssl-dev] [openssl.org #4201] Feature Request: Support dumping session keys in NSS key log format

2015-12-28 Thread Matt Caswell via RT
On Mon Dec 28 22:01:04 2015, rs...@akamai.com wrote: > Yes we would be interested in this but someone would almost definitely > have to be provided as a complete patch because it seems unlikely > anyone on the team will get around to doing it by 1.1 release. > Actually I think this capability is

[openssl-dev] [openssl.org #4201] Feature Request: Support dumping session keys in NSS key log format

2015-12-25 Thread Cory Benfield via RT
Many HTTPS browsers support dumping keys for TLS sessions to a text file to allow analysis tools to decrypt captured TLS sessions. This is an extremely useful debugging tool for working with services that only expose encrypted interfaces. This support exists in Firefox and Chrome: in Firefox’s