VirtualBox

source: vbox/trunk/src/libs/curl-8.7.1/lib/vtls/keylog.c@ 106165

最後變更 在這個檔案從106165是 104083,由 vboxsync 提交於 8 月 前

curl-8.7.1: Applied and adjusted our curl changes to 8.4.0. bugref:10639
  • 屬性 svn:eol-style 設為 native
檔案大小: 4.2 KB
 
1/***************************************************************************
2 * _ _ ____ _
3 * Project ___| | | | _ \| |
4 * / __| | | | |_) | |
5 * | (__| |_| | _ <| |___
6 * \___|\___/|_| \_\_____|
7 *
8 * Copyright (C) Daniel Stenberg, <[email protected]>, et al.
9 *
10 * This software is licensed as described in the file COPYING, which
11 * you should have received as part of this distribution. The terms
12 * are also available at https://curl.se/docs/copyright.html.
13 *
14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15 * copies of the Software, and permit persons to whom the Software is
16 * furnished to do so, under the terms of the COPYING file.
17 *
18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19 * KIND, either express or implied.
20 *
21 * SPDX-License-Identifier: curl
22 *
23 ***************************************************************************/
24#include "curl_setup.h"
25
26#if defined(USE_OPENSSL) || \
27 defined(USE_WOLFSSL) || \
28 (defined(USE_NGTCP2) && defined(USE_NGHTTP3)) || \
29 defined(USE_QUICHE)
30
31#include "keylog.h"
32#include <curl/curl.h>
33
34/* The last #include files should be: */
35#include "curl_memory.h"
36#include "memdebug.h"
37
38#define KEYLOG_LABEL_MAXLEN (sizeof("CLIENT_HANDSHAKE_TRAFFIC_SECRET") - 1)
39
40#define CLIENT_RANDOM_SIZE 32
41
42/*
43 * The master secret in TLS 1.2 and before is always 48 bytes. In TLS 1.3, the
44 * secret size depends on the cipher suite's hash function which is 32 bytes
45 * for SHA-256 and 48 bytes for SHA-384.
46 */
47#define SECRET_MAXLEN 48
48
49
50/* The fp for the open SSLKEYLOGFILE, or NULL if not open */
51static FILE *keylog_file_fp;
52
53void
54Curl_tls_keylog_open(void)
55{
56 char *keylog_file_name;
57
58 if(!keylog_file_fp) {
59 keylog_file_name = curl_getenv("SSLKEYLOGFILE");
60 if(keylog_file_name) {
61 keylog_file_fp = fopen(keylog_file_name, FOPEN_APPENDTEXT);
62 if(keylog_file_fp) {
63#ifdef _WIN32
64 if(setvbuf(keylog_file_fp, NULL, _IONBF, 0))
65#else
66 if(setvbuf(keylog_file_fp, NULL, _IOLBF, 4096))
67#endif
68 {
69 fclose(keylog_file_fp);
70 keylog_file_fp = NULL;
71 }
72 }
73 Curl_safefree(keylog_file_name);
74 }
75 }
76}
77
78void
79Curl_tls_keylog_close(void)
80{
81 if(keylog_file_fp) {
82 fclose(keylog_file_fp);
83 keylog_file_fp = NULL;
84 }
85}
86
87bool
88Curl_tls_keylog_enabled(void)
89{
90 return keylog_file_fp != NULL;
91}
92
93bool
94Curl_tls_keylog_write_line(const char *line)
95{
96 /* The current maximum valid keylog line length LF and NUL is 195. */
97 size_t linelen;
98 char buf[256];
99
100 if(!keylog_file_fp || !line) {
101 return false;
102 }
103
104 linelen = strlen(line);
105 if(linelen == 0 || linelen > sizeof(buf) - 2) {
106 /* Empty line or too big to fit in a LF and NUL. */
107 return false;
108 }
109
110 memcpy(buf, line, linelen);
111 if(line[linelen - 1] != '\n') {
112 buf[linelen++] = '\n';
113 }
114 buf[linelen] = '\0';
115
116 /* Using fputs here instead of fprintf since libcurl's fprintf replacement
117 may not be thread-safe. */
118 fputs(buf, keylog_file_fp);
119 return true;
120}
121
122bool
123Curl_tls_keylog_write(const char *label,
124 const unsigned char client_random[CLIENT_RANDOM_SIZE],
125 const unsigned char *secret, size_t secretlen)
126{
127 const char *hex = "0123456789ABCDEF";
128 size_t pos, i;
129 char line[KEYLOG_LABEL_MAXLEN + 1 + 2 * CLIENT_RANDOM_SIZE + 1 +
130 2 * SECRET_MAXLEN + 1 + 1];
131
132 if(!keylog_file_fp) {
133 return false;
134 }
135
136 pos = strlen(label);
137 if(pos > KEYLOG_LABEL_MAXLEN || !secretlen || secretlen > SECRET_MAXLEN) {
138 /* Should never happen - sanity check anyway. */
139 return false;
140 }
141
142 memcpy(line, label, pos);
143 line[pos++] = ' ';
144
145 /* Client Random */
146 for(i = 0; i < CLIENT_RANDOM_SIZE; i++) {
147 line[pos++] = hex[client_random[i] >> 4];
148 line[pos++] = hex[client_random[i] & 0xF];
149 }
150 line[pos++] = ' ';
151
152 /* Secret */
153 for(i = 0; i < secretlen; i++) {
154 line[pos++] = hex[secret[i] >> 4];
155 line[pos++] = hex[secret[i] & 0xF];
156 }
157 line[pos++] = '\n';
158 line[pos] = '\0';
159
160 /* Using fputs here instead of fprintf since libcurl's fprintf replacement
161 may not be thread-safe. */
162 fputs(line, keylog_file_fp);
163 return true;
164}
165
166#endif /* TLS or QUIC backend */
注意: 瀏覽 TracBrowser 來幫助您使用儲存庫瀏覽器

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette