Skip to content

Log when SSLKEYLOGFILE is set #19814

Closed
yedayak wants to merge 1 commit into
curl:masterfrom
yedayak:sslkeylog-verbose
Closed

Log when SSLKEYLOGFILE is set #19814
yedayak wants to merge 1 commit into
curl:masterfrom
yedayak:sslkeylog-verbose

Conversation

@yedayak
Copy link
Copy Markdown
Contributor

@yedayak yedayak commented Dec 2, 2025
edited
Loading

Also inspired by #19631 (comment)

@github-actions github-actions Bot added the tests label Dec 2, 2025
@yedayak yedayak force-pushed the sslkeylog-verbose branch 3 times, most recently from 941d153 to 5deb502 Compare December 2, 2025 18:40
@testclutch
Copy link
Copy Markdown

testclutch commented Dec 2, 2025

Analysis of PR #19814 at 5deb5028:

Test 2090 failed, which has NOT been flaky recently, so there could be a real issue in this PR. Note that this test has failed in 48 different CI jobs (the link just goes to one of them).

Generated by Testclutch

@yedayak yedayak changed the title Add test for SSLKEYLOGFILE, log when its set Log when SSLKEYLOGFILE is set Dec 2, 2025
vszakats
vszakats reviewed Dec 4, 2025
View reviewed changes
Comment thread lib/vtls/vtls.c Outdated
bagder
bagder reviewed Dec 4, 2025
View reviewed changes
Comment thread lib/vtls/keylog.c Outdated
@yedayak yedayak force-pushed the sslkeylog-verbose branch 2 times, most recently from 805fa8d to 7304f73 Compare December 8, 2025 10:22
@bagder
Copy link
Copy Markdown
Member

bagder commented Dec 9, 2025

Maybe you can rebase this onto master now?

@github-actions github-actions Bot added the TLS label Dec 9, 2025
@yedayak yedayak marked this pull request as ready for review December 9, 2025 13:55
@yedayak
Copy link
Copy Markdown
Contributor Author

yedayak commented Dec 9, 2025
edited
Loading

Rebased

I wanted to add a test to this, but I'm not sure how to do it? Is there a way to test the output of traceNnn? Or should I add the verbose option to <command>?

@bagder
Copy link
Copy Markdown
Member

bagder commented Dec 11, 2025
edited
Loading

The infof() output is passed to stderr, and you can add a <stderr> section in the verify block. Sometimes however that is annoying as it matches the entire thing minus the lines you remove with <strip> and <stripfile>.

@yedayak yedayak force-pushed the sslkeylog-verbose branch from 0a142ef to 6b6ec66 Compare April 21, 2026 14:02
@yedayak
vtls: Log when key logging is enabled.
0b15b2c 
If built with LibreSSL, also warn that it only works for TLS <= 1.2

Inspired-by: Viktor Szakats
@yedayak yedayak force-pushed the sslkeylog-verbose branch from 6b6ec66 to 0b15b2c Compare April 21, 2026 14:09
@bagder bagder closed this in 7100e8d Apr 23, 2026
@bagder
Copy link
Copy Markdown
Member

bagder commented Apr 23, 2026

Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@bagder bagder bagder approved these changes

@vszakats vszakats vszakats approved these changes

Assignees

No one assigned

Labels

tests TLS

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@yedayak @testclutch @bagder @vszakats