Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

allow tls keylog #1261

Merged
merged 13 commits into from
Mar 7, 2022
Merged

allow tls keylog #1261

merged 13 commits into from
Mar 7, 2022

Conversation

neonphog
Copy link
Contributor

@neonphog neonphog commented Feb 25, 2022
edited
Loading

Summary

  • add tuning param danger_tls_keylog_path_prefix which will write keylog files for quic tls sessions

TODO:

  • CHANGELOG(s) updated with appropriate info
  • Just before pressing the merge button, ensure new entries to CHANGELOG(s) are still under the UNRELEASED heading

Base automatically changed from quinn-upgrade to develop February 28, 2022 18:00
@neonphog neonphog marked this pull request as ready for review March 1, 2022 23:40
maackle
maackle requested changes Mar 2, 2022
View reviewed changes
crates/kitsune_p2p/types/src/config.rs
Comment on lines +204 to +208
/// returns true if we should initialize a tls keylog
/// based on the `SSLKEYLOGFILE` environment variable
pub fn use_env_tls_keylog(&self) -> bool {
self.danger_tls_keylog == "env_keylog"
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@neonphog why not just make danger_tls_keylog a bool? Making it a string invites people to wonder if it's actually some sort of parameter, but it's really just a flag that requires a magic string to activate.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@maackle - It feels more enum-y to me though, like we might want to have other keylogging options (network?) in the future, hence the string.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fyi, this fn in particular is really an internal api... it just so happens the different kitsune_p2p crate (instead of kitsune_p2p_types) needs to use it, hence the pub.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok, I guess I hadn't imagined there being any other future options for this, so this looks good

maackle
maackle approved these changes Mar 3, 2022
View reviewed changes
crates/kitsune_p2p/types/src/config.rs
Comment on lines +204 to +208
/// returns true if we should initialize a tls keylog
/// based on the `SSLKEYLOGFILE` environment variable
pub fn use_env_tls_keylog(&self) -> bool {
self.danger_tls_keylog == "env_keylog"
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok, I guess I hadn't imagined there being any other future options for this, so this looks good

freesig
freesig approved these changes Mar 7, 2022
View reviewed changes
Copy link
Contributor

@freesig freesig left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@neonphog neonphog merged commit bbadea7 into develop Mar 7, 2022
@neonphog neonphog deleted the quic-tls-keylog branch March 7, 2022 17:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@maackle maackle maackle approved these changes

@freesig freesig freesig approved these changes

@thedavidmeister thedavidmeister Awaiting requested review from thedavidmeister

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@neonphog @maackle @freesig