-
Notifications
You must be signed in to change notification settings - Fork 9.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Write TLS session keys to $SSLKEYLOGFILE #11614
Comments
So, are you requesting youtube-dl to be able to write TLS session keys in a file pointed by |
Yes, I believe, that is what Wget has recently started doing, IIUC. that http-over-tls RFC from the video on that www.CroatiaFidelis.hr page that I linked above. Wget surely are fine and capable people, but there are capable people here, I'm sure Youtube-dl devs can do it... |
What's the format of keylog files? In youtube-dl multiple hosts are involved in each invocation, and, as SSL session resumption (http://bugs.python.org/issue19500) is not implemented in youtube-dl, there are multiple session keys even for the same host. How to generate a keylog file for such scenarios? UPDATE: the format can be found at https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/Key_Log_Format |
By the way, Python does not support exposing session keys yet. A patched Python is necessary. References: |
Depends on openssl/openssl#1646, too |
There is any updates regarding this issue? Assuming that I'm using the patched Python and the right openssl, this is a solvable problem? |
Looks like with Python 3.8 and OpenSSL 1.1.1, keys will be logged if you specify the environment variable [1] python/cpython@c7f7069 |
It's simple. While this is may Youtube-dl:
$ youtube-dl --version
2016.12.22-gentoo_no_offensive_sites
$
I prepared a page telling what my desired feature would be, by comparison with
what the Wget does. And I don't know the details how, I'm just a user.
Pls. see:
https://www.croatiafidelis.hr/foss/cap/cap-170105_wget-ssl/
and notice that Wget now decrypts SSL traffic, since you can decrypt the:
https://www.croatiafidelis.hr/foss/cap/cap-170105_wget-ssl/dump_170105_1733_g0n.pcap
by using the two effemeral keys in the
https://www.croatiafidelis.hr/foss/cap/cap-170105_wget-ssl/dump_170105_1733_g0n_SSLKEYLOGFILE.txt
such as by downloading those and issuing:
$ wireshark -o "ssl.keylog_file: dump_170105_1733_g0n_SSLKEYLOGFILE.txt" \
dump_170105_1733_g0n.pcap
My wish is that Youtube-dl would do that too! Thanks for your kind
consideration!
The text was updated successfully, but these errors were encountered: