From 7c706d82095060c9b688aee9874199b32e4c96cd Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Sat, 13 Apr 2024 10:53:04 +0200
Subject: Merging upstream version 1.61.0.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 src/tls.cc | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

(limited to 'src/tls.cc')

diff --git a/src/tls.cc b/src/tls.cc
index 9babf2a..ad62c60 100644
--- a/src/tls.cc
+++ b/src/tls.cc
@@ -25,9 +25,11 @@
 #include "tls.h"
 
 #include <cassert>
+#include <cstring>
 #include <vector>
 #include <mutex>
 #include <iostream>
+#include <fstream>
 
 #include <openssl/crypto.h>
 #include <openssl/conf.h>
@@ -176,6 +178,32 @@ int cert_decompress(SSL *ssl, CRYPTO_BUFFER **out, size_t uncompressed_len,
 }
 #endif // NGHTTP2_OPENSSL_IS_BORINGSSL && HAVE_LIBBROTLI
 
+namespace {
+std::ofstream keylog_file;
+
+void keylog_callback(const SSL *ssl, const char *line) {
+  keylog_file.write(line, strlen(line));
+  keylog_file.put('\n');
+  keylog_file.flush();
+}
+} // namespace
+
+int setup_keylog_callback(SSL_CTX *ssl_ctx) {
+  auto keylog_filename = getenv("SSLKEYLOGFILE");
+  if (!keylog_filename) {
+    return 0;
+  }
+
+  keylog_file.open(keylog_filename, std::ios_base::app);
+  if (!keylog_file) {
+    return -1;
+  }
+
+  SSL_CTX_set_keylog_callback(ssl_ctx, keylog_callback);
+
+  return 0;
+}
+
 } // namespace tls
 
 } // namespace nghttp2
-- 
cgit v1.2.3