diff options
author | Daniel Stenberg <daniel@haxx.se> | 2016-09-19 10:29:00 +0200 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2016-09-19 10:29:00 +0200 |
commit | fb0032a33e3c3705f45ea09a1a55ac0b1d4f0fd6 (patch) | |
tree | 7d90c6b6f718ed4ec10d1050137b8bd11b70e3e3 | |
parent | 6ee9ea5e70aa85e493747efc225e8b73641bb175 (diff) |
TODO: Support SSLKEYLOGFILE
-rw-r--r-- | docs/TODO | 10 |
1 files changed, 10 insertions, 0 deletions
@@ -108,6 +108,7 @@ 13.7 improve configure --with-ssl 13.8 Support DANE 13.9 Support TLS v1.3 + 13.10 Support SSLKEYLOGFILE 14. GnuTLS 14.1 SSL engine stuff @@ -707,6 +708,15 @@ that doesn't exist on the server, just like --ftp-create-dirs. the corresponding support. There may be a need to add some additional options to allow libcurl to take advantage of the new features in 1.3. +13.10 Support SSLKEYLOGFILE + + When used, Firefox and Chrome dumps their master TLS keys to the file name + this environment variable specifies. This allows tools like for example + Wireshark to capture and decipher TLS traffic to/from those clients. libcurl + could be made to support this more widely (presumably this already works when + built with NSS). Peter Wu made a OpenSSL preload to make possible that can be + used as inspiration and guidance + https://git.lekensteyn.nl/peter/wireshark-notes/tree/src/sslkeylog.c 14. GnuTLS |