aboutsummaryrefslogtreecommitdiff
path: root/docs/TODO
diff options
context:
space:
mode:
authorDaniel Stenberg <daniel@haxx.se>2016-09-19 10:29:00 +0200
committerDaniel Stenberg <daniel@haxx.se>2016-09-19 10:29:00 +0200
commitfb0032a33e3c3705f45ea09a1a55ac0b1d4f0fd6 (patch)
tree7d90c6b6f718ed4ec10d1050137b8bd11b70e3e3 /docs/TODO
parent6ee9ea5e70aa85e493747efc225e8b73641bb175 (diff)
TODO: Support SSLKEYLOGFILE
Diffstat (limited to 'docs/TODO')
-rw-r--r--docs/TODO10
1 files changed, 10 insertions, 0 deletions
diff --git a/docs/TODO b/docs/TODO
index 40b8cc8ec..6bffdd620 100644
--- a/docs/TODO
+++ b/docs/TODO
@@ -108,6 +108,7 @@
13.7 improve configure --with-ssl
13.8 Support DANE
13.9 Support TLS v1.3
+ 13.10 Support SSLKEYLOGFILE
14. GnuTLS
14.1 SSL engine stuff
@@ -707,6 +708,15 @@ that doesn't exist on the server, just like --ftp-create-dirs.
the corresponding support. There may be a need to add some additional options
to allow libcurl to take advantage of the new features in 1.3.
+13.10 Support SSLKEYLOGFILE
+
+ When used, Firefox and Chrome dumps their master TLS keys to the file name
+ this environment variable specifies. This allows tools like for example
+ Wireshark to capture and decipher TLS traffic to/from those clients. libcurl
+ could be made to support this more widely (presumably this already works when
+ built with NSS). Peter Wu made a OpenSSL preload to make possible that can be
+ used as inspiration and guidance
+ https://git.lekensteyn.nl/peter/wireshark-notes/tree/src/sslkeylog.c
14. GnuTLS