Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-64310

Support SSLKEYLOGFILE variable for debugging connections over SSL/TLS

    XMLWordPrintable

    Details

    • Type: Suggestion
    • Status: Closed
    • Priority: P4: Low
    • Resolution: Won't Do
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: Network: Sockets
    • Labels:
      None

      Description

      Applications that use libnss for handling TLS, notably Chromium and Firefox ,and some others[1], support setting support environment variable SSLKEYLOGFILE, which writes file of format [2] that allows traffic analyzers like Wireshark to intercept application protocol data. It would be nice if Qt supported this feature as well.

       

      OpenSSL added new feature recently [3]  to allow such interception, with older versions Qt could override some OpenSSL symbols like in [4]

       

      [1] From quick search I've found that mitmproxy supports it, maybe there are others

      [2] https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/Key_Log_Format

      [3] https://github.com/openssl/openssl/pull/1646

      [4]https://git.lekensteyn.nl/peter/wireshark-notes/tree/src/sslkeylog.c (does not work with Qt out of the box, should work with linked OpenSSL though)--

        Attachments

          Issue Links

          No reviews matched the request. Check your Options in the drop-down menu of this sections header.

            Activity

              People

              • Assignee:
                tpochep Timur Pocheptsov
                Reporter:
                annulen Konstantin Tokarev
              • Votes:
                1 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Gerrit Reviews

                  There are no open Gerrit changes