Add support for SSLKEYLOGFILE #855

mmatczuk · 2024-07-05T13:01:43Z

No description provided.

I tested manually that it works, steps 1. Run httpbin on localhost 8443 go run ./cmd/forwarder/ test httpbin --protocol https --address 127.0.0.1:8443 --api-address 2. Run proxy with MITM SSLKEYLOGFILE=/tmp/keys go run ./cmd/forwarder/ run --mitm --insecure --proxy-localhost allow 3. Run tshark tshark -i lo0 -f "tcp port 8443" -Y "http" -o "tls.keylog_file:/tmp/keys" 4. Run curl curl -k -v -x localhost:3128 https://localhost:8443/status/200 tshark should report HTTP payload Capturing on 'Loopback: lo0' 13 0.005530 127.0.0.1 → 127.0.0.1 HTTP 363 GET /status/200 HTTP/1.1 15 0.006096 127.0.0.1 → 127.0.0.1 HTTP 153 HTTP/1.1 200 OK Fixes #579

mmatczuk requested a review from Choraden as a code owner July 5, 2024 13:01

mmatczuk force-pushed the mmt/sslkeylogfile branch from 301bfc3 to 8780080 Compare July 5, 2024 13:12

mmatczuk added 2 commits July 5, 2024 15:56

command/run: log when TLS key logging is enabled

cc2093a

mmatczuk force-pushed the mmt/sslkeylogfile branch from 8780080 to cc2093a Compare July 5, 2024 13:57

alexh-sauce approved these changes Jul 5, 2024

View reviewed changes

Choraden approved these changes Jul 8, 2024

View reviewed changes

Choraden mentioned this pull request Jul 8, 2024

docs: add tutorial on investigating HTTPS traffic with Wireshark #856

Closed

mmatczuk merged commit bd6a2d0 into main Jul 8, 2024
6 checks passed

mmatczuk deleted the mmt/sslkeylogfile branch July 8, 2024 09:29

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add support for SSLKEYLOGFILE #855

Add support for SSLKEYLOGFILE #855

mmatczuk commented Jul 5, 2024

Add support for SSLKEYLOGFILE #855

Add support for SSLKEYLOGFILE #855

Conversation

mmatczuk commented Jul 5, 2024