diff options
| author | Peter Wu <peter@lekensteyn.nl> | 2019-11-20 18:26:19 +0000 |
|---|---|---|
| committer | Peter Wu <peter@lekensteyn.nl> | 2019-11-20 18:26:19 +0000 |
| commit | a8143e50357d796b4f59b58a6add97e2b0c319b1 (patch) | |
| tree | 8d9a429228beef55ff52d77c948a47005286ad47 /src/sslkeylog.sh | |
| parent | de25eb75c8d90282ba90396218210c4601603347 (diff) | |
| download | wireshark-notes-a8143e50357d796b4f59b58a6add97e2b0c319b1.tar.gz | |
sslkeylog: add macOS support
Tested with macOS 10.15.1 (Catalina). Works with python3 3.7.5 (requests
library) and openssl 1.1.1d (s_client) from Homebrew. Does not work with
curl 7.64.1 in /usr/bin/curl because it is signed and does not allow
DYLD environment variables to be passed when SIP is enabled.
Diffstat (limited to 'src/sslkeylog.sh')
| -rwxr-xr-x | src/sslkeylog.sh | 51 |
1 files changed, 48 insertions, 3 deletions
diff --git a/src/sslkeylog.sh b/src/sslkeylog.sh index 0197302..38036f5 100755 --- a/src/sslkeylog.sh +++ b/src/sslkeylog.sh @@ -15,9 +15,54 @@ gdb() { "$@" } -LD_PRELOAD=$(readlink -f "${BASH_SOURCE[0]%/*}")/libsslkeylog.so -SSLKEYLOGFILE=${SSLKEYLOGFILE:-/dev/stderr} -export LD_PRELOAD SSLKEYLOGFILE +case "$OSTYPE" in +darwin*) + # Unfortunately not all executables can be injected (e.g. /usr/bin/curl). + # See also man dyld + # + # "Note: If System Integrity Protection is enabled, these environment + # variables are ignored when executing binaries protected by System + # Integrity Protection." + # + # Note that DYLD_* env vars are *not* propagated though system binaries such + # as bash. To set an environment variable, use 'env' as in: + # + # ./sslkeylog.sh env DYLD_PRINT_OPTS=1 python3 + # + # If the variable is picked up, it should show something like: + # + # opt[0] = "python3" + # + # If not visible, then interception is not possible until SIP is disabled. + + export DYLD_INSERT_LIBRARIES=$(cd "${BASH_SOURCE[0]%/*}" && pwd)/libsslkeylog.dylib + export DYLD_FORCE_FLAT_NAMESPACE=1 + # Expected output: dyld: loaded: <1A23FBC9-68C9-3808-88A5-C2D3A18C7DE1> .../wireshark-notes/src/libsslkeylog.dylib + #export DYLD_PRINT_LIBRARIES=1 + # Expected output: dyld: lazy bind: openssl:0x105B21CE0 = libsslkeylog.dylib:_SSL_new, *0x105B21CE0 = 0x105B59660 + #export DYLD_PRINT_BINDINGS + + # Since DYLD is not propagated when using 'env', simulate it here. + # This is safer than using 'eval'. + if [[ ${BASH_SOURCE[0]} == $0 ]] && [[ "$1" == env ]]; then + shift + while [ $# -gt 0 ]; do + case "$1" in + *=*) + export "$1" + shift + ;; + *) + break + esac + done + fi + ;; +*) + export LD_PRELOAD=$(readlink -f "${BASH_SOURCE[0]%/*}")/libsslkeylog.so + ;; +esac +export SSLKEYLOGFILE=${SSLKEYLOGFILE:-/dev/stderr} # Run the command (if not sourced) [[ ${BASH_SOURCE[0]} != $0 ]] || \ |