From 3620d1c0c0e3083608e334a94b09d0b14e8e4c74 Mon Sep 17 00:00:00 2001
From: Peter Wu <peter@lekensteyn.nl>
Date: Thu, 29 Jan 2015 10:31:13 +0100
Subject: sslkeylog: interpose SSL_read and SSL_write

These functions can trigger a renegotiation which changes the key
material (detected by using `curl` and `openssl s_server` and pressing
`R` in `openssl s_server`).
---
 src/sslkeylog.c | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/src/sslkeylog.c b/src/sslkeylog.c
index 065a717..bf5dca4 100644
--- a/src/sslkeylog.c
+++ b/src/sslkeylog.c
@@ -147,3 +147,27 @@ int SSL_accept(SSL *ssl)
     tap_ssl_key(ssl, &state);
     return ret;
 }
+
+int SSL_read(SSL *ssl, void *buf, int num)
+{
+    static int (*func)();
+    if (!func) {
+        func = dlsym(RTLD_NEXT, __func__);
+    }
+    SSL_TAP_STATE(state, ssl);
+    int ret = func(ssl, buf, num);
+    tap_ssl_key(ssl, &state);
+    return ret;
+}
+
+int SSL_write(SSL *ssl, const void *buf, int num)
+{
+    static int (*func)();
+    if (!func) {
+        func = dlsym(RTLD_NEXT, __func__);
+    }
+    SSL_TAP_STATE(state, ssl);
+    int ret = func(ssl, buf, num);
+    tap_ssl_key(ssl, &state);
+    return ret;
+}
-- 
cgit v1.2.1