From 5af438f6128ea2608aa5983d4af7f9c46c2feaf0 Mon Sep 17 00:00:00 2001
From: Peter Wu <peter@lekensteyn.nl>
Date: Fri, 10 Jul 2015 20:45:25 +0200
Subject: sslkeylog.py: document batch mode

Found in gdb source code that 'all' implies everything except SIGTRAP
and SIGINT. SIGINT is normally used for interactive debugging (so can be
disabled) but SIGTRAP is used for breakpoints (and can therefore not be
disabled without killing the program on such signals).
---
 src/sslkeylog.py | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/sslkeylog.py b/src/sslkeylog.py
index e589e53..46107f3 100644
--- a/src/sslkeylog.py
+++ b/src/sslkeylog.py
@@ -24,7 +24,14 @@ the following in your ~/.gdbinit:
     sys.path.insert(0, os.path.expanduser('~/.gdb'))
     import sslkeylog as skl
     # Override default keylog (SSLKEYLOGFILE env or stderr)
-    skl.keylog_filename = '/tmp/premaster.txt'
+    #skl.keylog_filename = '/tmp/premaster.txt'
+    end
+
+    define skl-batch
+    dont-repeat
+    handle all noprint pass
+    handle SIGINT noprint pass
+    py skl.start()
     end
 
 Then you can simply execute:
@@ -32,6 +39,14 @@ Then you can simply execute:
     gdb -q -ex 'py skl.start()' -p `pidof curl`
 
 To stop capturing keys, detach GDB or invoke 'skl.stop()'
+
+If you are not interested in debugging the program, and only want to
+extract keys, use the skl-batch command defined in gdbinit:
+
+    SSLKEYLOGFILE=premaster.txt gdb -batch -ex skl-batch -p `pidof curl`
+
+To stop capturing keys early, send SIGTERM to gdb. (Note that SIGTRAP is
+used internally for breakpoints and should not be ignored.)
 '''
 
 import gdb
-- 
cgit v1.2.1