From 85171f30c274c8f6c0d2d9bb77460908d6c6ba9c Mon Sep 17 00:00:00 2001
From: Peter Wu <peter@lekensteyn.nl>
Date: Thu, 29 Jan 2015 00:19:01 +0100
Subject: sslkeylog: intercept server functions

Also intercept SSL_do_handshake (nginx) and SSL_accept (s_server).
---
 src/sslkeylog.c | 39 +++++++++++++++++++++++++++++++++------
 1 file changed, 33 insertions(+), 6 deletions(-)

(limited to 'src')

diff --git a/src/sslkeylog.c b/src/sslkeylog.c
index 0d09b5d..2a3ff9b 100644
--- a/src/sslkeylog.c
+++ b/src/sslkeylog.c
@@ -21,7 +21,6 @@
 #define FIRSTLINE   "# SSL key logfile generated by sslkeylog.c\n"
 #define FIRSTLINE_LEN (sizeof(FIRSTLINE) - 1)
 
-static int (*_SSL_connect)(SSL *ssl);
 static int keylog_file_fd = -1;
 
 static inline void put_hex(char *buffer, int pos, char c)
@@ -72,12 +71,8 @@ static void init_keylog_file(void)
     }
 }
 
-int SSL_connect(SSL *ssl)
+static void tap_ssl_key(SSL *ssl)
 {
-    if (!_SSL_connect) {
-        _SSL_connect = (int (*)(SSL *ssl)) dlsym(RTLD_NEXT, "SSL_connect");
-    }
-    int ret = _SSL_connect(ssl);
     /* SSLv2 is not supported (Wireshark does not support it either). Write the
      * logfile when the master key is available for SSLv3/TLSv1. */
     if (ssl->s3 != NULL &&
@@ -87,5 +82,37 @@ int SSL_connect(SSL *ssl)
             dump_to_fd(ssl, keylog_file_fd);
         }
     }
+}
+
+int SSL_connect(SSL *ssl)
+{
+    static int (*func)();
+    if (!func) {
+        func = dlsym(RTLD_NEXT, __func__);
+    }
+    int ret = func(ssl);
+    tap_ssl_key(ssl);
+    return ret;
+}
+
+int SSL_do_handshake(SSL *ssl)
+{
+    static int (*func)();
+    if (!func) {
+        func = dlsym(RTLD_NEXT, __func__);
+    }
+    int ret = func(ssl);
+    tap_ssl_key(ssl);
+    return ret;
+}
+
+int SSL_accept(SSL *ssl)
+{
+    static int (*func)();
+    if (!func) {
+        func = dlsym(RTLD_NEXT, __func__);
+    }
+    int ret = func(ssl);
+    tap_ssl_key(ssl);
     return ret;
 }
-- 
cgit v1.2.1