diff options
| author | Stig Bjørlykke <stig@bjorlykke.org> | 2021-06-04 20:42:26 +0200 |
|---|---|---|
| committer | Stig Bjørlykke <stig@bjorlykke.org> | 2021-06-06 13:32:40 +0200 |
| commit | 2b29269f5d20c54beb6451fcccd0dcfd5b1b63f8 (patch) | |
| tree | cca349e03a2850ce2d6be45481ba926cbb8f4fb6 | |
| parent | 577282f679d2bf3c4236fe916f8e1ce84c10c12c (diff) | |
tshark: Add option to export TLS session keys
Add a new option --export-tls-session-keys <keyfile> to tshark
to export TLS session keys.
| -rw-r--r-- | docbook/release-notes.adoc | 2 | ||||
| -rw-r--r-- | tshark.c | 32 |
2 files changed, 34 insertions, 0 deletions
diff --git a/docbook/release-notes.adoc b/docbook/release-notes.adoc index a8e9d3c085..59aa3e8850 100644 --- a/docbook/release-notes.adoc +++ b/docbook/release-notes.adoc @@ -84,6 +84,8 @@ They previously shipped with Npcap 1.20. account, as those addresses can be reused. To revert to the previous behavior and not reassemble fragments with different VLAN IDs, turn on the "Enable stricter conversation tracking heuristics" top level protocol preference. +* tshark can now export TLS session keys with the --export-tls-session-keys option. + // === Removed Features and Support // === Removed Dissectors @@ -88,6 +88,7 @@ #include "ui/cli/tap-exportobject.h" #include "ui/tap_export_pdu.h" #include "ui/dissect_opts.h" +#include "ui/ssl_key_export.h" #include "ui/failure_message.h" #if defined(HAVE_LIBSMI) #include "epan/oids.h" @@ -141,6 +142,7 @@ #define LONGOPT_COLOR LONGOPT_BASE_APPLICATION+2 #define LONGOPT_NO_DUPLICATE_KEYS LONGOPT_BASE_APPLICATION+3 #define LONGOPT_ELASTIC_MAPPING_FILTER LONGOPT_BASE_APPLICATION+4 +#define LONGOPT_EXPORT_TLS_SESSION_KEYS LONGOPT_BASE_APPLICATION+5 capture_file cfile; @@ -465,6 +467,8 @@ print_usage(FILE *output) fprintf(output, " --export-objects <protocol>,<destdir>\n"); fprintf(output, " save exported objects for a protocol to a directory\n"); fprintf(output, " named \"destdir\"\n"); + fprintf(output, " --export-tls-session-keys <keyfile>\n"); + fprintf(output, " export TLS Session Keys to a file named \"keyfile\"\n"); fprintf(output, " --color color output text similarly to the Wireshark GUI,\n"); fprintf(output, " requires a terminal with 24-bit color support\n"); fprintf(output, " Also supplies color attributes to pdml and psml formats\n"); @@ -527,6 +531,22 @@ glossary_option_help(void) } static void +tshark_write_to_file(const gchar *filename, const gchar *data) +{ + int fd = ws_open(filename, O_WRONLY | O_CREAT | O_TRUNC | O_BINARY, 0644); + if (fd == -1) { + open_failure_message(filename, errno, TRUE); + return; + } + + if (ws_write(fd, data, (unsigned int)strlen(data)) < 0) { + write_failure_message(filename, errno); + } + + ws_close(fd); +} + +static void tshark_log_handler (const gchar *log_domain, GLogLevelFlags log_level, const gchar *message, gpointer user_data) { @@ -720,6 +740,7 @@ main(int argc, char *argv[]) LONGOPT_DISSECT_COMMON {"print", no_argument, NULL, 'P'}, {"export-objects", required_argument, NULL, LONGOPT_EXPORT_OBJECTS}, + {"export-tls-session-keys", required_argument, NULL, LONGOPT_EXPORT_TLS_SESSION_KEYS}, {"color", no_argument, NULL, LONGOPT_COLOR}, {"no-duplicate-keys", no_argument, NULL, LONGOPT_NO_DUPLICATE_KEYS}, {"elastic-mapping-filter", required_argument, NULL, LONGOPT_ELASTIC_MAPPING_FILTER}, @@ -756,6 +777,7 @@ main(int argc, char *argv[]) gchar *output_only = NULL; gchar *volatile pdu_export_arg = NULL; char *volatile exp_pdu_filename = NULL; + const gchar *volatile tls_session_keys_file = NULL; exp_pdu_t exp_pdu_tap_data; const gchar* elastic_mapping_filter = NULL; @@ -1503,6 +1525,9 @@ main(int argc, char *argv[]) goto clean_exit; } break; + case LONGOPT_EXPORT_TLS_SESSION_KEYS: /* --export-tls-session-keys */ + tls_session_keys_file = optarg; + break; case LONGOPT_COLOR: /* print in color where appropriate */ dissect_color = TRUE; break; @@ -2319,6 +2344,13 @@ main(int argc, char *argv[]) if (draw_taps) draw_tap_listeners(TRUE); + + if (tls_session_keys_file) { + gchar *keylist = ssl_export_sessions(); + tshark_write_to_file(tls_session_keys_file, keylist); + g_free(keylist); + } + /* Memory cleanup */ reset_tap_listeners(); funnel_dump_all_text_windows(); |