From 2b29269f5d20c54beb6451fcccd0dcfd5b1b63f8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Stig=20Bj=C3=B8rlykke?= Date: Fri, 4 Jun 2021 20:42:26 +0200 Subject: tshark: Add option to export TLS session keys Add a new option --export-tls-session-keys to tshark to export TLS session keys. --- tshark.c | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) (limited to 'tshark.c') diff --git a/tshark.c b/tshark.c index c556dc3a99..83d93d008f 100644 --- a/tshark.c +++ b/tshark.c @@ -88,6 +88,7 @@ #include "ui/cli/tap-exportobject.h" #include "ui/tap_export_pdu.h" #include "ui/dissect_opts.h" +#include "ui/ssl_key_export.h" #include "ui/failure_message.h" #if defined(HAVE_LIBSMI) #include "epan/oids.h" @@ -141,6 +142,7 @@ #define LONGOPT_COLOR LONGOPT_BASE_APPLICATION+2 #define LONGOPT_NO_DUPLICATE_KEYS LONGOPT_BASE_APPLICATION+3 #define LONGOPT_ELASTIC_MAPPING_FILTER LONGOPT_BASE_APPLICATION+4 +#define LONGOPT_EXPORT_TLS_SESSION_KEYS LONGOPT_BASE_APPLICATION+5 capture_file cfile; @@ -465,6 +467,8 @@ print_usage(FILE *output) fprintf(output, " --export-objects ,\n"); fprintf(output, " save exported objects for a protocol to a directory\n"); fprintf(output, " named \"destdir\"\n"); + fprintf(output, " --export-tls-session-keys \n"); + fprintf(output, " export TLS Session Keys to a file named \"keyfile\"\n"); fprintf(output, " --color color output text similarly to the Wireshark GUI,\n"); fprintf(output, " requires a terminal with 24-bit color support\n"); fprintf(output, " Also supplies color attributes to pdml and psml formats\n"); @@ -526,6 +530,22 @@ glossary_option_help(void) fprintf(output, "\n"); } +static void +tshark_write_to_file(const gchar *filename, const gchar *data) +{ + int fd = ws_open(filename, O_WRONLY | O_CREAT | O_TRUNC | O_BINARY, 0644); + if (fd == -1) { + open_failure_message(filename, errno, TRUE); + return; + } + + if (ws_write(fd, data, (unsigned int)strlen(data)) < 0) { + write_failure_message(filename, errno); + } + + ws_close(fd); +} + static void tshark_log_handler (const gchar *log_domain, GLogLevelFlags log_level, const gchar *message, gpointer user_data) @@ -720,6 +740,7 @@ main(int argc, char *argv[]) LONGOPT_DISSECT_COMMON {"print", no_argument, NULL, 'P'}, {"export-objects", required_argument, NULL, LONGOPT_EXPORT_OBJECTS}, + {"export-tls-session-keys", required_argument, NULL, LONGOPT_EXPORT_TLS_SESSION_KEYS}, {"color", no_argument, NULL, LONGOPT_COLOR}, {"no-duplicate-keys", no_argument, NULL, LONGOPT_NO_DUPLICATE_KEYS}, {"elastic-mapping-filter", required_argument, NULL, LONGOPT_ELASTIC_MAPPING_FILTER}, @@ -756,6 +777,7 @@ main(int argc, char *argv[]) gchar *output_only = NULL; gchar *volatile pdu_export_arg = NULL; char *volatile exp_pdu_filename = NULL; + const gchar *volatile tls_session_keys_file = NULL; exp_pdu_t exp_pdu_tap_data; const gchar* elastic_mapping_filter = NULL; @@ -1503,6 +1525,9 @@ main(int argc, char *argv[]) goto clean_exit; } break; + case LONGOPT_EXPORT_TLS_SESSION_KEYS: /* --export-tls-session-keys */ + tls_session_keys_file = optarg; + break; case LONGOPT_COLOR: /* print in color where appropriate */ dissect_color = TRUE; break; @@ -2319,6 +2344,13 @@ main(int argc, char *argv[]) if (draw_taps) draw_tap_listeners(TRUE); + + if (tls_session_keys_file) { + gchar *keylist = ssl_export_sessions(); + tshark_write_to_file(tls_session_keys_file, keylist); + g_free(keylist); + } + /* Memory cleanup */ reset_tap_listeners(); funnel_dump_all_text_windows(); -- cgit v1.2.3