osmith
/
wireshark
forked from osmocom/wireshark
1
0
Fork 0
Code Pull Requests Releases Wiki Activity

tshark: Add option to export TLS session keys 

Add a new option --export-tls-session-keys <keyfile> to tshark
to export TLS session keys.
This commit is contained in:
Stig Bjørlykke 2021-06-04 20:42:26 +02:00
parent 577282f679
commit 2b29269f5d
2 changed files with 34 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docbook/release-notes.adoc
View File

@ -84,6 +84,8 @@ They previously shipped with Npcap 1.20.
account, as those addresses can be reused. To revert to the previous behavior and not reassemble fragments with different VLAN IDs,
turn on the "Enable stricter conversation tracking heuristics" top level protocol preference.
* tshark can now export TLS session keys with the --export-tls-session-keys option.
// === Removed Features and Support
// === Removed Dissectors

32
tshark.c
View File

@ -88,6 +88,7 @@
#include "ui/cli/tap-exportobject.h"
#include "ui/tap_export_pdu.h"
#include "ui/dissect_opts.h"
#include "ui/ssl_key_export.h"
#include "ui/failure_message.h"
#if defined(HAVE_LIBSMI)
#include "epan/oids.h"
@ -141,6 +142,7 @@
#define LONGOPT_COLOR LONGOPT_BASE_APPLICATION+2
#define LONGOPT_NO_DUPLICATE_KEYS LONGOPT_BASE_APPLICATION+3
#define LONGOPT_ELASTIC_MAPPING_FILTER LONGOPT_BASE_APPLICATION+4
#define LONGOPT_EXPORT_TLS_SESSION_KEYS LONGOPT_BASE_APPLICATION+5
capture_file cfile;
@ -465,6 +467,8 @@ print_usage(FILE *output)
fprintf(output, " --export-objects <protocol>,<destdir>\n");
fprintf(output, " save exported objects for a protocol to a directory\n");
fprintf(output, " named \"destdir\"\n");
fprintf(output, " --export-tls-session-keys <keyfile>\n");
fprintf(output, " export TLS Session Keys to a file named \"keyfile\"\n");
fprintf(output, " --color color output text similarly to the Wireshark GUI,\n");
fprintf(output, " requires a terminal with 24-bit color support\n");
fprintf(output, " Also supplies color attributes to pdml and psml formats\n");
@ -526,6 +530,22 @@ glossary_option_help(void)
fprintf(output, "\n");
}
static void
tshark_write_to_file(const gchar *filename, const gchar *data)
{
int fd = ws_open(filename, O_WRONLY | O_CREAT | O_TRUNC | O_BINARY, 0644);
if (fd == -1) {
open_failure_message(filename, errno, TRUE);
return;
}
if (ws_write(fd, data, (unsigned int)strlen(data)) < 0) {
write_failure_message(filename, errno);
}
ws_close(fd);
}
static void
tshark_log_handler (const gchar *log_domain, GLogLevelFlags log_level,
const gchar *message, gpointer user_data)
@ -720,6 +740,7 @@ main(int argc, char *argv[])
LONGOPT_DISSECT_COMMON
{"print", no_argument, NULL, 'P'},
{"export-objects", required_argument, NULL, LONGOPT_EXPORT_OBJECTS},
{"export-tls-session-keys", required_argument, NULL, LONGOPT_EXPORT_TLS_SESSION_KEYS},
{"color", no_argument, NULL, LONGOPT_COLOR},
{"no-duplicate-keys", no_argument, NULL, LONGOPT_NO_DUPLICATE_KEYS},
{"elastic-mapping-filter", required_argument, NULL, LONGOPT_ELASTIC_MAPPING_FILTER},
@ -756,6 +777,7 @@ main(int argc, char *argv[])
gchar *output_only = NULL;
gchar *volatile pdu_export_arg = NULL;
char *volatile exp_pdu_filename = NULL;
const gchar *volatile tls_session_keys_file = NULL;
exp_pdu_t exp_pdu_tap_data;
const gchar* elastic_mapping_filter = NULL;
@ -1503,6 +1525,9 @@ main(int argc, char *argv[])
goto clean_exit;
}
break;
case LONGOPT_EXPORT_TLS_SESSION_KEYS: /* --export-tls-session-keys */
tls_session_keys_file = optarg;
break;
case LONGOPT_COLOR: /* print in color where appropriate */
dissect_color = TRUE;
break;
@ -2319,6 +2344,13 @@ main(int argc, char *argv[])
if (draw_taps)
draw_tap_listeners(TRUE);
if (tls_session_keys_file) {
gchar *keylist = ssl_export_sessions();
tshark_write_to_file(tls_session_keys_file, keylist);
g_free(keylist);
}
/* Memory cleanup */
reset_tap_listeners();
funnel_dump_all_text_windows();