Patchwork D6343: sslutil: add support for SSLKEYLOGFILE to wrapsocket

login
register
mail settings
Submitter phabricator
Date May 5, 2019, 3:42 a.m.
Message ID <differential-rev-PHID-DREV-svt3heat3h7lq2njfnhx-req@phab.mercurial-scm.org>
Download mbox | patch
Permalink /patch/39953/
State Superseded
Headers show

Comments

phabricator - May 5, 2019, 3:42 a.m.
durin42 created this revision.
Herald added a subscriber: mercurial-devel.
Herald added a reviewer: hg-reviewers.

REVISION SUMMARY
  I recently learned of a Firefox/Chrome feature that allows
  wiresharking otherwise-TLS'd network connections. Gloriously, there's
  a pypi module that enables this same feature on Python, so let's add
  support for it to Mercurial in case we need to wireshark some HTTPs
  connections.

REPOSITORY
  rHG Mercurial

REVISION DETAIL
  https://phab.mercurial-scm.org/D6343

AFFECTED FILES
  mercurial/sslutil.py

CHANGE DETAILS




To: durin42, #hg-reviewers
Cc: mercurial-devel

Patch

diff --git a/mercurial/sslutil.py b/mercurial/sslutil.py
--- a/mercurial/sslutil.py
+++ b/mercurial/sslutil.py
@@ -16,6 +16,7 @@ 
 
 from .i18n import _
 from . import (
+    encoding,
     error,
     node,
     pycompat,
@@ -348,6 +349,17 @@ 
     if not serverhostname:
         raise error.Abort(_('serverhostname argument is required'))
 
+    if b'SSLKEYLOGFILE' in encoding.environ:
+        try:
+            import sslkeylog
+            sslkeylog.set_keylog(pycompat.fsdecode(
+                encoding.environ[b'SSLKEYLOGFILE']))
+            ui.warn(
+                b'sslkeylog enabled by SSLKEYLOGFILE environment variable\n')
+        except ImportError:
+            ui.warn(b'sslkeylog module missing, '
+                    b'but SSLKEYLOGFILE set in environment\n')
+
     for f in (keyfile, certfile):
         if f and not os.path.exists(f):
             raise error.Abort(