tonic icon indicating copy to clipboard operation
tonic copied to clipboard

Published 20 hours ago verified publisher icon hyperium

feat: optional `SSLKEYLOGFILE` support

Open crepererum opened this issue 1 year ago • 3 comments

Motivation

Using SSLKEYLOGFILE is helpful when you want to intercept TLS traffic for debugging and is generally supported by many libraries and browsers. Also see: https://wiki.wireshark.org/TLS#using-the-pre-master-secret

Solution

Add a use_key_log option to server and client TLS configs that -- when set -- will enable rustls's SSLKEYLOGFILE handling.

crepererum avatar Sep 28 '23 10:09 crepererum

Since this is mostly config wiring and relies on the already existing rustls features, does this need a test? If so, where should this test be placed?

crepererum avatar Sep 28 '23 10:09 crepererum

Seems to be related to #893.

tottoto avatar Mar 02 '24 05:03 tottoto

The solution there seems to be: just bypass tonic::transport entirely and write 100+ lines of glue-code to wire up all the components (tower, hyper, rustls) yourself. That seems doable, but somewhat defeats the purpose of tonic, i.e. having an easy-to-use client&server toolkit.

crepererum avatar Mar 04 '24 10:03 crepererum