1e71b7053SJung-uk Kim=pod 2e71b7053SJung-uk Kim 3e71b7053SJung-uk Kim=head1 NAME 4e71b7053SJung-uk Kim 5e71b7053SJung-uk KimSSL_CTX_set_keylog_callback, SSL_CTX_get_keylog_callback, 6e71b7053SJung-uk KimSSL_CTX_keylog_cb_func - logging TLS key material 7e71b7053SJung-uk Kim 8e71b7053SJung-uk Kim=head1 SYNOPSIS 9e71b7053SJung-uk Kim 10e71b7053SJung-uk Kim #include <openssl/ssl.h> 11e71b7053SJung-uk Kim 12e71b7053SJung-uk Kim typedef void (*SSL_CTX_keylog_cb_func)(const SSL *ssl, const char *line); 13e71b7053SJung-uk Kim 14e71b7053SJung-uk Kim void SSL_CTX_set_keylog_callback(SSL_CTX *ctx, SSL_CTX_keylog_cb_func cb); 15e71b7053SJung-uk Kim SSL_CTX_keylog_cb_func SSL_CTX_get_keylog_callback(const SSL_CTX *ctx); 16e71b7053SJung-uk Kim 17e71b7053SJung-uk Kim=head1 DESCRIPTION 18e71b7053SJung-uk Kim 19e71b7053SJung-uk KimSSL_CTX_set_keylog_callback() sets the TLS key logging callback. This callback 20e71b7053SJung-uk Kimis called whenever TLS key material is generated or received, in order to allow 21e71b7053SJung-uk Kimapplications to store this keying material for debugging purposes. 22e71b7053SJung-uk Kim 23e71b7053SJung-uk KimSSL_CTX_get_keylog_callback() retrieves the previously set TLS key logging 24e71b7053SJung-uk Kimcallback. If no callback has been set, this will return NULL. When there is no 25e71b7053SJung-uk Kimkey logging callback, or if SSL_CTX_set_keylog_callback is called with NULL as 26e71b7053SJung-uk Kimthe value of cb, no logging of key material will be done. 27e71b7053SJung-uk Kim 28e71b7053SJung-uk KimThe key logging callback is called with two items: the B<ssl> object associated 29e71b7053SJung-uk Kimwith the connection, and B<line>, a string containing the key material in the 30e71b7053SJung-uk Kimformat used by NSS for its B<SSLKEYLOGFILE> debugging output. To recreate that 31e71b7053SJung-uk Kimfile, the key logging callback should log B<line>, followed by a newline. 32*b077aed3SPierre ProncheryB<line> will always be a NUL-terminated string. 33e71b7053SJung-uk Kim 34e71b7053SJung-uk Kim=head1 RETURN VALUES 35e71b7053SJung-uk Kim 36e71b7053SJung-uk KimSSL_CTX_get_keylog_callback() returns a pointer to B<SSL_CTX_keylog_cb_func> or 37e71b7053SJung-uk KimNULL if the callback is not set. 38e71b7053SJung-uk Kim 39e71b7053SJung-uk Kim=head1 SEE ALSO 40e71b7053SJung-uk Kim 41e71b7053SJung-uk KimL<ssl(7)> 42e71b7053SJung-uk Kim 43e71b7053SJung-uk Kim=head1 COPYRIGHT 44e71b7053SJung-uk Kim 45*b077aed3SPierre ProncheryCopyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved. 46e71b7053SJung-uk Kim 47*b077aed3SPierre ProncheryLicensed under the Apache License 2.0 (the "License"). You may not use 48e71b7053SJung-uk Kimthis file except in compliance with the License. You can obtain a copy 49e71b7053SJung-uk Kimin the file LICENSE in the source distribution or at 50e71b7053SJung-uk KimL<https://www.openssl.org/source/license.html>. 51e71b7053SJung-uk Kim 52e71b7053SJung-uk Kim=cut 53